last executing test programs:

39.157709934s ago: executing program 0 (id=1164):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = inotify_init1(0x0)
r1 = syz_open_dev$video4linux(0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_G_INPUT(r1, 0x80045626, &(0x7f0000000400))
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCGSID(r3, 0x5429, &(0x7f00000000c0)=<r7=>0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f00000003c0)={0x80000000, 0x6, {<r9=>r7}, {r8}, 0x4, 0x6})
r10 = syz_io_uring_complete(0x0)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000140)=ANY=[@ANYBLOB="120100009daf4920cf106780272c0102030109022b0001000000000904000002c358f50009050000ebffffff000705db224370bf09050b020000000000"], 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180), 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000001600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x43000000}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x2, 0x1}]}]}, {0x0, [0x0, 0x2e]}}, &(0x7f00000017c0)=""/4096, 0x40, 0x1000, 0x1}, 0x20)
ioctl$RNDADDENTROPY(r4, 0x40085203, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r1, @ANYRESOCT=r2, @ANYRES64=r10, @ANYRESHEX=r5, @ANYRES16=r7, @ANYRESDEC, @ANYRESDEC=r9])
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r12 = dup(r11)
fcntl$setstatus(r11, 0x4, 0x42000)
sendmsg$nl_route_sched(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0)=@newqdisc={0x24, 0x24, 0x0, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x10}}}, 0x24}}, 0xc010)
ppoll(&(0x7f00000001c0)=[{r12}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, 0x0, 0x0)
inotify_add_watch(r0, 0x0, 0x24000408)
syz_usb_connect(0x6, 0xffffff58, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x51, 0x88, 0x7e, 0x40, 0xf88, 0x3012, 0xa8b9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1a9, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x0, 0x11, 0x67, 0xa5, 0x5, [@generic={0xe3, 0x8, "01767b9c885f0b1f78c00295fc333982cc82b7ea432718aaa88168dca6264a7ea9ecfc5cedc13c11813ec676bcae1695a7d558e9a08fa3c94f07ac79b6a96dfa456374ca6ac7a38e2433919cc31ca85fe59ef0b8dad874efc8fbb90862dfc268605024f797cf14c9a4826d0e84be3df9fcbff2498d76bc1c4f8f7b0b36b0f2ace574f11ebdd1a18e3b6eb4293631b02ca592c0557d6f96d758c77b15c51b0fe96e70820b406f169800d0ac3288508f07233875558900cb3dd5dd8526066600e71e74db43642abb10f50e46cd88290ec9ae8bb60e97de2774cbcaaf91c33e507f90"}, @cdc_ncm={{0x7, 0x24, 0x6, 0x0, 0x1, "27ed"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x10001, 0x4, 0xffd5, 0xcf}, {0x6, 0x24, 0x1a, 0x5, 0x4}, [@acm={0x4}, @mdlm_detail={0x8a, 0x24, 0x13, 0x15, "e67a8f35b44460c124a8c52cf6d3d8cf85e3a315cf53454c6281774f74989b056cdd87cb043c4d29d32356255d046be92069f3bf724e33e2914059cc9292d7cdf192360ba702803b8acf30e42d1d80fa5c5ae2259d31a16a72b5e131858311b089cc454fa944aa4f8fbb55d1b958303ae02d96892e838f56f8632c18dd7709547e529668b767"}, @dmm={0x7, 0x24, 0x14, 0x4, 0xfffa}]}]}}]}}]}}, 0x0)

35.97696675s ago: executing program 0 (id=1172):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000240)={'wg2\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) (async)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
socket$alg(0x26, 0x5, 0x0) (async)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080), 0x18)
socket$alg(0x26, 0x5, 0x0) (async)
r6 = socket$alg(0x26, 0x5, 0x0)
ioctl$KDSETKEYCODE(r5, 0x4b4d, &(0x7f00000012c0)={0x2})
bind$alg(r6, 0x0, 0x0) (async)
bind$alg(r6, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, &(0x7f0000000000)=r7, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000300)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d0042c411a0b598bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab98eb1d9cc98c2a4f837c", 0x4c}], 0x1}, 0x0)
sendmsg$nl_route_sched_retired(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xb018295eacd424dc}, 0xc, &(0x7f00000000c0)={&(0x7f0000000580)=@delqdisc={0x1d0, 0x25, 0x700, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xffff, 0x8}, {0xf, 0x3}, {0x8, 0xffff}}, [@q_dsmark={{0xb}, {0x34, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x401}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8001}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x400}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x14}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x14}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1a}]}}, @q_dsmark={{0xb}, {0x2c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7fff}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x11}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xfff7}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x1}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x3a}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x14}]}}, @q_dsmark={{0xb}, {0x3c, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x76}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x101}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x8}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0xc}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xfffa}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}]}}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x40055}, 0x81)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="400000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000001002000128028000100687332001400008008000f00ca4b31258f5a38f1852edd04d4ab705ddac04b80d56ce98cfe63ebd7a5857c537a51847023d402437d7f5b1cd46fc733e2b2e683faf7466914b55b52bbde32b6c269c9d55fcaabbdce75b50f09da75c78b557a157ce35590626823c949c0dafc1b6ae298", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB], 0x40}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="400000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000001002000128028000100687332001400008008000f00ca4b31258f5a38f1852edd04d4ab705ddac04b80d56ce98cfe63ebd7a5857c537a51847023d402437d7f5b1cd46fc733e2b2e683faf7466914b55b52bbde32b6c269c9d55fcaabbdce75b50f09da75c78b557a157ce35590626823c949c0dafc1b6ae298", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB], 0x40}}, 0x0)

9.367017663s ago: executing program 2 (id=1234):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x80000037, 0x1000000, 0x0, 0x6, 0x2})
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0xf0ff)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r3, 0x0, 0x0)
r4 = syz_usb_connect(0x0, 0x202, &(0x7f0000000780)=ANY=[@ANYBLOB="1201100152018b401e040740185d000000010902f00101040000030904"], 0x0)
syz_usb_control_io$printer(r4, 0x0, &(0x7f00000006c0)={0x34, &(0x7f0000000540)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x2c}}, 0x0)
openat$mice(0xffffffffffffff9c, 0x0, 0x80040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000400)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_usb_connect(0x1, 0x2d, &(0x7f00000000c0)=ANY=[@ANYRESHEX], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
r6 = memfd_create(&(0x7f0000000340)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xa1\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?$\x1b\xa8HR\xd4^\xe1Ob\xe1YV\xeb\x91\x83;\xeb\xf1\xd0\xce\xe5\x19T\xff\x01\x00\x00\xe2\xb8\xd9\xae\xcf>/\x05\x00\x00\x00\x15\x00\xbe`\'\xcb\xb6\xaf\xe4h\xfc\x14\x06\xb5\x03\x8a\xc40\xbe\xe3\x93A\x15\xec\xdb\xaa\t9\x11A\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfc\x00\xe3\xde\x00\x00\xa8\xcbo\x90\xe1{\x84\xb5\x82t\x19\xacS\x88|\x99?\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x16\xdf\xb9q\xb6^r\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3U\xe6\xa9A\xbf\x14\xd2\b\xd8G\xb6\xab\x1c\x11\x00\xc5\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06\\\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hC\x00\x00\x00D~\xc9=\x95\xd4\x18\x97J\x1d\xb7\x11\xcbcE\x0eAU\xe6\x19*\x98}!\xde\xf1\xd3\xf7\x84\x9c\xb4\xf1\x17\xf9-\xc6\xba\xe3\xa8oz\b\xfe\xbc\x1b\xff$\xac=\xf2V**\x8f\x84Oq\xe3\xa16\x1d{f\x91\xbbBORJ\xbcm\xfb\xb0Q\x1c\xd9\x1bg\xf5\xc9p\xc5lo\x90\xb0\xd5\x90\x86\x19\xafC\xee7\x91O)\xf1\xf0\x00\x00\x00\x00\x00\x00\x00\x05t\v\x12\x03\xf5hRQ\b\x97\xc3d-\xfb\x12\x1e\xb2\xce\x9br*M\x10\xd5g\fwx\xb8\xa9\t\xc5\xf9W\x9b\x06\xcc\xa0\x1a\x03\v\x14n7\x92{\x8bH\x9d\x95\xe31\xf4hy\xf6%\xcdC\x9cT\xec57\xbd\xd5\x81\xd9\x13\xee\xdf\xef\xf3\x17H\xd2\xe3k\xe0\xe3^y\xe3\xbb(fEt\x15\xeb/\x90\xca\xde\x189\xdfN 7}|\xa8 2\xd9;\xfa\xeayZS\x10.\x8b,\xd0\x02J\xf8>\xe9\xf0\r\xc2A\xc8q\x89\"+\xa9^E94\x01\xb5\xba]\xa8\xe9\x86\xea\xe5\xbaH\x11\x8fLLJ(\xfb\x96\x15\xbb\a\xcbj\x1b\xfdL\x88\xbf\xd7\x00\x00\x00\x00\x00t\xdd\x02z\x87N\x9a\xd1\xe8\xe6\xe5\xa5\rz\\ljD\x19|\x84\x90\xaa\x91\x93\xc7\xdf\xd2\xe9h\x00\xc0kv^rY\xc7\xf5\xff\xafK6\xcb\xfa\x8c\xdf6xJ\x1f\xc5@\xa7`\x96\xe1\xa16\x92\xe1h\xd9[\xe6\x93 \x83\x9a\xa9\xf1\xe4;r6\xcb\xb0\xe2R[\x1a!\x92m:\xe7\xff\xff\xff\xfflwJ<o<\xe8;?6\x04X\xd3i\xcf\x1a\xc6P\xc4\xc8%\xc7 \x11\a\xa7S~y\xc7\x9f\n\x9a\xfe\xc4\xbd\x0f\xcb\x13\n\xaf\xd9\xb6\xcf\x1f/^\xc5\x83\x00\x00\x00\x00iT\xefU;3j\x17\xf6hi\x91\xaaL7\xf3\xa6\x98\x81|\xe5\x8ejr\x83\xf5\xd4\xb0\x94M\xf1\xa0::\xc3\xac\xff\xae\'\x14\xa2>B\x90VA\r\xde\f\tQx\xf7#K\x06\xf9U~\xacb\v\xf0u\xd2\xf8oy\x94\n\xd0\x7f\x8c\x83\x18\x90\x03\x97\xbc|U\xadn\xf3\xee\xb5P\x97;\xff9\xbcsV\x9d2n\xa4\xf8i\x1dxY\xed\xba\xeb\xf4uN\xa5\x9d\x94\x91Y\xfe\xefJO\xa0\xc1\x9b;\xb4\xaf\xfc\xa8\x1c\xa7%_)\x9cp\x8c\x86Uq\xc9\x96\xfc\xa0\x9e:\'/@\x00*!o\xe6\x99\xbc\xda:\xf8\xf8\xf5\xd3\xfe\xaa3\xe3Y\xd8\xec^\x9f\xda\xfdb {\xa75\xad\xc7:_\x1d\xdeo\xda\x1d<\x85\a\xc3!\nL\xd5\x90E\xc0\xf4otxJ?&\x96\x93~V&\xdd\xf3t\xa0R\xceNA\x81}\xd5\xbd\xa2\xcc\xe7\x9aPJ\x18|^', 0x6)
fallocate(r6, 0x0, 0x0, 0x400001)
ioctl$FS_IOC_RESVSP(r6, 0x4030582b, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x9})
sendmsg$netlink(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000003c00)=ANY=[@ANYBLOB="e00000001000090500c63703b60000000000d00008004300ff030000a90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27d08000000337c0004000000"], 0xe0}], 0x1}, 0x0)
r7 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000000), r8)
sendmsg$NLBL_CIPSOV4_C_ADD(r8, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000008c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000000100000010000c800c000b800800090000861300080001000000000008000200010000000400048004000880"], 0x3c}}, 0x0)
write$binfmt_script(r7, &(0x7f00000002c0)={'#! ', './file0', [{0x20, 'WX.^'}, {0x20, 'aYbly\r\x1a\xc5#9\x00\xc1\xa8`\x04\xb0\x98\x19\xba\r\xbf\xe4!\xf47\xc5\xdb\x16`\x89B\x1fx\xd0i\xe1/F\x00\xd3\xd8\xcd2'}]}, 0x3c)
sendmmsg$unix(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000040)="b8355f6ae57fb53cd8e7474bbaa9", 0xe}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32], 0x1e, 0x40064}}], 0x2, 0x801)

6.905685762s ago: executing program 2 (id=1245):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x1d, 0x91, 0x67, 0x20, 0x174f, 0x6a31, 0x263f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x83, 0x3c, 0x8f}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
pipe2(0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16, @ANYRES32], 0x44}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, 0x0})
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)

5.930156886s ago: executing program 3 (id=1250):
socket$nl_route(0x10, 0x3, 0x0)
r0 = timerfd_create(0x0, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$kcm(0x29, 0x5, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg\x00', 0x200})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000080)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

5.879778744s ago: executing program 0 (id=1202):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x14082, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {0x0, 0x0, 0x0, 0x2}, 0x4b, [0x0, 0x0, 0x0, 0x2b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x5, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x2, 0x0, 0x8fca], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0xa90d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket(0x40000000015, 0x5, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x20008845, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f00000000c0), 0x4)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c5610067fbc45ff810540010000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000500), 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0xc, &(0x7f00000000c0)=0x3, 0x4)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000040)={'vcan0\x00'})
shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)

5.637910564s ago: executing program 4 (id=1252):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000000000000000000000000000000000000100000000200002000a00000000000000fe8000000000000016000000000000bb000000000d0001007564703a73"], 0x6c}}, 0x0)

5.633536895s ago: executing program 3 (id=1253):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r5=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r6, 0x0, r9, 0x0, 0x8ec0, 0x4)
fcntl$setpipe(r9, 0x407, 0x0)
dup3(r7, r8, 0x0)
dup2(r8, r9)
sendmsg$nl_route_sched(r9, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newqdisc={0x24}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvmmsg(r1, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000004f80))
dup2(r0, r1)
write$binfmt_script(r1, 0x0, 0x0)

5.253776701s ago: executing program 4 (id=1254):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000240)="af", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32], 0x1e}}], 0x2, 0x801)
r2 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c, 0x80000)
getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, &(0x7f0000000180)=ANY=[@ANYBLOB="726177000000000000000000000000000000008c0000000de6cf6c64654ae5a1e99d1b9ceb9a0cfe01c4b0aa831245e74645abffc44f4cc2de358006900505521dc9162b55c16f540c4c13232e96abf01d67d3dfc8be60a1e74c7e5a6d79fd9579cb5c36284a1e6623d53cc2318f69fa37faa17777d8857bb9376205f44a91bc9cbe08b0c9e420dac9f816799a8bb20f038e2f5439f690531552ff45a0821886262563ac51"], &(0x7f00000002c0)=0xb0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x201, 0x0)
write$binfmt_misc(r3, &(0x7f00000034c0)=ANY=[@ANYBLOB="73797a304b4133ca84c36c07cb1dda6f9e194b9d9bb79991f42483cd1a9f0a"], 0x1f)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.current\x00', 0x275a, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r4, 0xc0206416, &(0x7f0000000080)={0x6, 0x3, 0xe5f, 0xc22, 0x10, 0x9})
write$binfmt_script(r4, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r5, 0x2285, 0x0)
fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r3, &(0x7f0000000180)=[{0x0, 0x0, 0x2, 0x0, @time={0x6, 0xd9}, {}, {0x0, 0x1}, @result={0x2cf9}}, {0x0, 0x0, 0xfd, 0x2, @tick=0x6, {0x3}, {}, @queue={0x5, {0xab8, 0x6}}}], 0x38)

5.184678664s ago: executing program 4 (id=1256):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000480)=@assoc_value, &(0x7f0000000040)=0x8)
r1 = socket(0x3c, 0x2, 0x400)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x2402, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000140)={0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r7, 0xee00)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
add_key$user(0x0, 0x0, &(0x7f0000000400)="c218b8fb4f2711662cda1925942565487e7d348d7cb55586a0b8af4c8b0e15dd9b6afd4307000000000000002c14db39ff5a5cc5653035257088df4796548fd6ee87ce1521c1237617d0b64d1df761b1", 0x50, 0x0)
r8 = add_key$user(&(0x7f0000000380), &(0x7f00000000c0)={'syz', 0x0}, &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r9 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r8, r9, r9}, 0x0, 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x8000003d)
fcntl$setsig(r5, 0xa, 0x21)
setreuid(0x0, r2)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000003c80)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
setgid(r10)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000020101020002000000000000000004007c00034000f80000"], 0x1c}}, 0x0)

5.041220014s ago: executing program 3 (id=1257):
socket$packet(0x11, 0x3, 0x300)
socket$inet_sctp(0x2, 0x1, 0x84)
epoll_create1(0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x1, 0x2)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ffc40bffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400210000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f0170720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/172], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = eventfd(0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

4.904492045s ago: executing program 0 (id=1258):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000000))
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, r1, 0x2, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000018000000180100002020702500000000002020207b1af8ff00000000bfa100000000000047010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r4, &(0x7f00000003c0)=ANY=[], 0xff49)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000009500000000000000d3d1cc0200daab7159d0a8dd98a2a0d700325f7df7d4f67f3f71a9be30aee62c230230ac204d5c9db8ec8538d27de6bf1174eb7528ca4397df5dca9fcee7a12ed1b14c2e13065f23de9b8df783337f85d968731df76803be3f96d574a3728f86c4bd3238a4c784915163eee5e488ac82dc9397ff1f8b9a1c77d51c500fb1212557a7555bf4c9004cce44e61f2ee5c00e04ebe9d400000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000200)={0x5, 0x2, {0xffffffffffffffff, 0x1, 0x8, 0x3, 0x6}, 0x1ff})
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$SNDCTL_SEQ_CTRLRATE(r5, 0xc0045103, &(0x7f0000000040))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000004440)='net/ptype\x00')
read$FUSE(r6, &(0x7f0000004480)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
setuid(r7)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000003c0)=@multiplanar_fd={0x7, 0x1, 0x4, 0x100000, 0x8, {0x0, 0x2710}, {0x2, 0x1, 0x10, 0x4, 0x4, 0x5, "ba75ac7d"}, 0xa3, 0x4, {&(0x7f0000000440)=[{0x10001, 0xffffff01, {r2}, 0x1}, {0x10000, 0x4, {r6}, 0x4}]}})

4.727461291s ago: executing program 3 (id=1259):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1e502d0000ecff000109022400010000300009040000010300020009210700b90122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000140)={0x0, 0x0, 0x7, {0x7, 0x0, "4047bcd11c"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000280)={0x0, 0x0, 0x10, "6278ae9f69769ad589d78bc2f919bca9"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000680)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x1, 0x17, "26d87647b478d83192b1871193503b8905a98583d6edc0"}, 0x0})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000540)={0x0, 0x88a8ffff, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32=r2, @ANYBLOB="00000a00100000001c001a80080002802d00ff0408000200f47b0c0d"], 0x44}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
socket(0x10, 0x803, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, 0x0)
socket(0x26, 0x80000, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000200)={0xac, 0x0, &(0x7f0000000800)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000740)={@ptr={0x70742a85, 0x1, &(0x7f0000000640)=""/244, 0xf4, 0x1, 0xf}, @fda={0x66646185, 0x8}, @ptr={0x70742a85, 0x1, &(0x7f00000004c0)=""/83, 0x53}}, &(0x7f00000007c0)={0x0, 0x28, 0x48}}, 0x400}, @release, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f00000005c0)={0x30, 0x30, 0x30}}}, @exit_looper, @enter_looper, @enter_looper], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, 0x0})
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r7, 0x4038ae7a, &(0x7f0000000380)={[{0x2, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x0, 0x7, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}]})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, 0x0, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

3.621643487s ago: executing program 2 (id=1261):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="31fd14cdbf819df4959b9a77a94011fd4e6e3c9650d02af50e06b13d59a007ca6ba68b9a84ab2a45e8ecc907d4ec35f7f4dc328f8190fb358aa8acc2717a4431314ff55261bcc0084313a4637ad4b8"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000000c0)=0x8, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000400)=ANY=[], 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x8000)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, 0x0, 0x50)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)=ANY=[@ANYRES16=r8, @ANYRES16=r3, @ANYBLOB="01000000000000000000660000005848eb03167dd957fb994303d00800030013ab1ce6e4b3692708f1340b91bb9bedbed87100d4fd197d8b9d632dabc5397c02d728daa820673a9f6aa48fbd0b4458715cea50e4eebe6ec1c759d5321ae36cdbe2756356409192e438429ade4afcaeafe5f3080039237907c23aabd804dd5aaa6afcd1b961ec621aab246fc8e26a9f99c2189141e887ca50fec3c9eca8a821588fb2b89fc514c9dc191ff9900f94d400"/186, @ANYRES32=r1, @ANYBLOB="080026008f0900000800b7c54e494cf4f39405431ed671336df5bd27180cddcd6d0b32fcb16deb4a571222df68dd1965c16f085190455013223c2c70a15d5ae81d19bc62950a4a3726df6d133ffdf5579f135ece9d43ad687111edcf74e0581c28df5b807763321cf4d997dd1d904659ee4ad5ab6c645965563f2bbe7435d6c6253c8d64662f09fa38df04b8a56a19d2e37b1ef802cd7d17bf4e7d504168ba0353b8d11b2ad81eed8c29b2abe0a5733ceda9bfe2ec034cebc4719e55008cf52ecb59e401426293046a55e9f34b00b7acf0f2e03667c54861b511d1546d4c86d9e2f9c3f949618bf6966261b732604c096044ad3dcfe9c1c2e8c0c1b3a50c31479f2757a7d02fabaea76e3ac83c91907624ea17bd2624cc5d6bc1739c5b79592efba10004000042090846b455790617d269aef3739e0117868e087a81e507bb96a481cf8369e6bd1755c2c5ad77944df52df671b92da272b0197a1ebd33e4c7a0643ae91c757d716c395b5eda64d2f9b2875c565a10118206ddd6b32d68745a455ed0511934682f2b9406279f8adafebc", @ANYRES16=r7], 0x50}}, 0x20008000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000), 0x0, 0x8)
rseq(0x0, 0x0, 0xfffffffffffffffd, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0)
r9 = getuid()
r10 = syz_usb_connect(0x3, 0x3f, &(0x7f0000000080)=ANY=[@ANYRESDEC=r7], 0x0)
syz_usb_control_io(r10, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r11, 0x5b14, 0x0)
setresuid(r9, r9, r9)
setuid(r9)

3.108890604s ago: executing program 4 (id=1264):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4, 0x1)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000000c0)=0x101, 0x4)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x69, &(0x7f0000000700)='/pRoc/sys/net\xc5ip2\x98\xe8\x11\xc8\xdd\x15\xcc\xd2\xf1d\'%\x11c\x91l,R\x05V\"\xf6\x13\a\xfdv\xb7=\xac\xb7\x18\x1aN\xeb>\xee\xd6h\x82\x13\x85\xdbz\xcb\x95 @Y\xa4\x927Z[\x93ryO$[\x80\xbd\x0e\x14\xf6\n,\xff\xf1\xaf\x13kc\xafd4\xf21y\xfc\t#\xaf[\x06A\xa0/\xe2'}, 0x30)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084000000000000000002000000000000000000000000000004"], 0x0, 0x3e, 0x0, 0x1}, 0x20)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="6e725f696e6f646573d30000ad0565d525994f174c233e27fc9e906006233fb89a3831db4f1706a02ca53196a07295f3f94a3e98ac8c4f49aa0c3e172e3cec1152554bff7de596bfa9820835e91be70eb2ce9bc0822d960346f39b2eca3a3fef7629abac581f8230c31081d0cc4b26b7469bcd66cc1079ff13dd1a13839967a520467947d0290ba90460e979ffea4f079394fb143cbf65f862a585ae3ad8d1b2ddc1e98700"])
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000680)={0x9, "e58985925dec6c26c098e3524c3da2151a92a06bb23879ff26773e9f3a28bb27"})
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f00000004c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}, {&(0x7f0000000100)=""/11, 0xb}, {&(0x7f0000000340)=""/166, 0xa6}, {&(0x7f0000000400)=""/140, 0x8c}], 0x4, 0x0, 0x0)
r5 = dup(r3)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000240)="b9ad020000b805000000ba000000000f30c4c1f56b03b8003000000f23d80f21f835c00000100f23f89a0b00000005013e0f01cbb9b00100000f320f63650966baf80cb8e86e868fef66bafc0cb8c67512e7ef670f01c3663e660fc7b4390d000000", 0x62}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='pstore\x00', 0x0, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89900)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r9, &(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2.490709489s ago: executing program 4 (id=1265):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x3}]}}}]}, 0x3c}}, 0xe000000000000000)

2.221692785s ago: executing program 1 (id=1266):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x201, 0x0)
write$binfmt_misc(r0, &(0x7f00000034c0)=ANY=[@ANYBLOB="73797a304b4133ca84c36c07cb1dda6f9e194b9d9bb79991f42483cd1a9f0a"], 0x1f)
write$sndseq(r0, &(0x7f0000000180)=[{0x0, 0x0, 0x2, 0x0, @time={0x6, 0xd9}, {}, {0x0, 0x1}, @result={0x2cf9}}, {0x0, 0x0, 0xfd, 0x2, @tick=0x6, {0x3}, {}, @queue={0x5, {0xab8, 0x6}}}], 0x38)

2.167525968s ago: executing program 4 (id=1267):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x10200, 0x0, 0xd004, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x38, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000000)={<r5=>0xffffffffffffffff, 0x0, 0xfffffffffffffffe})
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000800)=@security={'security\x00', 0xe, 0x4, 0x3a0, 0xffffffff, 0x1d8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x308, 0x308, 0x308, 0xffffffff, 0x4, &(0x7f0000000040), {[{{@ip={@broadcast, @loopback, 0xffffffff, 0xffffff00, 'veth0_to_batadv\x00', 'ip_vti0\x00', {}, {}, 0x11, 0x1, 0x10}, 0x0, 0x70, 0x98}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x76c5}}}, {{@uncond, 0x0, 0x100, 0x140, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0x0, 0x0, 0x1}}, @common=@set={{0x40}, {{0x1, [0x1, 0x1, 0x2, 0x2, 0x0, 0x1], 0x1, 0x2}}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x3, 0x81, {0x7a62}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@addrtype={{0x30}, {0xc47, 0x220}}, @common=@ah={{0x30}, {[0x0, 0x401]}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x2, 0x1, 0x5, 0x1, 0x0, 0x5], 0x5, 0x4}, {0x4, [0x2, 0x6, 0x6, 0x2, 0x2], 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x0}, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r7, 0x6, 0x16, &(0x7f0000000300)=[@mss, @mss, @timestamp, @timestamp, @window, @timestamp, @window, @sack_perm], 0x8)
sendto$inet(r7, &(0x7f0000000000)='%', 0x1, 0x4004001, 0x0, 0x0)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000100), 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r7, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)="a4e9778a09cadef447ba5841b2e390ede47a75297e390b5302de2aeeb89ce1ad7590257428fd039dd963ec1f402ced7d85eaba2946f77f6e", 0x38}, {&(0x7f0000000340)="916df964c8cd6452a5788a592ae70589f99d134f10c779110e6d5af91ba8632d28ef3c55a6a194ef1f", 0x29}], 0x2}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000007c0)='^', 0x1}], 0x1}}], 0x2, 0x0)
ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, 0x0)
ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0x81044804, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
lseek(r0, 0x41f2, 0x2)
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x53)

2.126694715s ago: executing program 1 (id=1268):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x14082, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {0x0, 0x0, 0x0, 0x2}, 0x4b, [0x0, 0x0, 0x0, 0x2b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x5, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x2, 0x0, 0x8fca], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0xa90d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket(0x40000000015, 0x5, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x20008845, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f00000000c0), 0x4)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c5610067fbc45ff810540010000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000500), 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0xc, &(0x7f00000000c0)=0x3, 0x4)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000040)={'vcan0\x00'})
shmget$private(0x0, 0x5000, 0x0, &(0x7f0000ffb000/0x5000)=nil)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)

1.493092155s ago: executing program 0 (id=1270):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff) (async, rerun: 64)
fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, <r1=>0x0}) (async, rerun: 64)
mkdirat(0xffffffffffffffff, &(0x7f00000003c0)='./file0/file0\x00', 0x49) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 32)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", "05e2e505", "12000700"}, 0x38) (rerun: 32)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) (async)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) (async)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58) (async)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000700)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "f5fe9c103abe0b65544e0980519f38f54dd5f87ecc377210bd44fe7e1375550831c5f6dd769f5a1d175f47a8b941c8e568ca41e8da841f4f18f1ea6b206d495119ac37c29f4b384d0a9181566cfc4a1b"}, 0xd8) (async)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000), 0x4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x28a01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (rerun: 32)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x200000, 0x0) (async)
r6 = dup(r4)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0xe, &(0x7f0000000240)="b9ad020000b805000000ba000000000f30c4c1f56b03b8003000000f23d80f21f835c00000100f23f89a0b00000005013e0f01cbb9b00100000f320f63650966baf80cb8e86e868fef66bafc0cb8c67512e7ef670f01c3663e660fc7b4390d000000", 0x62}], 0x1, 0x5e, 0x0, 0x0) (async)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000000400)=ANY=[@ANYBLOB="54b1f12c", @ANYRES16=r8], 0x18) (async)
sendmmsg$inet6(r5, &(0x7f0000001900)=[{{&(0x7f0000000240)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7fff}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000340)="2ce5eec59c", 0x5}], 0x1}}], 0x1, 0xc0c0) (async)
syz_open_procfs(r1, &(0x7f0000000080)='comm\x00') (async, rerun: 64)
ptrace$ARCH_SHSTK_DISABLE(0x1e, r1, 0x1, 0x5002) (rerun: 64)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000380)="0f30b82c008ec0f33f66b8010000000f01c1660f083ef7300f01cf803f790f01c9", 0x21}], 0x1, 0x0, 0x0, 0x0)

1.299873045s ago: executing program 0 (id=1271):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x1d, 0x91, 0x67, 0x20, 0x174f, 0x6a31, 0x263f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x83, 0x3c, 0x8f}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
pipe2(0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16, @ANYRES32], 0x44}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, 0x0})
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)

1.050835038s ago: executing program 1 (id=1272):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000002c0)=[@window, @mss, @window, @window={0x3, 0xffa6}, @sack_perm, @timestamp, @timestamp, @timestamp], 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000006240)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000037c0)="e154293b", 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000007c0)="a0", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000005900)=[{&(0x7f0000000d80)="cbc815228efe009974a24b84ac94e5dc3869e87a60c5aed3988c42880f91bf93935585ea2bb33e3300886a66d164f3fb8c4ea8baa358a8bac529081b3953b82310baf40ed084", 0x46}, {&(0x7f0000001900)="46099a98338907711e2787de210fa03c768007259bfc03389ff9e22115c35aebd85b8e0246f9e19e646f7d362a7e8781c53093185ee505fef92ca73d93d4fe501e3e5e3b6a0ed36c138bfb91cd9af8bb587cd2d83ec851ff863bbe9b217bfeefa181132e2b6eff9c9466de715b0cb272c0258f8a3d5bc6a6790e89db63456e998ea4984616507cdc388f0d5660b409700887776332200e5bd8968da93940", 0x9e}, {&(0x7f00000057c0)="9c712267b2680506e2f655478a80d91340d97e3ea7eb67355d5396dba638163ee9cfa9308585d12a1af22e900ba3eb6ad6fc36c773424c71e4c9a329dd39f3ee4b8fcb7c2f87d66fefc7fe90df27ad3504efde82e8d975e27c4c48c9c9f24109d25328c37a4f1f4461f00077256dd7a327cfb061fe34b9880121e27bfc507bd35cf36e74502eca263f930fc01d8fad2f14ad3c89b766e88bb2a0a7535368abee", 0xa0}, {&(0x7f0000005880)="af9e8c302cf8560983e68ff3e4708775224f65e624f8a1fde70c4e82f90d427b5558e75ff1b4a1b4dab6d045b3880d764da3328004229a034990a0bc16025f270e282997074129a30ba6a3557ea9cb32d8aa3b5af61c23ce416f14edbac6262c8da855b4d28e2af08449a8677f6e0156bd441cf638e3c72cfd3c", 0x7a}, {&(0x7f0000000e00)="b991003e55ac4a3dca94c891957cab6167888686a88a1cddf02d9e", 0x1b}], 0x5}}, {{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f0000005a40)="dc68a1b11b8b09e8064dd62676c89d0945173466efef01109a102328d363953d379ea10262e6904f94dcbd5c6b852d08e48350106a474df31e181796", 0x3c}, {&(0x7f0000005a80)="914555f94f0d1891b30a056732d3ae47243ac8dbfd9e84d6fd7f08bbff29c0840dabd6c20d8849c4030133dd7759918759d4d6b67835a2a8a1418a536f2f4197ef8158c481d11266eda91abd0c142622c4af7fbc7809f6c293dce53641ac164fe5f1adf1683a2b6c698c9e65f5dfa7dbf0912a4c6b823849e9929d2dc5bde0b05c16542238afae7c1fae44cf5c05fc2558c6a6f70e002e0b50faad9ed70284c3abea478e52be657b8ecbaa3dff93b8ba81a875", 0xb3}, {&(0x7f0000006880)="c24ef1a3f9acdfe8373ceb25ef870f02b93c619225afa711c6f448f73241fe4536a5d0a74e23da7032279580faa4fc05e61f5e9bd7d789a9826ba58cc4ca4282274c27e8b5b4df5373180efa2674a0531c077468fb09fa2632dd8e1ec2414f21640732c9e182f2f3a8143b40016b7628fdcc2f69b934e348852e8e52bf5d041d20f76fa72ea524b7c6ede396d308e2d1bd4f7d130bd617cd499028ac18ea7c01330124ca5c9944521b1ab802a308fdda321b520786a7923b4786ee95fdb7bd247aab07f4bedd3f9990914604023cc8ebd1f709ead1f73de4d3f7199eb3d96bc57e7ed552f7859c0467816ab19db255adb41c2d8648125c7bdfcfb988fe67ab1f41b4f737e654478b48ab98f9e65ff87d17c4a4aee715a317ccff68e861ab812ebc4a3ca0e8d1f9e4dc5bbdd98caeed60acbf2c5650d83fb86160c64a756dab504cf2fee3f8b8c2a475e7e2c2e4cdf11e5163936cc2960a24e9517d153014ed0336708538a8d7729bd84e699806c98f2648dacfcfd32799275998043c519b7b9950d12fc5a6f0d2854be8151fa1533ac1798c7c9caf122974c83134318af120f968a361ae98508ba9139e8977ba307b300b3968569d0be0698ce4f6b6a127defa5a3ad65131462ba0e61e49fb1e477cc025ad897e4d4f65986d6648be3aa5e56a2d5c4b791a138f2d662cbc9b70c640586e993ce2671ea860b3e63ee2ba9474e98a9a536e325f62416c8dc021c229d415ace01aed168e30381c72f7037c1fa9e110b4f1696bc7c6002d2021a1981027a1dc001a98a6e4f752ab8252ccdabbb93e5a5a5d0458d59beaa2a8ee1808dae8391bf630fe76b072434dea849953e276b36d43068c19a17f4160d5776d9d4017a73f9703abe74fe9399020459bda050fc5cc18821ef2ae97cc4eef18fee14da062b8af6c079d309955f0f175daeae4d6620ea17531518f669c8cd72c5ba52b453c01dd0c5cb79277be86a2bc4cb90a52df373e0249d88ffe887ec724f7221750dcc689a48f85148fb1cf7571085922649cb79555b72471072c8651fd1cc61c77a2b9ab70564f32e0d8be8fd8d485ecc773599263997bab71c37b6ce9e1eab76fa704dca2d915c59aaac85a22bed9804d4ec1b3d5d8ca5527c1ca6377fa3f450a7ad8199fc361a9ac99f847bfd57b03d5a620b253121e42e95ed41533f07e30686e5b87e1a517b5507ab95b30ec80b4f92aee132d1653be3bbbefe6e46bf94b5f8e7811f2eea1bdb84b41c9bed8191f6fd3f27c38eb7ce133c5944ef9d24ac765bc84f96ed2f63266f82c15398e6c8d9eec55b79264bf5fd50e3cd2b459a7db0327c5a10e37c85bb350ee0aed5d70932e7cad8615b434292e4f0cf03ac31648309aba070dd57072b75821820475929db1a0adf64f4b805899db99e594135c94e3de29343205c94de6d05dbb82870ee616df451a5908a7dbdbf47647069205011dd3adc1e901a45c14fea771238a09c9b1c9e2da2dd320406681c911564005554073fc4b3222282fee95281221b1a024af38d72492b9d6f0d713c5b4e3309bbb5c443f5d95ba30c7a39d4512f7ed84f319f209aef6130579f6bc077a7df31554caa60b090044a483f6582de7e9618aa22d6f436a7a5eb667bde66c626b56e840c04cd30c15ded07433de47e61ad48d0406c016e2fdc7a7921d08a01a2d426855c7b9e285b5081532a322f9c16b073c1e8e706acc2d27d9479d142565778a9e873a6e13b031fd031d62bf6f528c15c9250efcb33c250084083f05473a80e6c33300695019fdec7b1aad89cc0fbf7ef732f6f27f9e6583942fea73a78a1628b2532317bd5177109b1e9962963393c09d57e15411af0bc291a2e592c6cc6845a159a57752866ab3e8aff136f63a1ab0626af2f80952025794305b74e6262ee8ce17c768e3477be1ecb7c895a29e", 0x55a}], 0x3}}], 0x4, 0x4008095) (fail_nth: 4)

994.425698ms ago: executing program 3 (id=1273):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_netdev_private(r0, 0x8924, &(0x7f0000000500))

845.469575ms ago: executing program 1 (id=1274):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl2\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2b, 0x4, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @rand_addr=0x64010102, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x10000}, {@broadcast}, {@empty, 0xcd3}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0xfd, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@initdev={0xac, 0x1e, 0x1, 0x0}}, {@rand_addr=0x64010101}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0xdc, [@remote, @multicast1]}]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
dup(r0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x10d000})
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
close(r2)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000040)={0x57, 0xa, 0x0, "3258c546dacccfae1e008faa00000000f4ff4000"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x4001, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001f00)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000380)='syzkaller\x00'}, 0x90)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
socket$inet6(0xa, 0x6, 0x0)

741.767744ms ago: executing program 3 (id=1275):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @null, 0x1}, [@null, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @null]}, 0x48)
connect$ax25(r3, &(0x7f0000000000)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f0000003700)={0x0, 0x7000004, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r5, @ANYBLOB="0a000600080211000001000006006600c78800001c0033"], 0x4c}}, 0x0)
syz_usb_connect$cdc_ecm(0x1, 0x56, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024400010100000b090400001602020000052406000005240000000d240f0100000000000000000009058103400000000009058202000200000009050302400200000097d51fd639ed9d992b2bd72b185752bfe97cf4f068f7e5"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
socketpair(0x8, 0x1, 0x4, &(0x7f0000000180)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$EXT4_IOC_MIGRATE(r6, 0x6609)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r7 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r7, &(0x7f0000000380)='./file1\x00', r7, &(0x7f0000000200)='./file0\x00', 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100009c003110c21542002f850102030109021b00010000400009045a00007874be000a2401000000020102"], 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r9, 0x4068aea3, &(0x7f0000000580)={0x8f, 0x300})
open(&(0x7f00000001c0)='./file2\x00', 0x24d40, 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000001640)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500240600fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="90c20003907800001e0aa3007f0000010000080400ad0000"], 0x0)

720.366984ms ago: executing program 1 (id=1276):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

505.738878ms ago: executing program 1 (id=1277):
open(&(0x7f00000000c0)='./file0\x00', 0x60c2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r4, &(0x7f00000003c0)=""/57, 0x39)
getdents64(r4, 0xfffffffffffffffe, 0x29)
openat$cgroup_int(r1, 0x0, 0x2, 0x0)
chdir(0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x80038, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x0)

438.173737ms ago: executing program 2 (id=1278):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x201, 0x0)
write$binfmt_misc(r0, &(0x7f00000034c0)=ANY=[@ANYBLOB="73797a304b4133ca84c36c07cb1dda6f9e194b9d9bb79991f42483cd1a9f0a"], 0x1f)
write$sndseq(r0, &(0x7f0000000180)=[{0x0, 0x0, 0x2, 0x0, @time={0x6, 0xd9}, {}, {0x0, 0x1}, @result={0x2cf9}}, {0x0, 0x0, 0xfd, 0x2, @tick=0x6, {0x3}, {}, @queue={0x5, {0xab8, 0x6}}}], 0x38)

352.362314ms ago: executing program 2 (id=1279):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000140))

0s ago: executing program 2 (id=1280):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x30000)
mmap$qrtrtun(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10010, r1, 0x4)
r2 = io_uring_setup(0x2d76, &(0x7f0000000200)={0x0, 0xfcb2, 0x40, 0x3, 0xbc, 0x0, r0})
syz_io_uring_setup(0x80001882, &(0x7f0000000180)={0x0, 0x2, 0x8, 0x80000, 0x11d, 0x0, r2}, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000fddbdf251400000018000180140002006e657464657673696d3000000000000008001400adf4b75c080010000000000008000f000000010008000e"], 0x4c}}, 0x0)
unshare(0x22020400)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="98000f0002007f", @ANYRES32=r5, @ANYBLOB="00000000000000209500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8}, 0x90)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002f40), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r6, 0x40085112, &(0x7f0000000040)=@t={0x81, 0x3})
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x4})

kernel console output (not intermixed with test programs):

.463645][ T8925] IPVS: using max 23 ests per chain, 55200 per kthread
[  414.474913][ T5265] usb usb4-port1: attempt power cycle
[  414.933287][ T5265] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  414.968573][ T8939] tipc: Enabling <eth:lo> not permitted
[  414.981229][ T8939] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  415.003730][ T5265] usb 4-1: device descriptor read/8, error -71
[  415.040062][ T8934] overlay: Unknown parameter 'euid<00000000000000000000'
[  415.161583][ T8944] netlink: 'syz.0.828': attribute type 6 has an invalid length.
[  415.415461][ T5269] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  416.593110][  T942] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  416.626293][ T8960] netlink: 24 bytes leftover after parsing attributes in process `syz.3.832'.
[  416.644593][ T5269] usb 5-1: Using ep0 maxpacket: 16
[  416.682546][ T5269] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  416.702978][ T5269] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.714960][ T5269] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  416.725720][ T5269] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.736837][ T5269] usb 5-1: config 0 descriptor??
[  416.824856][  T942] usb 1-1: Using ep0 maxpacket: 32
[  416.843663][  T942] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  416.861185][  T942] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.869633][  T942] usb 1-1: Product: syz
[  416.874854][  T942] usb 1-1: Manufacturer: syz
[  416.880287][  T942] usb 1-1: SerialNumber: syz
[  416.890658][  T942] usb 1-1: config 0 descriptor??
[  416.893096][   T25] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  416.898986][  T942] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  416.973006][    T9] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  417.093063][   T25] usb 3-1: Using ep0 maxpacket: 32
[  417.114916][   T25] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  417.128773][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.137948][   T25] usb 3-1: Product: syz
[  417.142991][   T25] usb 3-1: Manufacturer: syz
[  417.152929][   T25] usb 3-1: SerialNumber: syz
[  417.175040][   T25] usb 3-1: config 0 descriptor??
[  417.211450][   T25] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  417.246265][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  417.262998][    T9] usb 2-1: too many configurations: 199, using maximum allowed: 8
[  417.272098][    T9] usb 2-1: unable to read config index 0 descriptor/start: -71
[  417.288017][    T9] usb 2-1: can't read configurations, error -71
[  417.365985][ T5269] usb 5-1: string descriptor 0 read error: -71
[  417.402703][ T5269] usb 5-1: Max retries (5) exceeded reading string descriptor 200
[  417.411567][ T5269] letsketch 0003:6161:4D15.000B: probe with driver letsketch failed with error -32
[  417.427959][ T5269] usb 5-1: USB disconnect, device number 23
[  418.393444][   T54] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  418.402506][   T54] Bluetooth: hci5: Injecting HCI hardware error event
[  418.413948][ T5230] Bluetooth: hci5: hardware error 0x00
[  418.463669][ T8979] netlink: 44 bytes leftover after parsing attributes in process `syz.3.840'.
[  418.487105][ T8979] netlink: 43 bytes leftover after parsing attributes in process `syz.3.840'.
[  418.512085][ T8979] netlink: 'syz.3.840': attribute type 6 has an invalid length.
[  418.566424][ T8979] netlink: 43 bytes leftover after parsing attributes in process `syz.3.840'.
[  418.667408][  T942] gspca_stk1135: reg_w 0x200 err -71
[  418.672028][ T8987] vivid-000: disconnect
[  418.768095][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  418.768616][ T8992] netlink: 28 bytes leftover after parsing attributes in process `syz.1.842'.
[  418.860407][  T942] gspca_stk1135: Sensor write failed
[  418.875777][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  418.914167][  T942] gspca_stk1135: Sensor write failed
[  418.971110][   T25] gspca_stk1135: reg_w 0x200 err -71
[  418.982625][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  418.993989][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  419.000628][  T942] gspca_stk1135: Sensor read failed
[  419.012187][   T25] gspca_stk1135: Sensor write failed
[  419.028510][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.035236][   T25] gspca_stk1135: Sensor write failed
[  419.040619][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.051856][   T25] gspca_stk1135: Sensor read failed
[  419.058769][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.070555][   T25] gspca_stk1135: Sensor read failed
[  419.078847][   T25] gspca_stk1135: Detected sensor type unknown (0x0)
[  419.089722][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.096797][   T25] gspca_stk1135: Sensor read failed
[  419.107858][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.116728][   T25] gspca_stk1135: Sensor read failed
[  419.129950][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.137171][   T25] gspca_stk1135: Sensor write failed
[  419.142708][   T25] gspca_stk1135: serial bus timeout: status=0x00
[  419.153857][ T8982] vivid-000: reconnect
[  419.159127][   T25] gspca_stk1135: Sensor write failed
[  419.162847][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  419.178703][   T25] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  419.239785][   T25] usb 3-1: USB disconnect, device number 26
[  419.255992][  T942] gspca_stk1135: Sensor read failed
[  419.281508][  T942] gspca_stk1135: Detected sensor type unknown (0x0)
[  419.316789][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  419.325627][  T942] gspca_stk1135: Sensor read failed
[  419.331046][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  419.345935][  T942] gspca_stk1135: Sensor read failed
[  419.374131][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  419.380535][  T942] gspca_stk1135: Sensor write failed
[  419.421837][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  419.432489][ T8995] netlink: 48 bytes leftover after parsing attributes in process `syz.0.843'.
[  419.441815][  T942] gspca_stk1135: Sensor write failed
[  419.447367][  T942] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71
[  419.454291][ T8997] netlink: 72 bytes leftover after parsing attributes in process `syz.4.844'.
[  419.458580][ T8995] netlink: 'syz.0.843': attribute type 1 has an invalid length.
[  419.480096][  T942] usb 1-1: USB disconnect, device number 16
[  419.490752][ T8995] netlink: 224 bytes leftover after parsing attributes in process `syz.0.843'.
[  419.721220][ T9004] FAULT_INJECTION: forcing a failure.
[  419.721220][ T9004] name failslab, interval 1, probability 0, space 0, times 0
[  419.734134][ T9004] CPU: 0 UID: 0 PID: 9004 Comm: syz.4.846 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  419.744737][ T9004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  419.754789][ T9004] Call Trace:
[  419.758069][ T9004]  <TASK>
[  419.760995][ T9004]  dump_stack_lvl+0x241/0x360
[  419.765680][ T9004]  ? __pfx_dump_stack_lvl+0x10/0x10
[  419.770880][ T9004]  ? __pfx__printk+0x10/0x10
[  419.775470][ T9004]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  419.781022][ T9004]  ? __pfx___might_resched+0x10/0x10
[  419.786311][ T9004]  should_fail_ex+0x3b0/0x4e0
[  419.790988][ T9004]  ? sk_prot_alloc+0x58/0x210
[  419.795660][ T9004]  should_failslab+0xac/0x100
[  419.800335][ T9004]  ? sk_prot_alloc+0x58/0x210
[  419.805006][ T9004]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  419.810380][ T9004]  sk_prot_alloc+0x58/0x210
[  419.814970][ T9004]  ? sk_alloc+0x26/0x370
[  419.819283][ T9004]  sk_alloc+0x38/0x370
[  419.823380][ T9004]  inet6_create+0x6d4/0x1100
[  419.828008][ T9004]  ? inet6_create+0x78/0x1100
[  419.832706][ T9004]  ? __sock_create+0x337/0x920
[  419.837475][ T9004]  __sock_create+0x490/0x920
[  419.842088][ T9004]  mptcp_subflow_create_socket+0x132/0xdf0
[  419.847894][ T9004]  ? mark_lock+0x9a/0x350
[  419.852231][ T9004]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  419.858551][ T9004]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  419.865148][ T9004]  __mptcp_nmpc_sk+0x178/0x800
[  419.869915][ T9004]  ? __local_bh_enable_ip+0x168/0x200
[  419.875374][ T9004]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  419.880667][ T9004]  mptcp_setsockopt+0x1624/0x3bc0
[  419.885786][ T9004]  ? __pfx_mptcp_setsockopt+0x10/0x10
[  419.891170][ T9004]  ? __pfx_lock_acquire+0x10/0x10
[  419.896280][ T9004]  ? __fget_files+0x29/0x470
[  419.900864][ T9004]  ? __mutex_unlock_slowpath+0x21d/0x750
[  419.906498][ T9004]  ? sock_common_setsockopt+0x37/0xc0
[  419.911876][ T9004]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  419.917770][ T9004]  do_sock_setsockopt+0x3af/0x720
[  419.922802][ T9004]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  419.928354][ T9004]  ? __fget_files+0x29/0x470
[  419.932949][ T9004]  ? __fget_files+0x3f6/0x470
[  419.937630][ T9004]  __sys_setsockopt+0x1ae/0x250
[  419.942511][ T9004]  __x64_sys_setsockopt+0xb5/0xd0
[  419.947530][ T9004]  do_syscall_64+0xf3/0x230
[  419.952026][ T9004]  ? clear_bhb_loop+0x35/0x90
[  419.956787][ T9004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.962668][ T9004] RIP: 0033:0x7fae00d779f9
[  419.967074][ T9004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.986676][ T9004] RSP: 002b:00007fae01b58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  419.995175][ T9004] RAX: ffffffffffffffda RBX: 00007fae00f06058 RCX: 00007fae00d779f9
[  420.003138][ T9004] RDX: 000000000000000f RSI: 0000000000000001 RDI: 0000000000000009
[  420.011096][ T9004] RBP: 00007fae01b58090 R08: 0000000000000004 R09: 0000000000000000
[  420.019059][ T9004] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  420.027025][ T9004] R13: 0000000000000000 R14: 00007fae00f06058 R15: 00007ffc9981cd78
[  420.035454][ T9004]  </TASK>
[  420.473183][ T5230] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  420.862922][  T942] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  421.045281][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.097682][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  421.130102][  T942] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  421.147901][  T942] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  421.175827][  T942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.205483][  T942] usb 3-1: config 0 descriptor??
[  421.525352][    T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  421.619939][ T9011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.628745][ T9011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.733605][    T9] usb 5-1: Using ep0 maxpacket: 32
[  421.759279][    T9] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  421.778803][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.790154][    T9] usb 5-1: Product: syz
[  421.799586][    T9] usb 5-1: Manufacturer: syz
[  421.809723][    T9] usb 5-1: SerialNumber: syz
[  421.821278][    T9] usb 5-1: config 0 descriptor??
[  421.833308][    T9] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  421.993229][  T945] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  422.368120][    T9] gspca_stk1135: reg_w 0x2 err -110
[  422.550267][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.561090][    T9] gspca_stk1135: Sensor write failed
[  422.570134][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.634864][    T9] gspca_stk1135: Sensor write failed
[  422.643695][  T945] usb 1-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  422.663954][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.670655][  T945] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.702843][    T9] gspca_stk1135: Sensor read failed
[  422.709981][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.724081][  T945] usb 1-1: config 0 descriptor??
[  422.742983][    T9] gspca_stk1135: Sensor read failed
[  422.781828][    T9] gspca_stk1135: Detected sensor type unknown (0x0)
[  422.807834][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.831445][    T9] gspca_stk1135: Sensor read failed
[  422.844408][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.874916][    T9] gspca_stk1135: Sensor read failed
[  422.906553][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  422.916283][    T9] gspca_stk1135: Sensor write failed
[  423.143429][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  423.163323][  T945] kaweth 1-1:0.0: Firmware present in device.
[  423.174653][    T9] gspca_stk1135: Sensor write failed
[  423.181196][    T9] stk1135 5-1:0.0: probe with driver stk1135 failed with error -110
[  423.518842][  T945] kaweth 1-1:0.0: Statistics collection: 0
[  423.536538][  T945] kaweth 1-1:0.0: Multicast filter limit: 0
[  423.544742][  T945] kaweth 1-1:0.0: MTU: 0
[  423.549857][  T945] kaweth 1-1:0.0: Read MAC address 00:00:00:00:00:00
[  423.842667][  T942] usbhid 3-1:0.0: can't add hid device: -71
[  423.849567][  T942] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  423.863163][  T942] usb 3-1: USB disconnect, device number 27
[  424.903912][  T945] kaweth 1-1:0.0: kaweth interface created at eth1
[  425.045638][  T942] usb 5-1: USB disconnect, device number 24
[  425.212547][   T29] audit: type=1804 audit(1723398243.275:126): pid=9032 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.854" name="/newroot/13/bus/file0" dev="overlay" ino=95 res=1 errno=0
[  425.235376][ T9032] evm: overlay not supported
[  425.276204][ T5266] usb 1-1: USB disconnect, device number 17
[  426.602930][  T942] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  427.617223][  T942] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  427.653642][  T942] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  427.697006][ T9094] syz.1.868 uses obsolete (PF_INET,SOCK_PACKET)
[  427.703305][  T942] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  427.703346][  T942] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.760925][ T9071] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  427.770623][  T942] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  427.819173][ T9095] 9pnet_fd: p9_fd_create_tcp (9095): problem connecting socket to 127.0.0.1
[  427.878089][ T9094] netlink: 'syz.1.868': attribute type 5 has an invalid length.
[  427.942901][ T8975] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  428.162956][ T8975] usb 3-1: Using ep0 maxpacket: 32
[  428.176748][ T8975] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  428.198537][ T9098] netlink: 8 bytes leftover after parsing attributes in process `syz.4.870'.
[  428.212930][ T8975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.236393][ T8975] usb 3-1: Product: syz
[  428.241159][ T8975] usb 3-1: Manufacturer: syz
[  428.251501][ T8975] usb 3-1: SerialNumber: syz
[  428.270369][ T8975] usb 3-1: config 0 descriptor??
[  428.286242][ T8975] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  428.307362][ T5296] usb 4-1: USB disconnect, device number 15
[  428.653545][   T29] audit: type=1326 audit(1723398246.725:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.681745][   T29] audit: type=1326 audit(1723398246.725:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.711052][   T29] audit: type=1326 audit(1723398246.775:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.740715][   T29] audit: type=1326 audit(1723398246.775:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.789363][   T29] audit: type=1326 audit(1723398246.775:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.817020][   T29] audit: type=1326 audit(1723398246.775:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.846301][   T29] audit: type=1326 audit(1723398246.775:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.873707][   T29] audit: type=1326 audit(1723398246.775:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.902554][   T29] audit: type=1326 audit(1723398246.775:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9109 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  428.999201][  T942] libceph: connect (1)[c::]:6789 error -101
[  429.005795][  T942] libceph: mon0 (1)[c::]:6789 connect error
[  429.019640][ T5230] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  429.283840][  T942] libceph: connect (1)[c::]:6789 error -101
[  429.303464][  T942] libceph: mon0 (1)[c::]:6789 connect error
[  429.833628][ T8975] gspca_stk1135: reg_w 0xd err -110
[  429.840126][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  429.941013][ T9112] ceph: No mds server is up or the cluster is laggy
[  429.941578][ T8975] gspca_stk1135: Sensor write failed
[  429.953520][  T945] libceph: connect (1)[c::]:6789 error -101
[  429.964112][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  429.970649][ T8975] gspca_stk1135: Sensor write failed
[  429.976301][  T945] libceph: mon0 (1)[c::]:6789 connect error
[  429.982914][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  430.031941][ T8975] gspca_stk1135: Sensor read failed
[  430.062943][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  430.081263][ T8975] gspca_stk1135: Sensor read failed
[  430.096591][ T8975] gspca_stk1135: Detected sensor type unknown (0x0)
[  430.103612][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  430.118310][ T8975] gspca_stk1135: Sensor read failed
[  430.139894][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  430.169377][ T8975] gspca_stk1135: Sensor read failed
[  430.189351][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  430.208068][ T8975] gspca_stk1135: Sensor write failed
[  430.221813][ T8975] gspca_stk1135: serial bus timeout: status=0x00
[  430.223024][ T5266] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  430.228493][ T8975] gspca_stk1135: Sensor write failed
[  430.241876][ T8975] stk1135 3-1:0.0: probe with driver stk1135 failed with error -110
[  430.463062][ T5266] usb 4-1: Using ep0 maxpacket: 8
[  430.499446][ T5266] usb 4-1: New USB device found, idVendor=2040, idProduct=7300, bcdDevice=db.79
[  430.539266][ T5266] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.591595][ T5266] usb 4-1: Product: syz
[  430.615863][ T5266] usb 4-1: Manufacturer: syz
[  430.637425][ T5266] usb 4-1: SerialNumber: syz
[  430.673969][ T5266] usb 4-1: config 0 descriptor??
[  430.708954][ T5266] pvrusb2: Hardware description: WinTV HVR-1900 Model 73xxx
[  430.828411][ T9143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'.
[  430.979646][ T2038] usb 4-1: Direct firmware load for v4l-pvrusb2-73xxx-01.fw failed with error -2
[  431.014242][ T2038] usb 4-1: Falling back to sysfs fallback for: v4l-pvrusb2-73xxx-01.fw
[  431.016008][ T5266] usb 4-1: USB disconnect, device number 16
[  431.185460][ T9153] netlink: 24 bytes leftover after parsing attributes in process `syz.0.883'.
[  431.726346][ T8975] usb 3-1: USB disconnect, device number 28
[  431.842928][  T942] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  432.002903][  T942] usb 2-1: device descriptor read/64, error -71
[  432.900729][  T942] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  433.436465][ T9183] vivid-000: disconnect
[  433.442651][ T8975] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  433.516954][  T942] usb 2-1: device descriptor read/64, error -71
[  433.652931][ T8975] usb 3-1: Using ep0 maxpacket: 8
[  433.657017][  T942] usb usb2-port1: attempt power cycle
[  433.669250][ T8975] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  433.689440][ T9173] vivid-000: reconnect
[  433.695728][ T8975] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.731197][ T8975] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  433.762026][ T8975] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.40
[  433.771207][ T8975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.795869][ T8975] usb 3-1: Product: syz
[  433.804684][ T8975] usb 3-1: Manufacturer: syz
[  433.835059][ T8975] usb 3-1: SerialNumber: syz
[  434.073662][  T942] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  434.076416][ T8975] usbhid 3-1:1.0: can't add hid device: -22
[  434.093951][ T8975] usbhid 3-1:1.0: probe with driver usbhid failed with error -22
[  434.113845][  T942] usb 2-1: device descriptor read/8, error -71
[  434.349140][ T9167] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.357850][ T9167] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.393582][  T942] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  434.494158][  T945] usb 3-1: USB disconnect, device number 29
[  434.519615][  T942] usb 2-1: device descriptor read/8, error -71
[  434.535627][ T9201] overlayfs: workdir and upperdir must be separate subtrees
[  434.656117][  T942] usb usb2-port1: unable to enumerate USB device
[  435.619675][ T9233] FAULT_INJECTION: forcing a failure.
[  435.619675][ T9233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.669655][ T9233] CPU: 1 UID: 0 PID: 9233 Comm: syz.2.905 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  435.681951][ T9233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  435.694876][ T9233] Call Trace:
[  435.698456][ T9233]  <TASK>
[  435.701484][ T9233]  dump_stack_lvl+0x241/0x360
[  435.706206][ T9233]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.711961][ T9233]  ? __pfx__printk+0x10/0x10
[  435.716597][ T9233]  ? __pfx_lock_release+0x10/0x10
[  435.721635][ T9233]  should_fail_ex+0x3b0/0x4e0
[  435.726416][ T9233]  _copy_from_user+0x2f/0xe0
[  435.731207][ T9233]  copy_msghdr_from_user+0xae/0x680
[  435.736491][ T9233]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  435.742326][ T9233]  __sys_sendmsg+0x23d/0x3a0
[  435.746936][ T9233]  ? __pfx___sys_sendmsg+0x10/0x10
[  435.752041][ T9233]  ? vfs_write+0x7c4/0xc90
[  435.756472][ T9233]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  435.762799][ T9233]  ? do_syscall_64+0x100/0x230
[  435.767583][ T9233]  ? do_syscall_64+0xb6/0x230
[  435.772276][ T9233]  do_syscall_64+0xf3/0x230
[  435.776783][ T9233]  ? clear_bhb_loop+0x35/0x90
[  435.781455][ T9233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.787349][ T9233] RIP: 0033:0x7f7886f779f9
[  435.791751][ T9233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.811439][ T9233] RSP: 002b:00007f7887d4a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  435.820261][ T9233] RAX: ffffffffffffffda RBX: 00007f7887105f80 RCX: 00007f7886f779f9
[  435.828364][ T9233] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  435.836522][ T9233] RBP: 00007f7887d4a090 R08: 0000000000000000 R09: 0000000000000000
[  435.844498][ T9233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.852547][ T9233] R13: 0000000000000000 R14: 00007f7887105f80 R15: 00007ffd4df7ab88
[  435.860627][ T9233]  </TASK>
[  435.863733][    C1] vkms_vblank_simulate: vblank timer overrun
[  435.887368][ T5296] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  435.927857][ T9230] vivid-000: disconnect
[  436.118418][ T5296] usb 2-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  436.149981][ T5296] usb 2-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[  436.159179][ T5296] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  436.170390][ T9216] vivid-000: reconnect
[  436.174708][ T5296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.561585][ T9252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.912'.
[  436.570474][ T9252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.912'.
[  436.623164][  T942] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  436.778481][ T9255] fuse: Unknown parameter 'vd½0x0000000000000008'
[  436.844414][  T942] usb 3-1: Using ep0 maxpacket: 8
[  436.864967][  T942] usb 3-1: too many configurations: 99, using maximum allowed: 8
[  436.901616][  T942] usb 3-1: unable to read config index 0 descriptor/start: -61
[  436.913088][  T942] usb 3-1: can't read configurations, error -61
[  436.985098][    T8] libceph: connect (1)[c::]:6789 error -101
[  437.007031][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  437.058589][    T8] libceph: connect (1)[c::]:6789 error -101
[  437.067664][ T5296] usb 2-1: string descriptor 0 read error: -71
[  437.081097][ T5296] usb 2-1: USB disconnect, device number 37
[  437.081731][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  437.095894][  T942] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  437.303019][  T942] usb 3-1: Using ep0 maxpacket: 8
[  437.322307][  T942] usb 3-1: too many configurations: 99, using maximum allowed: 8
[  437.357541][  T942] usb 3-1: unable to read config index 0 descriptor/start: -61
[  437.379031][  T942] usb 3-1: can't read configurations, error -61
[  437.386620][    T8] libceph: connect (1)[c::]:6789 error -101
[  437.398653][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  437.409581][  T942] usb usb3-port1: attempt power cycle
[  437.923156][    T9] libceph: connect (1)[c::]:6789 error -101
[  437.936339][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  437.963520][  T942] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  438.094603][  T942] usb 3-1: Using ep0 maxpacket: 8
[  438.336879][  T942] usb 3-1: too many configurations: 99, using maximum allowed: 8
[  438.388970][  T942] usb 3-1: unable to read config index 0 descriptor/start: -61
[  438.686873][  T942] usb 3-1: can't read configurations, error -61
[  438.812053][ T9260] ceph: No mds server is up or the cluster is laggy
[  438.895333][  T942] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  439.044079][  T942] usb 3-1: Using ep0 maxpacket: 8
[  439.058692][  T942] usb 3-1: too many configurations: 99, using maximum allowed: 8
[  439.102022][  T942] usb 3-1: unable to read config index 0 descriptor/start: -61
[  439.129419][  T942] usb 3-1: can't read configurations, error -61
[  439.146611][  T942] usb usb3-port1: unable to enumerate USB device
[  439.538097][ T9293] vivid-000: disconnect
[  439.836968][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  440.209125][ T9284] vivid-000: reconnect
[  442.008418][ T5296] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  442.223104][ T5296] usb 5-1: Using ep0 maxpacket: 8
[  442.245671][ T5296] usb 5-1: New USB device found, idVendor=046d, idProduct=0850, bcdDevice=6b.da
[  442.277376][ T5296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.310122][ T5296] usb 5-1: config 0 descriptor??
[  442.724435][ T9316] usb usb9: usbfs: interface 0 claimed by hub while 'syz.4.929' sets config #0
[  442.904924][ T5296] usb 5-1: string descriptor 0 read error: -71
[  442.928679][ T5296] gspca_main: STV06xx-2.14.0 probing 046d:0850
[  442.938362][ T5296] usb 5-1: unknown interface protocol 0xe6, assuming v1
[  442.956455][ T5296] usb 5-1: cannot find UAC_HEADER
[  442.968157][ T9328] netlink: 1304 bytes leftover after parsing attributes in process `syz.0.931'.
[  443.000884][ T5296] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[  443.027005][ T5296] usb 5-1: USB disconnect, device number 25
[  443.632900][  T942] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  443.700314][ T9340] netlink: 3068 bytes leftover after parsing attributes in process `syz.4.936'.
[  443.716241][ T9340] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.936'.
[  443.853621][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.860581][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.868291][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.874442][  T942] usb 3-1: Using ep0 maxpacket: 16
[  443.879811][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.886910][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.893226][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.899351][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.905588][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.912237][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.919263][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.929408][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.935665][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.942243][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.948584][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.954703][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.960636][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.969476][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.975551][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.981515][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.987656][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  443.994762][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.000728][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.006742][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.012672][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.018712][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.024736][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.030684][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.036697][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.042633][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.048713][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.054788][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.060791][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.066827][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.072759][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.079210][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.085986][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.093944][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.100094][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.108071][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.114265][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.120214][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.126219][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.132154][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.138137][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.144115][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.150049][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.156023][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.162042][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.168034][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.174025][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.179985][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.186719][    T9] libceph: connect (1)[c::]:6789 error -101
[  444.195074][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  444.198070][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.201850][  T942] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE5, changing to 0x85
[  444.207820][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.218881][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  444.236789][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.238383][  T942] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice=3d.25
[  444.242831][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.264006][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.270009][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.276103][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.282051][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.288322][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.294327][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.301152][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.307619][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.313705][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.319656][ T5230] Bluetooth: hci2: Malformed LE Event: 0x0d
[  444.355404][  T942] usb 3-1: New USB device strings: Mfr=4, Product=106, SerialNumber=3
[  444.445467][  T942] usb 3-1: Product: syz
[  444.454369][    T9] libceph: connect (1)[c::]:6789 error -101
[  444.463023][  T942] usb 3-1: Manufacturer: syz
[  444.483054][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  444.496570][  T942] usb 3-1: SerialNumber: syz
[  444.523530][  T942] usb 3-1: config 0 descriptor??
[  444.551647][  T942] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input15
[  444.589771][ T9363] vivid-000: disconnect
[  444.680995][ T9351] ceph: No mds server is up or the cluster is laggy
[  444.805267][ T5296] usb 3-1: USB disconnect, device number 34
[  444.879859][ T5230] Bluetooth: hci2: link tx timeout
[  444.885793][ T5230] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  445.178422][ T9359] vivid-000: reconnect
[  445.215112][ T9354] ceph: No mds server is up or the cluster is laggy
[  445.493250][ T9369] FAULT_INJECTION: forcing a failure.
[  445.493250][ T9369] name failslab, interval 1, probability 0, space 0, times 0
[  445.576349][ T9369] CPU: 0 UID: 0 PID: 9369 Comm: syz.2.942 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  445.587085][ T9369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  445.590755][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.943'.
[  445.597144][ T9369] Call Trace:
[  445.597164][ T9369]  <TASK>
[  445.597174][ T9369]  dump_stack_lvl+0x241/0x360
[  445.597209][ T9369]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.597234][ T9369]  ? __pfx__printk+0x10/0x10
[  445.597263][ T9369]  ? ref_tracker_alloc+0x332/0x490
[  445.631985][ T9369]  should_fail_ex+0x3b0/0x4e0
[  445.636685][ T9369]  ? skb_clone+0x20c/0x390
[  445.641115][ T9369]  should_failslab+0xac/0x100
[  445.645975][ T9369]  ? skb_clone+0x20c/0x390
[  445.650399][ T9369]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  445.655979][ T9369]  skb_clone+0x20c/0x390
[  445.660242][ T9369]  __netlink_deliver_tap+0x3cc/0x7c0
[  445.665534][ T9369]  ? netlink_deliver_tap+0x2e/0x1b0
[  445.670740][ T9369]  netlink_deliver_tap+0x19d/0x1b0
[  445.675864][ T9369]  netlink_unicast+0x7be/0x990
[  445.680901][ T9369]  ? __pfx_netlink_unicast+0x10/0x10
[  445.686286][ T9369]  ? __virt_addr_valid+0x183/0x530
[  445.691583][ T9369]  ? __check_object_size+0x49c/0x900
[  445.696877][ T9369]  ? bpf_lsm_netlink_send+0x9/0x10
[  445.701986][ T9369]  netlink_sendmsg+0x8e4/0xcb0
[  445.706745][ T9369]  ? __pfx_netlink_sendmsg+0x10/0x10
[  445.712019][ T9369]  ? __import_iovec+0x536/0x820
[  445.716864][ T9369]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  445.722160][ T9369]  ? security_socket_sendmsg+0x87/0xb0
[  445.727636][ T9369]  ? __pfx_netlink_sendmsg+0x10/0x10
[  445.733025][ T9369]  __sock_sendmsg+0x221/0x270
[  445.737746][ T9369]  ____sys_sendmsg+0x525/0x7d0
[  445.742529][ T9369]  ? __pfx_____sys_sendmsg+0x10/0x10
[  445.747827][ T9369]  __sys_sendmsg+0x2b0/0x3a0
[  445.752419][ T9369]  ? __pfx___sys_sendmsg+0x10/0x10
[  445.757521][ T9369]  ? vfs_write+0x7c4/0xc90
[  445.761955][ T9369]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  445.768283][ T9369]  ? do_syscall_64+0x100/0x230
[  445.773048][ T9369]  ? do_syscall_64+0xb6/0x230
[  445.777725][ T9369]  do_syscall_64+0xf3/0x230
[  445.782222][ T9369]  ? clear_bhb_loop+0x35/0x90
[  445.786897][ T9369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.792785][ T9369] RIP: 0033:0x7f7886f779f9
[  445.797199][ T9369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.817681][ T9369] RSP: 002b:00007f7887d4a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  445.826382][ T9369] RAX: ffffffffffffffda RBX: 00007f7887105f80 RCX: 00007f7886f779f9
[  445.834352][ T9369] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  445.842355][ T9369] RBP: 00007f7887d4a090 R08: 0000000000000000 R09: 0000000000000000
[  445.850344][ T9369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.858323][ T9369] R13: 0000000000000000 R14: 00007f7887105f80 R15: 00007ffd4df7ab88
[  445.866305][ T9369]  </TASK>
[  445.877941][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.943'.
[  446.095397][ T9369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.942'.
[  446.959971][ T5230] Bluetooth: hci2: command 0x0406 tx timeout
[  447.276742][  T942] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  447.465785][  T942] usb 3-1: Using ep0 maxpacket: 32
[  447.490096][  T942] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  447.505441][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  447.517993][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  447.531555][  T942] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  447.546636][  T942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.578671][  T942] usb 3-1: config 0 descriptor??
[  447.589960][ T9389] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  447.599135][  T942] hub 3-1:0.0: USB hub found
[  447.772609][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  447.772628][   T29] audit: type=1326 audit(1723398265.835:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  447.953009][   T29] audit: type=1326 audit(1723398265.875:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  447.991625][ T9405] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  448.019812][ T9405] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  448.029145][   T29] audit: type=1326 audit(1723398265.875:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  448.036752][ T9406] vivid-000: disconnect
[  448.145987][ T9405] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  448.193016][ T9405] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  448.224169][ T9405] geneve2: entered promiscuous mode
[  448.262584][   T29] audit: type=1326 audit(1723398265.875:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  448.313614][ T9405] geneve2: entered allmulticast mode
[  448.419445][ T9405] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  448.468953][   T29] audit: type=1326 audit(1723398265.875:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  448.493440][ T9405] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  448.549893][ T9405] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  448.595218][ T9402] vivid-000: reconnect
[  448.604827][ T9405] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  448.672943][   T29] audit: type=1326 audit(1723398265.895:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  448.831052][   T29] audit: type=1326 audit(1723398265.895:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  448.972839][   T29] audit: type=1326 audit(1723398265.895:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  449.096443][   T29] audit: type=1326 audit(1723398265.905:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f693fd76390 code=0x7ffc0000
[  449.137088][   T29] audit: type=1326 audit(1723398265.905:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9397 comm="syz.1.951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7ffc0000
[  449.894446][    T9] libceph: connect (1)[c::]:6789 error -101
[  449.900534][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  449.907576][    T9] libceph: connect (1)[c::]:6789 error -101
[  449.915781][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  450.784477][    T8] libceph: connect (1)[c::]:6789 error -101
[  450.812486][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  450.830731][ T9450] netlink: 'syz.0.963': attribute type 3 has an invalid length.
[  450.843203][ T9450] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.963'.
[  450.910797][ T9437] ceph: No mds server is up or the cluster is laggy
[  451.180006][ T9458] fuse: Bad value for 'rootmode'
[  451.574317][ T9466] vivid-000: disconnect
[  451.658146][  T942] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  451.685605][  T942] usbhid 3-1:0.0: can't add hid device: -71
[  451.704170][  T942] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  451.713606][ T5269] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  451.846598][  T942] usb 3-1: USB disconnect, device number 35
[  451.973045][ T5269] usb 5-1: Using ep0 maxpacket: 32
[  452.002580][ T9459] vivid-000: reconnect
[  452.026808][ T5269] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  452.056607][ T5269] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  452.143202][ T5269] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  452.322894][ T5269] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  453.433847][ T5269] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.484122][ T5269] usb 5-1: config 0 descriptor??
[  453.497493][ T9465] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  453.518813][ T5269] hub 5-1:0.0: USB hub found
[  453.682704][ T9475] netlink: 24 bytes leftover after parsing attributes in process `syz.2.971'.
[  453.728040][ T5269] hub 5-1:0.0: 2 ports detected
[  453.848247][  T942] IPVS: starting estimator thread 0...
[  453.935854][ T9478] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  453.958455][   T25] kernel write not supported for file /uinput (pid: 25 comm: kworker/1:0)
[  453.960007][ T9478] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4123702353 (32989618824 ns) > initial count (11940987304 ns). Using initial count to start timer.
[  453.972908][ T9481] IPVS: using max 19 ests per chain, 45600 per kthread
[  454.293020][ T5296] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  454.463768][ T5296] usb 2-1: device descriptor read/64, error -71
[  454.822967][ T5296] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  454.993279][ T5296] usb 2-1: device descriptor read/64, error -71
[  455.081679][    T9] usb 5-1: USB disconnect, device number 26
[  455.125060][ T5296] usb usb2-port1: attempt power cycle
[  455.169858][   T54] Bluetooth: hci2: unexpected event for opcode 0x040e
[  455.194114][ T5269] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  455.215110][   T54] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  455.216627][ T9500] netlink: 8 bytes leftover after parsing attributes in process `syz.0.978'.
[  455.402983][ T5269] usb 3-1: Using ep0 maxpacket: 16
[  455.418880][ T5269] usb 3-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[  455.428502][ T5269] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.447437][ T5269] usb 3-1: Product: syz
[  455.451871][ T5269] usb 3-1: Manufacturer: syz
[  455.465480][ T5269] usb 3-1: SerialNumber: syz
[  455.487047][ T5269] usb 3-1: config 0 descriptor??
[  455.548727][ T9505] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  455.599716][ T9505] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  455.613119][ T5296] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  455.653625][ T5296] usb 2-1: device descriptor read/8, error -71
[  455.751872][ T5269] usb_8dev 3-1:0.0 can0: sending command message failed
[  455.760769][ T5269] usb_8dev 3-1:0.0 can0: can't get firmware version
[  455.765613][ T9511] netlink: 28 bytes leftover after parsing attributes in process `syz.4.981'.
[  455.794686][ T9511] Bluetooth: MGMT ver 1.23
[  455.896463][ T5269] usb_8dev 3-1:0.0: probe with driver usb_8dev failed with error -22
[  455.920037][ T5269] usb 3-1: USB disconnect, device number 36
[  455.944952][ T5296] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  455.984624][ T5296] usb 2-1: device descriptor read/8, error -71
[  456.121453][ T5296] usb usb2-port1: unable to enumerate USB device
[  456.130686][ T9522] FAULT_INJECTION: forcing a failure.
[  456.130686][ T9522] name failslab, interval 1, probability 0, space 0, times 0
[  456.157028][ T9522] CPU: 1 UID: 0 PID: 9522 Comm: syz.3.984 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  456.167691][ T9522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  456.177934][ T9522] Call Trace:
[  456.181340][ T9522]  <TASK>
[  456.184286][ T9522]  dump_stack_lvl+0x241/0x360
[  456.189184][ T9522]  ? __pfx_dump_stack_lvl+0x10/0x10
[  456.194388][ T9522]  ? __pfx__printk+0x10/0x10
[  456.198997][ T9522]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  456.204616][ T9522]  ? __pfx___might_resched+0x10/0x10
[  456.210590][ T9522]  should_fail_ex+0x3b0/0x4e0
[  456.215361][ T9522]  should_failslab+0xac/0x100
[  456.220042][ T9522]  ? alloc_fs_context+0x63/0x800
[  456.224985][ T9522]  __kmalloc_cache_noprof+0x6c/0x2c0
[  456.230352][ T9522]  alloc_fs_context+0x63/0x800
[  456.235103][ T9522]  ? do_raw_read_unlock+0x3c/0x80
[  456.240140][ T9522]  ? _raw_read_unlock+0x28/0x50
[  456.244990][ T9522]  ? get_fs_type+0x3fd/0x480
[  456.249563][ T9522]  do_new_mount+0x160/0xb40
[  456.254055][ T9522]  ? __pfx_do_new_mount+0x10/0x10
[  456.259068][ T9522]  __se_sys_mount+0x2d6/0x3c0
[  456.264017][ T9522]  ? __pfx___se_sys_mount+0x10/0x10
[  456.269243][ T9522]  ? do_syscall_64+0x100/0x230
[  456.274009][ T9522]  ? __x64_sys_mount+0x20/0xc0
[  456.278778][ T9522]  do_syscall_64+0xf3/0x230
[  456.283312][ T9522]  ? clear_bhb_loop+0x35/0x90
[  456.287997][ T9522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.293909][ T9522] RIP: 0033:0x7f5e425779f9
[  456.298338][ T9522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.318109][ T9522] RSP: 002b:00007f5e432a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  456.326545][ T9522] RAX: ffffffffffffffda RBX: 00007f5e42705f80 RCX: 00007f5e425779f9
[  456.334688][ T9522] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[  456.342666][ T9522] RBP: 00007f5e432a8090 R08: 0000000020000380 R09: 0000000000000000
[  456.350730][ T9522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  456.358837][ T9522] R13: 0000000000000000 R14: 00007f5e42705f80 R15: 00007ffefafc4448
[  456.366829][ T9522]  </TASK>
[  456.430629][ T9523] ceph: No mds server is up or the cluster is laggy
[  456.582646][ T9528] vlan2: entered promiscuous mode
[  456.594565][ T9532] 9pnet_fd: Insufficient options for proto=fd
[  456.604695][ T9528] macvtap0: entered promiscuous mode
[  456.630903][ T9528] vlan2: entered allmulticast mode
[  456.659159][ T9528] macvtap0: entered allmulticast mode
[  456.689394][ T9528] veth0_macvtap: entered allmulticast mode
[  456.753762][ T9528] team0: Device vlan2 is up. Set it down before adding it as a team port
[  456.848823][ T9528] macvtap0: left allmulticast mode
[  456.868934][ T9528] veth0_macvtap: left allmulticast mode
[  456.885625][ T9528] macvtap0: left promiscuous mode
[  457.347611][ T9549] input: syz1 as /devices/virtual/input/input16
[  457.413326][ T9545] 9pnet_virtio: no channels available for device 
[  460.001463][ T9576] 9pnet_fd: Insufficient options for proto=fd
[  460.569285][ T9584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1004'.
[  461.051978][ T9588] fuse: Unknown parameter 'W~Ð'
[  462.384776][ T9606] 9pnet_fd: Insufficient options for proto=fd
[  465.970286][ T9646] 9pnet_fd: Insufficient options for proto=fd
[  466.421659][ T9656] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1024'.
[  466.623569][ T9660] IPv6: sit1: Disabled Multicast RS
[  467.738135][   T29] kauditd_printk_skb: 75 callbacks suppressed
[  467.738151][   T29] audit: type=1326 audit(1723398285.805:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9667 comm="syz.3.1028" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5e425779f9 code=0x0
[  467.905985][ T9671] sp0: Synchronizing with TNC
[  468.069251][ T9681] 9pnet_fd: Insufficient options for proto=fd
[  469.674706][ T9700] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1036'.
[  470.633053][    T9] usb 5-1: new low-speed USB device number 27 using dummy_hcd
[  471.158777][ T5296] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  471.241327][ T9710] 9pnet_fd: Insufficient options for proto=fd
[  471.293203][    T9] usb 5-1: Invalid ep0 maxpacket: 32
[  471.395704][ T5296] usb 3-1: Using ep0 maxpacket: 32
[  471.416385][ T5296] usb 3-1: config 24 has an invalid descriptor of length 0, skipping remainder of the config
[  471.442480][ T5296] usb 3-1: New USB device found, idVendor=061d, idProduct=c140, bcdDevice=c1.1d
[  471.464052][ T5296] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.474238][    T9] usb 5-1: new low-speed USB device number 28 using dummy_hcd
[  471.524121][ T5296] quatech2 3-1:24.0: Quatech 2nd gen USB to Serial Driver converter detected
[  471.694133][    T9] usb 5-1: Invalid ep0 maxpacket: 32
[  471.703335][    T9] usb usb5-port1: attempt power cycle
[  471.712990][ T9715] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  471.774051][ T5230] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  471.787009][ T9716] bridge0: port 3(gretap0) entered disabled state
[  471.793725][ T9716] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.802436][ T9716] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.820696][ T5230] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  471.836231][ T5230] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  471.849372][ T5230] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  471.858835][ T5230] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  471.867346][ T5230] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  471.924819][ T5296] usb 3-1: qt2_attach - failed to power on unit: -71
[  471.968776][ T5296] quatech2 3-1:24.0: probe with driver quatech2 failed with error -71
[  472.028641][ T5296] usb 3-1: USB disconnect, device number 37
[  472.071666][ T5684] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.122419][ T9724] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1045'.
[  472.163002][    T9] usb 5-1: new low-speed USB device number 29 using dummy_hcd
[  472.199432][    T9] usb 5-1: Invalid ep0 maxpacket: 32
[  472.331863][ T5684] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.363197][    T9] usb 5-1: new low-speed USB device number 30 using dummy_hcd
[  472.395991][    T9] usb 5-1: Invalid ep0 maxpacket: 32
[  472.402466][    T9] usb usb5-port1: unable to enumerate USB device
[  472.428710][ T5684] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.524072][ T5684] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.735995][ T5684] bridge_slave_1: left allmulticast mode
[  472.742413][ T5684] bridge_slave_1: left promiscuous mode
[  472.748492][ T5684] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.767574][ T5684] bridge_slave_0: left allmulticast mode
[  472.781034][ T5684] bridge_slave_0: left promiscuous mode
[  472.787758][ T5684] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.653975][ T5296] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  473.894681][ T5296] usb 2-1: Using ep0 maxpacket: 16
[  473.909647][ T5296] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  473.920147][   T54] Bluetooth: hci2: command tx timeout
[  473.950034][ T5296] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  473.966311][ T5296] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  473.983868][ T5296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.993973][ T5296] usb 2-1: Product: syz
[  473.998276][ T5296] usb 2-1: Manufacturer: syz
[  474.010386][ T5296] usb 2-1: SerialNumber: syz
[  474.036488][ T9751] 9pnet_fd: Insufficient options for proto=fd
[  474.320233][ T5684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  474.333016][ T5684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  474.349069][ T5684] bond0 (unregistering): Released all slaves
[  474.393949][ T9717] chnl_net:caif_netlink_parms(): no params data found
[  474.443289][ T5296] usb 2-1: cannot find UAC_HEADER
[  474.492757][ T5296] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  474.771781][ T9717] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.797736][ T9717] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.824669][ T9717] bridge_slave_0: entered allmulticast mode
[  474.832076][ T9717] bridge_slave_0: entered promiscuous mode
[  474.844963][ T9762] xt_CT: No such helper "pptp"
[  474.876087][ T9717] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.900138][ T9717] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.928395][ T9717] bridge_slave_1: entered allmulticast mode
[  474.948102][ T9717] bridge_slave_1: entered promiscuous mode
[  475.061116][ T5684] hsr_slave_0: left promiscuous mode
[  475.071263][ T5684] hsr_slave_1: left promiscuous mode
[  475.078048][ T5684] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  475.085848][ T5684] batman_adv: batadv0: Removing interface: batadv_slave_0
[  475.094955][ T5684] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  475.102534][ T5684] batman_adv: batadv0: Removing interface: batadv_slave_1
[  475.131807][ T5684] veth1_macvtap: left promiscuous mode
[  475.137706][ T5684] veth0_macvtap: left promiscuous mode
[  475.144476][ T5684] veth1_vlan: left promiscuous mode
[  475.149974][ T5684] veth0_vlan: left promiscuous mode
[  475.999413][   T54] Bluetooth: hci2: command tx timeout
[  476.104688][ T5684] team0 (unregistering): Port device team_slave_1 removed
[  476.144862][ T5296] usb 2-1: USB disconnect, device number 42
[  476.269534][ T5684] team0 (unregistering): Port device team_slave_0 removed
[  476.399588][ T9779] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1060'.
[  476.452927][ T5269] usb 5-1: new low-speed USB device number 31 using dummy_hcd
[  476.656515][ T5269] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  476.680755][ T5269] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  476.697888][ T5269] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  476.715625][ T5269] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B is Bulk; changing to Interrupt
[  476.733031][ T5269] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  476.773150][ T5269] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  476.782515][ T5269] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.828508][ T5269] usbtmc 5-1:16.0: bulk endpoints not found
[  477.168786][ T9787] 9pnet_fd: Insufficient options for proto=fd
[  477.322344][ T9717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.353999][ T9779] Êü�: entered promiscuous mode
[  477.362003][ T9783] netlink: 300 bytes leftover after parsing attributes in process `syz.2.1062'.
[  477.425587][ T9717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.568459][ T9717] team0: Port device team_slave_0 added
[  477.593055][ T9717] team0: Port device team_slave_1 added
[  477.664718][ T9717] batman_adv: batadv0: Adding interface: batadv_slave_0
[  477.680562][ T9717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.736927][ T9717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  477.751138][ T9717] batman_adv: batadv0: Adding interface: batadv_slave_1
[  477.758515][ T9717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.798816][ T9717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  477.957815][ T5684] IPVS: stop unused estimator thread 0...
[  477.974406][ T9717] hsr_slave_0: entered promiscuous mode
[  478.001451][ T9717] hsr_slave_1: entered promiscuous mode
[  478.027735][ T9717] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  478.036849][ T9717] Cannot create hsr debugfs directory
[  478.073046][   T54] Bluetooth: hci2: command tx timeout
[  478.548870][ T9815] vivid-000: disconnect
[  478.877015][ T9717] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  478.905997][ T9717] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  478.939794][ T9717] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  478.980449][ T9717] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  479.026265][ T9822] 9pnet_fd: Insufficient options for proto=fd
[  479.167018][ T9813] vivid-000: reconnect
[  479.281180][ T9717] 8021q: adding VLAN 0 to HW filter on device bond0
[  479.292604][  T945] usb 5-1: USB disconnect, device number 31
[  479.473992][ T9717] 8021q: adding VLAN 0 to HW filter on device team0
[  480.189589][   T54] Bluetooth: hci2: command tx timeout
[  480.257853][ T6224] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.265086][ T6224] bridge0: port 1(bridge_slave_0) entered forwarding state
[  480.495931][ T1067] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.503086][ T1067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  480.586251][ T9839] netlink: 'syz.2.1075': attribute type 10 has an invalid length.
[  480.626601][ T9831] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1077'.
[  480.659872][ T9831] openvswitch: netlink: Tunnel attr 0 has unexpected len 1 expected 8
[  480.718617][ T9839] 8021q: adding VLAN 0 to HW filter on device team0
[  480.729790][ T9839] bond0: (slave team0): Enslaving as an active interface with an up link
[  481.248299][ T9717] 8021q: adding VLAN 0 to HW filter on device batadv0
[  481.367703][ T9717] veth0_vlan: entered promiscuous mode
[  481.392669][ T9717] veth1_vlan: entered promiscuous mode
[  481.398829][ T9858] 9pnet_fd: Insufficient options for proto=fd
[  481.633973][ T9717] veth0_macvtap: entered promiscuous mode
[  481.662116][ T9717] veth1_macvtap: entered promiscuous mode
[  481.683221][ T5296] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  482.687419][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.703027][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.846840][ T5296] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  482.855416][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.862883][ T5296] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.187760][ T5296] usb 5-1: Product: syz
[  484.191974][ T5296] usb 5-1: Manufacturer: syz
[  484.196973][ T5296] usb 5-1: SerialNumber: syz
[  484.204088][ T5296] usb 5-1: config 0 descriptor??
[  484.223400][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.237151][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.276663][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.296640][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.307789][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.335953][ T9717] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.349245][ T5296] usb 5-1: Firmware version (0.0) predates our first public release.
[  484.357954][ T5296] usb 5-1: Please update to version 0.2 or newer
[  484.469586][ T5296] usb 5-1: USB disconnect, device number 32
[  484.475737][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.475764][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.475776][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.475791][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.475803][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.475817][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.475828][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.475842][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.475854][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.475869][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.477184][ T9717] batman_adv: batadv0: Interface activated: batadv_slave_1
[  484.697326][ T9717] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  484.728307][ T9717] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  484.746606][ T9717] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.763008][ T9717] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.784441][ T9889] tipc: Started in network mode
[  484.789349][ T9889] tipc: Node identity ac14140f, cluster identity 4711
[  484.804270][ T9889] tipc: New replicast peer: 255.255.255.255
[  484.815513][ T9889] tipc: Enabled bearer <udp:s>, priority 10
[  485.097111][ T6249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.133122][ T6249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.254730][ T1067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.294340][ T1067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.332015][ T9905] 9pnet_fd: Insufficient options for proto=fd
[  486.501798][  T945] tipc: Node number set to 2886997007
[  486.673321][ T9835] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  486.864538][ T9925] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1097'.
[  486.896075][ T9835] usb 1-1: Using ep0 maxpacket: 16
[  486.905917][ T9835] usb 1-1: unable to read config index 0 descriptor/start: -61
[  486.925622][ T9835] usb 1-1: can't read configurations, error -61
[  487.082947][ T9835] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  487.265166][ T9835] usb 1-1: Using ep0 maxpacket: 16
[  487.285565][ T9835] usb 1-1: unable to read config index 0 descriptor/start: -61
[  487.295744][ T9835] usb 1-1: can't read configurations, error -61
[  487.308120][ T9835] usb usb1-port1: attempt power cycle
[  487.773916][ T9940] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  487.806754][ T9835] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  487.856886][ T9835] usb 1-1: Using ep0 maxpacket: 16
[  487.885548][ T9835] usb 1-1: unable to read config index 0 descriptor/start: -61
[  487.909734][ T9835] usb 1-1: can't read configurations, error -61
[  488.093684][ T9835] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  488.167000][ T9835] usb 1-1: Using ep0 maxpacket: 16
[  488.269292][ T9835] usb 1-1: unable to read config index 0 descriptor/start: -61
[  489.293316][ T9835] usb 1-1: can't read configurations, error -61
[  489.333863][ T9835] usb usb1-port1: unable to enumerate USB device
[  490.140769][ T9949] 9pnet_fd: Insufficient options for proto=fd
[  490.256439][ T9954] 9pnet_fd: Insufficient options for proto=fd
[  490.405891][ T9960] 9pnet: p9_errstr2errno: server reported unknown error I;�þ	Â
[  493.064046][ T9980] netlink: 212 bytes leftover after parsing attributes in process `syz.1.1114'.
[  495.168911][ T9980] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  496.520114][ T2038] pvrusb2: request_firmware fatal error with code=-110
[  496.612957][ T2038] pvrusb2: Failure uploading firmware1
[  496.618473][ T2038] pvrusb2: Device initialization was not successful.
[  496.719861][ T2038] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  496.738640][ T9982] bridge_slave_0: left allmulticast mode
[  496.763787][ T2038] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  496.797299][ T5266] pvrusb2: Device being rendered inoperable
[  496.830772][ T9982] bridge_slave_0: left promiscuous mode
[  496.893400][ T9990] 9pnet_fd: Insufficient options for proto=fd
[  496.903280][ T9982] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.935277][ T9982] bridge_slave_1: left allmulticast mode
[  496.943119][ T9982] bridge_slave_1: left promiscuous mode
[  496.956515][ T9982] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.011775][ T9982] bond0: (slave bond_slave_0): Releasing backup interface
[  497.199879][ T9982] bond0: (slave bond_slave_1): Releasing backup interface
[  497.268299][T10003] 9pnet_fd: Insufficient options for proto=fd
[  497.285647][ T5266] IPVS: starting estimator thread 0...
[  497.286775][ T9982] team0: Port device team_slave_0 removed
[  497.532928][T10007] IPVS: using max 22 ests per chain, 52800 per kthread
[  498.230018][ T9982] team0: Port device team_slave_1 removed
[  498.248741][ T9982] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  498.261937][ T9982] batman_adv: batadv0: Removing interface: batadv_slave_0
[  498.334469][T10012] 9pnet_fd: Insufficient options for proto=fd
[  498.338999][ T9982] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  498.350908][ T9982] batman_adv: batadv0: Removing interface: batadv_slave_1
[  498.607486][ T9986] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.622655][ T9986] team0: Port device bond0 added
[  499.111738][  T945] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  499.308170][  T945] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  499.345508][  T945] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  499.402962][  T945] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  499.432536][  T945] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  499.448519][  T945] usb 3-1: SerialNumber: syz
[  499.718122][  T945] usb 3-1: 0:2 : does not exist
[  499.764778][  T945] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[  499.827195][  T945] usb 3-1: 5:0: cannot get min/max values for control 2 (id 5)
[  499.864208][  T945] usb 3-1: 5:0: cannot get min/max values for control 4 (id 5)
[  499.918538][  T945] usb 3-1: 5:0: cannot get min/max values for control 5 (id 5)
[  499.953064][  T945] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[  500.083401][   T29] audit: type=1326 audit(1723398318.115:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  500.129609][T10037] 9pnet_fd: Insufficient options for proto=fd
[  500.145710][   T29] audit: type=1326 audit(1723398318.115:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  500.784560][   T29] audit: type=1326 audit(1723398318.115:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fae00d76390 code=0x7ffc0000
[  500.846477][   T29] audit: type=1326 audit(1723398318.115:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  500.899904][  T945] usb 3-1: 5:0: cannot get min/max values for control 8 (id 5)
[  500.924814][   T29] audit: type=1326 audit(1723398318.115:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  500.963011][  T945] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[  500.978499][   T29] audit: type=1326 audit(1723398318.125:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  501.001755][   T29] audit: type=1326 audit(1723398318.125:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  501.038610][T10044] 9pnet_fd: Insufficient options for proto=fd
[  501.049857][  T945] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[  501.087386][   T29] audit: type=1326 audit(1723398318.125:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  501.156197][  T945] usb 3-1: 5:0: cannot get min/max values for control 5 (id 5)
[  501.178749][  T945] usb 3-1: USB disconnect, device number 38
[  501.185165][   T29] audit: type=1326 audit(1723398318.125:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  501.286056][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  501.307549][   T29] audit: type=1326 audit(1723398318.125:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10033 comm="syz.4.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae00d779f9 code=0x7ffc0000
[  501.558071][T10063] FAULT_INJECTION: forcing a failure.
[  501.558071][T10063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.622013][T10063] CPU: 0 UID: 0 PID: 10063 Comm: syz.0.1137 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  501.634364][T10063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  501.644444][T10063] Call Trace:
[  501.647742][T10063]  <TASK>
[  501.650687][T10063]  dump_stack_lvl+0x241/0x360
[  501.655676][T10063]  ? __pfx_dump_stack_lvl+0x10/0x10
[  501.662395][T10063]  ? __pfx__printk+0x10/0x10
[  501.667182][T10063]  ? __pfx_lock_release+0x10/0x10
[  501.672323][T10063]  should_fail_ex+0x3b0/0x4e0
[  501.677051][T10063]  _copy_from_iter+0x1f6/0x1960
[  501.682017][T10063]  ? __virt_addr_valid+0x183/0x530
[  501.687147][T10063]  ? skb_set_owner_w+0x238/0x3e0
[  501.692101][T10063]  ? __pfx__copy_from_iter+0x10/0x10
[  501.697384][T10063]  ? __pfx__copy_from_iter+0x10/0x10
[  501.702759][T10063]  ? page_copy_sane+0x154/0x260
[  501.707658][T10063]  copy_page_from_iter+0x7a/0x100
[  501.712768][T10063]  skb_copy_datagram_from_iter+0x2d8/0x6c0
[  501.718605][T10063]  unix_dgram_sendmsg+0x7a7/0x1f80
[  501.723911][T10063]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  501.730532][T10063]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  501.737314][T10063]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  501.742870][T10063]  ? __pfx_lock_release+0x10/0x10
[  501.747904][T10063]  ? unix_seqpacket_sendmsg+0x110/0x1e0
[  501.753438][T10063]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  501.759320][T10063]  __sock_sendmsg+0x221/0x270
[  501.764012][T10063]  ____sys_sendmsg+0x525/0x7d0
[  501.768840][T10063]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.774204][T10063]  __sys_sendmsg+0x2b0/0x3a0
[  501.778885][T10063]  ? __pfx___sys_sendmsg+0x10/0x10
[  501.783995][T10063]  ? vfs_write+0x7c4/0xc90
[  501.788440][T10063]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  501.794767][T10063]  ? do_syscall_64+0x100/0x230
[  501.799520][T10063]  ? do_syscall_64+0xb6/0x230
[  501.804204][T10063]  do_syscall_64+0xf3/0x230
[  501.808729][T10063]  ? clear_bhb_loop+0x35/0x90
[  501.813495][T10063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.819402][T10063] RIP: 0033:0x7f3b6b5779f9
[  501.824501][T10063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.844190][T10063] RSP: 002b:00007f3b6c400038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.852671][T10063] RAX: ffffffffffffffda RBX: 00007f3b6b705f80 RCX: 00007f3b6b5779f9
[  501.860650][T10063] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  501.868607][T10063] RBP: 00007f3b6c400090 R08: 0000000000000000 R09: 0000000000000000
[  501.876651][T10063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  501.884608][T10063] R13: 0000000000000000 R14: 00007f3b6b705f80 R15: 00007fff40a1b688
[  501.892667][T10063]  </TASK>
[  502.803142][  T945] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  503.034628][  T945] usb 1-1: Using ep0 maxpacket: 16
[  503.058505][T10077] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1143'.
[  503.062159][  T945] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  503.126613][T10077] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  503.126795][  T945] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  503.166183][  T945] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  503.173452][T10080] 9pnet_fd: Insufficient options for proto=fd
[  503.222196][  T945] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  503.255901][  T945] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.296596][  T945] usb 1-1: config 0 descriptor??
[  504.399396][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[  504.412931][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[  504.428401][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[  504.449929][T10072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.460911][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[  504.468444][T10072] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.491820][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[  504.655897][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x4
[  504.677078][  T945] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[  504.963997][  T945] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.000C/input/input17
[  505.137132][  T945] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  505.262928][ T9835] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  505.792182][  T945] usb 1-1: USB disconnect, device number 22
[  505.865129][ T9835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  506.073752][ T9835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  506.083765][ T9835] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  506.099816][ T9835] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  506.119258][ T9835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.125281][T10123] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  506.128581][ T5266] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  506.164500][ T9835] usb 2-1: config 0 descriptor??
[  506.343099][ T5266] usb 5-1: device descriptor read/64, error -71
[  506.522984][  T945] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  506.543006][  T942] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  506.603500][ T9835] acrux 0003:1A34:0802.000D: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[  506.615382][ T9835] acrux 0003:1A34:0802.000D: no inputs found
[  506.621944][ T9835] acrux 0003:1A34:0802.000D: Failed to enable force feedback support, error: -19
[  506.635930][ T5266] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  506.668917][T10126] 9pnet_fd: Insufficient options for proto=fd
[  506.748318][  T945] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  506.762945][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  506.776765][  T945] usb 1-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3
[  506.803404][ T5266] usb 5-1: device descriptor read/64, error -71
[  506.811495][  T942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  506.823746][  T945] usb 1-1: Product: syz
[  506.828029][  T945] usb 1-1: Manufacturer: syz
[  506.832695][  T945] usb 1-1: SerialNumber: syz
[  506.839297][  T942] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  506.853743][  T945] usb 1-1: config 0 descriptor??
[  506.859088][  T942] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  506.895741][  T942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.913973][  T942] usb 3-1: config 0 descriptor??
[  506.930156][T10124] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  506.938227][ T5266] usb usb5-port1: attempt power cycle
[  506.986710][T10130] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1157'.
[  507.165096][ T5264] usb 2-1: USB disconnect, device number 43
[  507.296169][ T9835] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  507.378125][ T5266] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  507.406460][  T942] plantronics 0003:047F:FFFF.000E: unknown main item tag 0xd
[  507.415099][ T5266] usb 5-1: device descriptor read/8, error -71
[  507.425527][  T942] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  507.439381][  T942] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  507.492911][ T9835] usb 4-1: Using ep0 maxpacket: 16
[  507.501514][ T9835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 48, changing to 7
[  507.518462][ T9835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 8240, setting to 1024
[  507.530045][ T9835] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  507.541006][ T9835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.552107][ T9835] usb 4-1: config 0 descriptor??
[  507.567626][ T9835] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  507.683402][ T5266] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  507.746063][ T5266] usb 5-1: device descriptor read/8, error -71
[  507.817047][ T5264] usb 4-1: USB disconnect, device number 17
[  507.874461][ T5266] usb usb5-port1: unable to enumerate USB device
[  507.998611][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  507.998629][   T29] audit: type=1326 audit(1723398326.065:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  508.035010][   T29] audit: type=1326 audit(1723398326.095:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  508.498721][T10140] netlink: 'syz.3.1160': attribute type 8 has an invalid length.
[  508.645683][   T29] audit: type=1326 audit(1723398326.715:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  508.743102][   T29] audit: type=1326 audit(1723398326.715:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  508.850956][   T29] audit: type=1326 audit(1723398326.715:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  508.911423][  T945] usb-storage 1-1:0.0: USB Mass Storage device detected
[  508.943126][ T5266] usb 3-1: reset high-speed USB device number 39 using dummy_hcd
[  509.177474][   T29] audit: type=1326 audit(1723398326.715:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  509.195970][T10145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1162'.
[  509.236500][   T29] audit: type=1326 audit(1723398326.715:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  509.803500][  T945] usb 1-1: USB disconnect, device number 23
[  510.043374][   T29] audit: type=1326 audit(1723398326.715:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  510.080425][   T29] audit: type=1326 audit(1723398326.715:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  510.109351][   T29] audit: type=1326 audit(1723398326.715:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10132 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693fd779f9 code=0x7fc00000
[  510.245960][ T5264] usb 3-1: USB disconnect, device number 39
[  510.452899][  T945] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  510.643582][  T945] usb 1-1: Using ep0 maxpacket: 32
[  510.674374][  T945] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  510.711602][  T945] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  510.746368][  T945] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  510.774182][  T945] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  510.784348][  T945] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  510.794695][  T945] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  510.809225][  T945] usb 1-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  510.832313][  T945] usb 1-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27
[  510.841980][  T945] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.851074][  T945] usb 1-1: Product: syz
[  510.862219][  T945] usb 1-1: Manufacturer: syz
[  510.867801][  T945] usb 1-1: SerialNumber: syz
[  510.879819][  T945] usb 1-1: config 0 descriptor??
[  510.886149][T10151] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  510.951023][  T945] vmk80xx 1-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[  510.996143][  T945] vmk80xx 1-1:0.0: probe with driver vmk80xx failed with error -22
[  511.002891][   T58] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  511.238632][   T58] usb 2-1: device descriptor read/64, error -71
[  511.533067][   T58] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  511.685369][T10159] ceph: No mds server is up or the cluster is laggy
[  511.702930][   T58] usb 2-1: device descriptor read/64, error -71
[  511.853600][   T58] usb usb2-port1: attempt power cycle
[  512.164573][ T5269] usb 1-1: USB disconnect, device number 24
[  512.253079][  T945] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  512.293112][   T58] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  512.339671][   T58] usb 2-1: device descriptor read/8, error -71
[  512.464075][  T945] usb 3-1: Using ep0 maxpacket: 16
[  512.471481][  T945] usb 3-1: unable to read config index 0 descriptor/start: -61
[  512.481298][  T945] usb 3-1: can't read configurations, error -61
[  512.622946][   T58] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  512.641167][T10199] 9pnet_fd: Insufficient options for proto=fd
[  512.648311][  T945] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  512.657239][   T58] usb 2-1: device descriptor read/8, error -71
[  512.728600][ T1067] Bluetooth: hci6: Frame reassembly failed (-84)
[  512.785280][   T58] usb usb2-port1: unable to enumerate USB device
[  512.843194][  T945] usb 3-1: Using ep0 maxpacket: 16
[  512.850634][  T945] usb 3-1: unable to read config index 0 descriptor/start: -61
[  512.858349][  T945] usb 3-1: can't read configurations, error -61
[  512.865133][  T945] usb usb3-port1: attempt power cycle
[  513.283150][  T945] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  513.314985][  T945] usb 3-1: Using ep0 maxpacket: 16
[  513.322544][  T945] usb 3-1: unable to read config index 0 descriptor/start: -61
[  513.330231][  T945] usb 3-1: can't read configurations, error -61
[  513.482945][  T945] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  513.513574][  T945] usb 3-1: Using ep0 maxpacket: 16
[  513.521763][  T945] usb 3-1: unable to read config index 0 descriptor/start: -61
[  513.529611][  T945] usb 3-1: can't read configurations, error -61
[  513.536233][  T945] usb usb3-port1: unable to enumerate USB device
[  513.692995][ T5269] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  513.872928][ T5269] usb 2-1: Using ep0 maxpacket: 16
[  513.941690][ T5269] usb 2-1: unable to get BOS descriptor or descriptor too short
[  513.949692][ T5269] usb 2-1: no configurations
[  513.954470][ T5269] usb 2-1: can't read configurations, error -22
[  514.793575][ T5230] Bluetooth: hci6: command 0x1003 tx timeout
[  514.801062][   T54] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  514.884930][T10211] FAULT_INJECTION: forcing a failure.
[  514.884930][T10211] name failslab, interval 1, probability 0, space 0, times 0
[  514.897928][T10211] CPU: 0 UID: 0 PID: 10211 Comm: syz.3.1182 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  514.908712][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  514.918769][T10211] Call Trace:
[  514.922131][T10211]  <TASK>
[  514.925056][T10211]  dump_stack_lvl+0x241/0x360
[  514.929735][T10211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  514.934926][T10211]  ? __pfx__printk+0x10/0x10
[  514.939511][T10211]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  514.944966][T10211]  ? __pfx___might_resched+0x10/0x10
[  514.950248][T10211]  should_fail_ex+0x3b0/0x4e0
[  514.954926][T10211]  should_failslab+0xac/0x100
[  514.959607][T10211]  ? smack_sk_alloc_security+0xed/0x250
[  514.965234][T10211]  __kmalloc_cache_noprof+0x6c/0x2c0
[  514.970516][T10211]  smack_sk_alloc_security+0xed/0x250
[  514.975894][T10211]  security_sk_alloc+0x75/0xb0
[  514.980738][T10211]  sk_prot_alloc+0xfa/0x210
[  514.985233][T10211]  ? sk_alloc+0x26/0x370
[  514.989477][T10211]  sk_alloc+0x38/0x370
[  514.993623][T10211]  ? bpf_test_init+0x15a/0x180
[  514.998386][T10211]  ? bpf_ctx_init+0x162/0x1b0
[  515.003249][T10211]  bpf_prog_test_run_skb+0x3bd/0x1820
[  515.008658][T10211]  ? __pfx_lock_release+0x10/0x10
[  515.013714][T10211]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  515.019536][T10211]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  515.025441][T10211]  bpf_prog_test_run+0x33a/0x3b0
[  515.030461][T10211]  __sys_bpf+0x48d/0x810
[  515.034725][T10211]  ? __pfx___sys_bpf+0x10/0x10
[  515.039528][T10211]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  515.045517][T10211]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  515.051850][T10211]  ? do_syscall_64+0x100/0x230
[  515.056614][T10211]  __x64_sys_bpf+0x7c/0x90
[  515.061131][T10211]  do_syscall_64+0xf3/0x230
[  515.065651][T10211]  ? clear_bhb_loop+0x35/0x90
[  515.070432][T10211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.076341][T10211] RIP: 0033:0x7f5e425779f9
[  515.080752][T10211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.100377][T10211] RSP: 002b:00007f5e432a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  515.108802][T10211] RAX: ffffffffffffffda RBX: 00007f5e42705f80 RCX: 00007f5e425779f9
[  515.116780][T10211] RDX: 000000000000004c RSI: 0000000020000240 RDI: 000000000000000a
[  515.124763][T10211] RBP: 00007f5e432a8090 R08: 0000000000000000 R09: 0000000000000000
[  515.132731][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.140954][T10211] R13: 0000000000000000 R14: 00007f5e42705f80 R15: 00007ffefafc4448
[  515.149124][T10211]  </TASK>
[  516.609063][T10230] ieee802154 phy0 wpan0: encryption failed: -22
[  516.635388][T10232] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1188'.
[  516.681432][T10232] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1188'.
[  516.695283][T10232] 0ªX¹¦D: renamed from gretap0
[  516.711147][T10232] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  519.422982][ T5296] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  519.614060][ T5296] usb 3-1: Using ep0 maxpacket: 32
[  519.625547][ T5296] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  519.635344][ T5296] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  519.646731][ T5296] usb 3-1: Product: syz
[  519.652296][ T5296] usb 3-1: Manufacturer: syz
[  519.689198][ T5296] usb 3-1: SerialNumber: syz
[  519.713995][ T5296] usb 3-1: config 0 descriptor??
[  519.725299][ T5230] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  519.735795][ T5230] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  519.737636][ T5296] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  519.744246][ T5230] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  519.778272][ T5230] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  519.791250][ T5230] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  519.803179][ T5230] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  520.237650][T10257] chnl_net:caif_netlink_parms(): no params data found
[  520.401233][T10257] bridge0: port 1(bridge_slave_0) entered blocking state
[  520.418632][T10257] bridge0: port 1(bridge_slave_0) entered disabled state
[  520.428476][T10257] bridge_slave_0: entered allmulticast mode
[  520.442327][T10257] bridge_slave_0: entered promiscuous mode
[  520.459234][T10257] bridge0: port 2(bridge_slave_1) entered blocking state
[  520.472131][T10257] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.488606][T10257] bridge_slave_1: entered allmulticast mode
[  520.499978][T10257] bridge_slave_1: entered promiscuous mode
[  520.606922][T10257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  520.655275][T10257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  520.730668][T10257] team0: Port device team_slave_0 added
[  520.748265][T10257] team0: Port device team_slave_1 added
[  520.839464][T10257] batman_adv: batadv0: Adding interface: batadv_slave_0
[  520.853372][T10257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.879795][T10257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  520.894777][T10257] batman_adv: batadv0: Adding interface: batadv_slave_1
[  520.901746][T10257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.927991][T10257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  520.975230][T10257] hsr_slave_0: entered promiscuous mode
[  520.982139][T10257] hsr_slave_1: entered promiscuous mode
[  520.988574][T10257] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  520.997628][T10257] Cannot create hsr debugfs directory
[  521.143080][ T5269] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  521.158363][T10257] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.267544][T10257] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.332986][ T5269] usb 4-1: Using ep0 maxpacket: 16
[  521.340680][ T5269] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.357007][ T5269] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  521.367148][ T5269] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  521.383433][ T5296] gspca_stk1135: reg_w 0x200 err -71
[  521.387225][T10257] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.389754][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.407535][ T5269] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  521.416660][ T5269] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  521.425117][ T5296] gspca_stk1135: Sensor write failed
[  521.431357][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.438870][ T5269] usb 4-1: config 0 descriptor??
[  521.444206][ T5296] gspca_stk1135: Sensor write failed
[  521.449738][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.458891][ T5296] gspca_stk1135: Sensor read failed
[  521.468538][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.475098][ T5296] gspca_stk1135: Sensor read failed
[  521.480528][ T5296] gspca_stk1135: Detected sensor type unknown (0x0)
[  521.490700][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.497301][ T5296] gspca_stk1135: Sensor read failed
[  521.502670][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.506101][T10257] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.510799][ T5296] gspca_stk1135: Sensor read failed
[  521.545408][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.551841][ T5296] gspca_stk1135: Sensor write failed
[  521.561926][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  521.568761][ T5296] gspca_stk1135: Sensor write failed
[  521.578888][ T5296] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  521.593513][ T5296] usb 3-1: USB disconnect, device number 44
[  521.723392][T10275] ntfs3: nullb0: Primary boot signature is not NTFS.
[  521.737651][T10275] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[  521.786193][T10257] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  521.798180][T10257] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  521.819450][T10257] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  521.839147][T10257] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  521.846024][ T5230] Bluetooth: hci6: command tx timeout
[  521.888386][ T5269] ryos 0003:1E7D:31CE.000F: unbalanced collection at end of report description
[  521.911420][ T5269] ryos 0003:1E7D:31CE.000F: parse failed
[  521.929048][ T5269] ryos 0003:1E7D:31CE.000F: probe with driver ryos failed with error -22
[  522.088735][T10257] 8021q: adding VLAN 0 to HW filter on device bond0
[  522.143454][T10272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  522.144475][T10257] 8021q: adding VLAN 0 to HW filter on device team0
[  522.176614][T10272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  522.180483][ T5264] libceph: connect (1)[c::]:6789 error -101
[  522.211149][ T5269] usb 4-1: USB disconnect, device number 18
[  522.214388][ T1067] bridge0: port 1(bridge_slave_0) entered blocking state
[  522.224772][ T1067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  522.236525][ T5264] libceph: mon0 (1)[c::]:6789 connect error
[  522.289972][ T1067] bridge0: port 2(bridge_slave_1) entered blocking state
[  522.297406][ T1067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  522.523856][ T5264] libceph: connect (1)[c::]:6789 error -101
[  522.548623][ T5264] libceph: mon0 (1)[c::]:6789 connect error
[  522.702590][T10257] 8021q: adding VLAN 0 to HW filter on device batadv0
[  523.083304][ T5264] libceph: connect (1)[c::]:6789 error -101
[  523.101948][ T5264] libceph: mon0 (1)[c::]:6789 connect error
[  527.829238][   T54] Bluetooth: hci6: command tx timeout
[  527.850274][ T9835] libceph: connect (1)[c::]:6789 error -101
[  527.857419][ T9835] libceph: mon0 (1)[c::]:6789 connect error
[  527.983586][ T9835] libceph: connect (1)[c::]:6789 error -101
[  528.074391][T10281] ceph: No mds server is up or the cluster is laggy
[  528.110045][ T9835] libceph: mon0 (1)[c::]:6789 connect error
[  528.607272][ T5230] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  528.622180][ T5230] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  528.632940][ T5230] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  528.651752][ T5230] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  528.665302][ T5230] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  528.680193][ T5230] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  528.849147][ T5684] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.160827][ T5684] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.216832][T10257] veth0_vlan: entered promiscuous mode
[  529.327116][ T5684] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.555538][ T5684] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.781229][T10257] veth1_vlan: entered promiscuous mode
[  529.992917][ T5230] Bluetooth: hci6: command tx timeout
[  530.713579][ T5230] Bluetooth: hci2: command tx timeout
[  530.719689][T10257] veth0_macvtap: entered promiscuous mode
[  530.863013][ T5264] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  530.884364][T10257] veth1_macvtap: entered promiscuous mode
[  531.064103][ T5264] usb 4-1: Using ep0 maxpacket: 32
[  531.092224][ T5264] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  531.179695][ T5264] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.209237][ T5264] usb 4-1: Product: syz
[  531.218047][ T5264] usb 4-1: Manufacturer: syz
[  531.259019][ T5264] usb 4-1: SerialNumber: syz
[  531.336900][ T5264] usb 4-1: config 0 descriptor??
[  531.373549][ T5264] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  531.450552][T10333] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  532.041395][ T5684] team0: Port device bond0 removed
[  532.049153][ T5684] bond0 (unregistering): Released all slaves
[  532.073392][ T5230] Bluetooth: hci6: command tx timeout
[  532.210865][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.235958][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.246125][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.259774][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.269953][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.280599][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.290750][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.301450][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.337392][T10257] batman_adv: batadv0: Interface activated: batadv_slave_0
[  532.352216][T10314] chnl_net:caif_netlink_parms(): no params data found
[  532.372750][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.386138][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.396952][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.408927][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.419086][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.442292][T10352] netlink: 'syz.2.1215': attribute type 1 has an invalid length.
[  532.450247][T10352] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1215'.
[  532.474657][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.498631][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.509882][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.521373][T10257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.532086][T10257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.551932][T10257] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.615684][T10355] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  532.626197][T10355] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  532.635321][T10355] overlayfs: missing 'lowerdir'
[  532.641129][T10354] netlink: 'syz.2.1216': attribute type 21 has an invalid length.
[  532.649962][T10354] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1216'.
[  532.799029][T10257] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  532.803547][ T5230] Bluetooth: hci2: command tx timeout
[  532.808992][T10257] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  532.822625][T10257] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  532.831506][T10257] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  532.938645][T10314] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.946792][ T5269] libceph: connect (1)[c::]:6789 error -101
[  532.956711][ T5269] libceph: mon0 (1)[c::]:6789 connect error
[  532.969360][T10314] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.016591][T10314] bridge_slave_0: entered allmulticast mode
[  533.061830][T10314] bridge_slave_0: entered promiscuous mode
[  533.108037][ T5264] gspca_stk1135: reg_w 0x200 err -71
[  533.138556][T10367] netlink: 'syz.2.1218': attribute type 1 has an invalid length.
[  533.147605][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.154455][T10367] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1218'.
[  533.163770][ T5264] gspca_stk1135: Sensor write failed
[  533.171855][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.179901][ T5684] hsr_slave_0: left promiscuous mode
[  533.191494][T10367] netlink: 'syz.2.1218': attribute type 1 has an invalid length.
[  533.203756][ T5684] hsr_slave_1: left promiscuous mode
[  533.212304][ T5264] gspca_stk1135: Sensor write failed
[  533.228327][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.238262][T10367] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1218'.
[  533.247540][ T5264] gspca_stk1135: Sensor read failed
[  533.252959][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.261570][ T5264] gspca_stk1135: Sensor read failed
[  533.275831][ T5264] gspca_stk1135: Detected sensor type unknown (0x0)
[  533.291589][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.303619][ T5264] gspca_stk1135: Sensor read failed
[  533.311279][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.311411][ T5684] veth1_macvtap: left promiscuous mode
[  533.323017][ T5264] gspca_stk1135: Sensor read failed
[  533.328874][ T5269] libceph: connect (1)[c::]:6789 error -101
[  533.340901][ T5269] libceph: mon0 (1)[c::]:6789 connect error
[  533.345275][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.354688][ T5684] veth0_macvtap: left promiscuous mode
[  533.360267][ T5264] gspca_stk1135: Sensor write failed
[  533.360441][ T5684] veth1_vlan: left promiscuous mode
[  533.371187][ T5264] gspca_stk1135: serial bus timeout: status=0x00
[  533.376861][ T5684] veth0_vlan: left promiscuous mode
[  533.397785][ T5264] gspca_stk1135: Sensor write failed
[  533.406878][ T5264] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  533.447295][ T5264] usb 4-1: USB disconnect, device number 19
[  533.578065][T10361] ceph: No mds server is up or the cluster is laggy
[  534.629730][T10386] overlayfs: overlapping lowerdir path
[  534.875593][ T5230] Bluetooth: hci2: command tx timeout
[  535.271017][T10314] bridge0: port 2(bridge_slave_1) entered blocking state
[  535.279507][T10314] bridge0: port 2(bridge_slave_1) entered disabled state
[  535.287125][T10314] bridge_slave_1: entered allmulticast mode
[  535.294621][T10314] bridge_slave_1: entered promiscuous mode
[  535.327140][T10379] nicvf0: tun_chr_ioctl cmd 1074025677
[  535.351875][T10379] nicvf0: linktype set to 827
[  536.194189][T10314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  536.445303][T10314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  536.501689][ T1067] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  536.513085][ T1067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  536.690534][T10314] team0: Port device team_slave_0 added
[  536.728623][T10314] team0: Port device team_slave_1 added
[  536.833237][T10403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1225'.
[  536.988801][ T5230] Bluetooth: hci2: command tx timeout
[  537.351398][T10314] batman_adv: batadv0: Adding interface: batadv_slave_0
[  537.378388][T10314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  537.494765][T10314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  537.629615][T10413] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  538.139965][T10314] batman_adv: batadv0: Adding interface: batadv_slave_1
[  538.201135][T10314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  538.228330][ T2990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.267607][ T2990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.283548][T10314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  538.294583][ T5230] Bluetooth: hci4: unexpected event for opcode 0x2060
[  538.475248][T10314] hsr_slave_0: entered promiscuous mode
[  538.486272][T10314] hsr_slave_1: entered promiscuous mode
[  538.498751][T10314] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  538.517953][T10314] Cannot create hsr debugfs directory
[  538.955345][T10433] program syz.2.1234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  539.242941][  T942] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  539.455267][  T942] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  539.473017][  T942] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  539.492463][  T942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.537620][  T942] gspca_main: stv0680-2.14.0 probing 041e:4007
[  539.586409][T10314] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  539.619519][T10314] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  539.641078][T10314] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  539.660185][T10314] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  539.807059][T10314] 8021q: adding VLAN 0 to HW filter on device bond0
[  539.856032][T10314] 8021q: adding VLAN 0 to HW filter on device team0
[  539.870773][ T5684] bridge0: port 1(bridge_slave_0) entered blocking state
[  539.877983][ T5684] bridge0: port 1(bridge_slave_0) entered forwarding state
[  539.899095][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  539.906381][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  539.927429][T10452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1240'.
[  540.088734][T10456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  540.089195][T10456] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  540.532552][T10314] 8021q: adding VLAN 0 to HW filter on device batadv0
[  540.637865][  T942] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  540.655285][T10314] veth0_vlan: entered promiscuous mode
[  540.678099][  T942] stv0680 3-1:4.0: STV(e): camera ping failed!!
[  540.702632][  T942] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  540.731794][  T942] stv0680 3-1:4.0: last error: 0,  command = 0x0
[  540.750601][  T942] usb 3-1: USB disconnect, device number 45
[  540.755611][T10314] veth1_vlan: entered promiscuous mode
[  540.886660][T10314] veth0_macvtap: entered promiscuous mode
[  540.927397][T10314] veth1_macvtap: entered promiscuous mode
[  541.000075][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  541.041505][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.061884][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  541.092919][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.143935][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  541.167168][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.188582][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  541.212876][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.232858][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  541.252933][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.300391][T10314] batman_adv: batadv0: Interface activated: batadv_slave_0
[  541.326619][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.354497][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.418346][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.455802][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.470059][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.491457][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.504751][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.517251][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.529791][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.540978][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.552409][T10314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.563680][T10314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.573910][  T942] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  541.586063][T10314] batman_adv: batadv0: Interface activated: batadv_slave_1
[  541.627555][T10314] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  541.649324][T10314] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  541.674405][T10314] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  541.698436][T10314] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  541.765032][  T942] usb 3-1: Using ep0 maxpacket: 32
[  541.791246][  T942] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  541.822960][  T942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.847119][  T942] usb 3-1: Product: syz
[  541.876619][  T942] usb 3-1: Manufacturer: syz
[  541.905821][  T942] usb 3-1: SerialNumber: syz
[  541.953957][  T942] usb 3-1: config 0 descriptor??
[  541.981306][  T942] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  542.024987][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  542.064307][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.168103][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  542.188700][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.561674][T10494] FAULT_INJECTION: forcing a failure.
[  542.561674][T10494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.584806][T10494] CPU: 1 UID: 0 PID: 10494 Comm: syz.1.1251 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  542.595617][T10494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  542.605700][T10494] Call Trace:
[  542.609163][T10494]  <TASK>
[  542.612110][T10494]  dump_stack_lvl+0x241/0x360
[  542.616849][T10494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.621959][T10499] tipc: Started in network mode
[  542.622066][T10494]  ? __pfx__printk+0x10/0x10
[  542.622101][T10494]  ? __pfx_lock_release+0x10/0x10
[  542.627396][T10499] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  542.631688][T10494]  should_fail_ex+0x3b0/0x4e0
[  542.631728][T10494]  _copy_from_user+0x2f/0xe0
[  542.649059][T10499] tipc: New replicast peer: fe80:0000:0000:0000:1600:0000:0000:00bb
[  542.650528][T10494]  copy_msghdr_from_user+0xae/0x680
[  542.656616][T10499] tipc: Enabled bearer <udp:s>, priority 10
[  542.663204][T10494]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  542.663256][T10494]  ? __asan_memset+0x23/0x50
[  542.663281][T10494]  do_recvmmsg+0x40f/0xae0
[  542.663302][T10494]  ? mark_lock+0x9a/0x350
[  542.663333][T10494]  ? __pfx_do_recvmmsg+0x10/0x10
[  542.663377][T10494]  ? __pfx___might_resched+0x10/0x10
[  542.663398][T10494]  ? __might_fault+0xaa/0x120
[  542.663418][T10494]  ? __pfx_lock_release+0x10/0x10
[  542.663436][T10494]  ? vfs_write+0x7c4/0xc90
[  542.663467][T10494]  ? get_timespec64+0x19c/0x280
[  542.663505][T10494]  __x64_sys_recvmmsg+0x1b8/0x250
[  542.663529][T10494]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  542.733562][T10494]  ? do_syscall_64+0x100/0x230
[  542.738336][T10494]  ? do_syscall_64+0xb6/0x230
[  542.743013][T10494]  do_syscall_64+0xf3/0x230
[  542.747513][T10494]  ? clear_bhb_loop+0x35/0x90
[  542.752192][T10494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.758079][T10494] RIP: 0033:0x7f693fd779f9
[  542.762496][T10494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.782275][T10494] RSP: 002b:00007f693f7ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  542.790722][T10494] RAX: ffffffffffffffda RBX: 00007f693ff05f80 RCX: 00007f693fd779f9
[  542.798695][T10494] RDX: 0000000000000001 RSI: 0000000020000140 RDI: 0000000000000004
[  542.806676][T10494] RBP: 00007f693f7ff090 R08: 0000000020004f80 R09: 0000000000000000
[  542.814663][T10494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.823069][T10494] R13: 0000000000000000 R14: 00007f693ff05f80 R15: 00007ffe0f759768
[  542.831050][T10494]  </TASK>
[  543.191257][ T5266] libceph: connect (1)[c::]:6789 error -101
[  543.266895][ T5266] libceph: mon0 (1)[c::]:6789 connect error
[  543.533408][ T5266] libceph: connect (1)[c::]:6789 error -101
[  543.551355][ T5266] libceph: mon0 (1)[c::]:6789 connect error
[  543.774243][ T5266] tipc: Node number set to 1
[  543.813001][ T5269] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  543.919178][  T942] gspca_stk1135: reg_w 0x200 err -71
[  543.955647][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  543.981070][  T942] gspca_stk1135: Sensor write failed
[  543.991038][T10511] ceph: No mds server is up or the cluster is laggy
[  544.003456][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.009851][  T942] gspca_stk1135: Sensor write failed
[  544.034135][ T5269] usb 4-1: Using ep0 maxpacket: 16
[  544.041537][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.043112][ T5269] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.063251][ T5269] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.104452][ T5264] libceph: connect (1)[c::]:6789 error -101
[  544.137972][  T942] gspca_stk1135: Sensor read failed
[  544.144950][ T5264] libceph: mon0 (1)[c::]:6789 connect error
[  544.161534][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.172143][ T5269] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  544.196262][ T5269] usb 4-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  544.230543][ T5269] usb 4-1: Product: syz
[  544.233328][  T942] gspca_stk1135: Sensor read failed
[  544.259765][ T5269] usb 4-1: Manufacturer: syz
[  544.262855][  T942] gspca_stk1135: Detected sensor type unknown (0x0)
[  544.281512][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.311177][  T942] gspca_stk1135: Sensor read failed
[  544.322479][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.346042][  T942] gspca_stk1135: Sensor read failed
[  544.352489][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.363660][  T942] gspca_stk1135: Sensor write failed
[  544.371089][  T942] gspca_stk1135: serial bus timeout: status=0x00
[  544.379443][ T5269] usb 4-1: config 0 descriptor??
[  544.418903][  T942] gspca_stk1135: Sensor write failed
[  544.430795][  T942] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  544.466774][  T942] usb 3-1: USB disconnect, device number 46
[  544.841507][ T5269] kovaplus 0003:1E7D:2D50.0010: unknown main item tag 0xd
[  544.906779][T10537] fuse: Bad value for 'fd'
[  544.917228][ T5269] kovaplus 0003:1E7D:2D50.0010: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.3-1/input0
[  545.013032][  T942] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  545.184208][  T942] usb 3-1: device descriptor read/64, error -71
[  545.211857][T10546] tmpfs: Unknown parameter 'nr_inodesÓ'
[  545.463046][  T942] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  545.634205][  T942] usb 3-1: device descriptor read/64, error -71
[  545.764736][  T942] usb usb3-port1: attempt power cycle
[  546.385764][  T942] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  546.423959][  T942] usb 3-1: device descriptor read/8, error -71
[  546.437731][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.608618][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.725245][  T942] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  546.803898][  T942] usb 3-1: device descriptor read/8, error -71
[  546.811835][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.955433][  T942] usb usb3-port1: unable to enumerate USB device
[  547.106560][   T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  547.120611][   T54] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  547.126852][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.134799][   T54] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  547.147399][   T54] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  547.156848][   T54] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  547.164344][ T5269] kovaplus 0003:1E7D:2D50.0010: couldn't init struct kovaplus_device
[  547.172501][ T5269] kovaplus 0003:1E7D:2D50.0010: couldn't install mouse
[  547.185156][   T54] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  547.225517][ T5269] kovaplus 0003:1E7D:2D50.0010: probe with driver kovaplus failed with error -71
[  547.256271][ T5269] usb 4-1: USB disconnect, device number 20
[  547.338124][ T5296] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  547.543047][ T5296] usb 1-1: Using ep0 maxpacket: 32
[  547.564757][ T5296] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  547.586548][ T5296] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.595373][ T5296] usb 1-1: Product: syz
[  547.599681][ T5296] usb 1-1: Manufacturer: syz
[  547.605460][ T5296] usb 1-1: SerialNumber: syz
[  547.631417][ T5296] usb 1-1: config 0 descriptor??
[  547.644882][ T5296] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  547.694311][   T12] bridge_slave_1: left allmulticast mode
[  547.700030][   T12] bridge_slave_1: left promiscuous mode
[  547.706318][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.728956][   T12] bridge_slave_0: left allmulticast mode
[  547.735698][   T12] bridge_slave_0: left promiscuous mode
[  547.742847][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.844238][   T58] usb 4-1: new low-speed USB device number 21 using dummy_hcd
[  548.073729][   T58] usb 4-1: Invalid ep0 maxpacket: 16
[  548.282517][   T58] usb 4-1: new low-speed USB device number 22 using dummy_hcd
[  548.486033][   T58] usb 4-1: Invalid ep0 maxpacket: 16
[  548.493810][   T58] usb usb4-port1: attempt power cycle
[  548.633420][   T30] INFO: task syz.0.718:8550 blocked for more than 143 seconds.
[  548.647774][   T30]       Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  548.666140][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  548.679480][   T30] task:syz.0.718       state:D stack:24672 pid:8550  tgid:8550  ppid:6433   flags:0x00004004
[  548.697459][   T30] Call Trace:
[  548.700977][   T30]  <TASK>
[  548.706423][   T30]  __schedule+0x17ae/0x4a10
[  548.712341][   T30]  ? __pfx___schedule+0x10/0x10
[  548.722253][   T30]  ? __pfx_lock_release+0x10/0x10
[  548.892894][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  548.899059][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  548.906163][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  548.911360][   T30]  ? schedule+0x90/0x320
[  548.922434][   T30]  schedule+0x14b/0x320
[  548.933051][   T58] usb 4-1: new low-speed USB device number 23 using dummy_hcd
[  548.969606][   T30]  ? do_exit+0x4ff/0x27f0
[  548.984063][   T30]  do_exit+0x57c/0x27f0
[  549.002252][   T30]  ? __pfx_do_exit+0x10/0x10
[  549.122898][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  549.128582][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  549.182582][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  549.212858][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  549.218143][   T30]  do_group_exit+0x207/0x2c0
[  549.283845][ T5230] Bluetooth: hci6: command tx timeout
[  549.290737][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.352961][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  549.375299][   T30]  get_signal+0x1695/0x1730
[  549.380004][   T30]  ? __pfx_get_signal+0x10/0x10
[  549.383084][ T5296] gspca_stk1135: reg_w 0xd err -110
[  549.391162][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.401658][   T30]  arch_do_signal_or_restart+0x96/0x860
[  549.401675][ T5296] gspca_stk1135: Sensor write failed
[  549.401700][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  549.434572][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.441012][ T5296] gspca_stk1135: Sensor write failed
[  549.446592][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  549.452686][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  549.457321][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.466068][   T58] usb 4-1: device descriptor read/8, error -71
[  549.470613][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  549.479231][ T5296] gspca_stk1135: Sensor read failed
[  549.480102][   T30]  do_syscall_64+0x100/0x230
[  549.484544][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.484559][ T5296] gspca_stk1135: Sensor read failed
[  549.484568][ T5296] gspca_stk1135: Detected sensor type unknown (0x0)
[  549.484596][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.484606][ T5296] gspca_stk1135: Sensor read failed
[  549.484629][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.484639][ T5296] gspca_stk1135: Sensor read failed
[  549.484661][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.484672][ T5296] gspca_stk1135: Sensor write failed
[  549.484693][ T5296] gspca_stk1135: serial bus timeout: status=0x00
[  549.484704][ T5296] gspca_stk1135: Sensor write failed
[  549.484777][ T5296] stk1135 1-1:0.0: probe with driver stk1135 failed with error -110
[  549.496929][   T30]  ? clear_bhb_loop+0x35/0x90
[  549.569736][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.575703][   T30] RIP: 0033:0x7fae71b779f9
[  549.580105][   T30] RSP: 002b:00007ffd6753af18 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  549.588732][   T30] RAX: fffffffffffffdfc RBX: 000000000005e8cf RCX: 00007fae71b779f9
[  549.597880][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fae71d06064
[  549.605934][   T30] RBP: 00007fae71d06064 R08: 00007fae71d05f80 R09: 00007ffd6753b1ff
[  549.613954][   T30] R10: 00007ffd6753b010 R11: 0000000000000246 R12: 0000000000000032
[  549.621974][   T30] R13: 00007ffd6753b010 R14: 00007ffd6753b030 R15: 000000000005e89d
[  549.630211][   T30]  </TASK>
[  549.633305][   T30] INFO: task syz.0.718:8553 blocked for more than 144 seconds.
[  549.640994][   T30]       Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  549.650019][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  549.658946][   T30] task:syz.0.718       state:D stack:27424 pid:8553  tgid:8550  ppid:6433   flags:0x00000006
[  549.670443][   T30] Call Trace:
[  549.680585][   T30]  <TASK>
[  549.684094][   T30]  __schedule+0x17ae/0x4a10
[  549.688641][   T30]  ? __pfx___schedule+0x10/0x10
[  549.693691][   T30]  ? __pfx_lock_release+0x10/0x10
[  549.698792][   T30]  ? schedule+0x90/0x320
[  549.703184][   T30]  schedule+0x14b/0x320
[  549.707360][   T30]  schedule_timeout+0xb0/0x310
[  549.712146][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  549.717658][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  549.723925][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.729147][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  549.734387][   T30]  __wait_for_common+0x3ea/0x6d0
[  549.739325][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  549.744758][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  549.750313][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  549.755526][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.760712][   T30]  wait_for_completion_state+0x1c/0x40
[  549.770790][   T30]  do_coredump+0x984/0x2a30
[  549.775370][   T30]  ? __pfx_lock_release+0x10/0x10
[  549.780387][   T30]  ? __kasan_slab_free+0x37/0x60
[  549.785351][   T30]  ? arch_do_signal_or_restart+0x96/0x860
[  549.791089][   T30]  ? __pfx_do_coredump+0x10/0x10
[  549.796341][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.801564][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  549.807010][   T30]  get_signal+0x13ee/0x1730
[  549.811587][   T30]  ? __pfx_get_signal+0x10/0x10
[  549.816646][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  549.822616][   T30]  arch_do_signal_or_restart+0x96/0x860
[  549.828397][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  549.834666][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  549.840673][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  549.846527][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  549.852072][   T30]  do_syscall_64+0x100/0x230
[  549.856723][   T30]  ? clear_bhb_loop+0x35/0x90
[  549.861496][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.867419][   T30] RIP: 0033:0x7fae71b779f9
[  549.875762][   T30] RSP: 002b:00007fae729ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  549.884287][   T30] RAX: 00000000000000ca RBX: 00007fae71d06060 RCX: 00007fae71b779f9
[  549.892350][   T30] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fae71d06064
[  549.900342][   T30] RBP: 00007fae71d06058 R08: 7fffffffffffffff R09: 0000000000000000
[  549.908356][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae71d06064
[  549.917891][   T30] R13: 0000000000000000 R14: 00007ffd6753acd0 R15: 00007ffd6753adb8
[  549.925934][   T30]  </TASK>
[  549.929075][   T30] 
[  549.929075][   T30] Showing all locks held in the system:
[  549.937941][   T30] 5 locks held by kworker/u8:1/12:
[  549.943273][   T30] 1 lock held by khungtaskd/30:
[  549.959122][   T30]  #0: ffffffff8e7382a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  549.999590][   T30] 6 locks held by kworker/1:2/58:
[  550.004891][   T30]  #0: ffff88801868ed48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  550.038776][   T30]  #1: ffffc9000133fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  550.072914][   T30]  #2: ffff888023d14190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  550.102927][   T30]  #3: ffff888023d17518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b6/0x5150
[  550.132896][   T30]  #4: ffff88802330f468 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f4/0x5150
[  550.142643][   T30]  #5: ffffffff8f33d530 (ehci_cf_port_reset_rwsem){.+.+}-{3:3}, at: hub_port_reset+0x1f8/0x1b30
[  550.202867][   T30] 3 locks held by kworker/u8:6/1067:
[  550.208227][   T30] 2 locks held by kworker/u8:8/2990:
[  550.241268][   T30]  #0: ffff888015489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  550.271870][   T30]  #1: ffffc90009d97d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  550.322048][   T30] 2 locks held by getty/4970:
[  550.326848][   T30]  #0: ffff88802b37f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  550.336800][   T30]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  550.347192][   T30] 3 locks held by kworker/1:4/5269:
[  550.352401][   T30]  #0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  550.363657][   T30]  #1: ffffc90004177d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  550.375158][   T30]  #2: ffffffff8fa6fa48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  550.386820][   T30] 3 locks held by kworker/u8:12/6208:
[  550.392255][   T30]  #0: ffff888015489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  550.404597][   T30]  #1: ffffc90004bbfd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  550.415653][   T30]  #2: ffffffff8fa6fa48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  550.424740][   T30] 2 locks held by syz.0.718/8551:
[  550.429824][   T30]  #0: ffffffff8fad51b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  550.438069][   T30]  #1: ffffffff8ea054e8 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90
[  550.448348][   T30] 1 lock held by syz.3.755/8671:
[  550.453338][   T30]  #0: ffffffff8fa6fa48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  550.462342][   T30] 2 locks held by kworker/1:3/8975:
[  550.467661][   T30]  #0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  550.478850][   T30]  #1: ffffc90004e9fd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  550.491533][   T30] 1 lock held by syz.1.995/9563:
[  550.496586][   T30]  #0: ffffffff8fa6fa48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  550.505688][   T30] 2 locks held by syz.4.1159/10137:
[  550.510897][   T30]  #0: ffffffff8fad51b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  550.520489][   T30]  #1: ffffffff8ea054e8 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90
[  550.531009][   T30] 3 locks held by syz.0.1271/10562:
[  550.536330][   T30]  #0: ffff88807b5ecd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[  550.546315][   T30]  #1: ffff88807b5ec078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[  550.556482][   T30]  #2: ffffffff8fbdb368 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[  550.566725][   T30] 1 lock held by syz-executor/10563:
[  550.571995][   T30]  #0: ffffffff8fa6fa48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  550.581433][   T30] 2 locks held by syz.2.1280/10588:
[  550.589518][   T30]  #0: ffffffff8fad51b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  550.597947][   T30]  #1: ffffffff8fa6fa48 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0x394/0x910
[  550.607993][   T30] 
[  550.610329][   T30] =============================================
[  550.610329][   T30] 
[  550.618976][   T30] NMI backtrace for cpu 0
[  550.623765][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  550.634380][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  550.644718][   T30] Call Trace:
[  550.648363][   T30]  <TASK>
[  550.651310][   T30]  dump_stack_lvl+0x241/0x360
[  550.656016][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  550.661680][   T30]  ? __pfx__printk+0x10/0x10
[  550.666365][   T30]  ? vprintk_emit+0x631/0x770
[  550.671145][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  550.676448][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  550.681395][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  550.686847][   T30]  ? _printk+0xd5/0x120
[  550.691005][   T30]  ? __pfx__printk+0x10/0x10
[  550.695599][   T30]  ? __wake_up_klogd+0xcc/0x110
[  550.700444][   T30]  ? __pfx__printk+0x10/0x10
[  550.705034][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  550.710137][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  550.716111][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  550.722237][   T30]  watchdog+0xfee/0x1030
[  550.726483][   T30]  ? watchdog+0x1ea/0x1030
[  550.730904][   T30]  ? __pfx_watchdog+0x10/0x10
[  550.735573][   T30]  kthread+0x2f0/0x390
[  550.739639][   T30]  ? __pfx_watchdog+0x10/0x10
[  550.744310][   T30]  ? __pfx_kthread+0x10/0x10
[  550.748895][   T30]  ret_from_fork+0x4b/0x80
[  550.753305][   T30]  ? __pfx_kthread+0x10/0x10
[  550.757889][   T30]  ret_from_fork_asm+0x1a/0x30
[  550.762661][   T30]  </TASK>
[  550.766791][   T30] Sending NMI from CPU 0 to CPUs 1:
[  550.772039][    C1] NMI backtrace for cpu 1
[  550.772052][    C1] CPU: 1 UID: 0 PID: 5682 Comm: kworker/u8:9 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  550.772072][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  550.772083][    C1] Workqueue: bat_events batadv_nc_worker
[  550.772109][    C1] RIP: 0010:rcu_is_watching+0x44/0xb0
[  550.772134][    C1] Code: 73 7a 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 40 ea 07 8e 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8c e6 7d 00 <48> c7 c3 78 7c 03 00 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38
[  550.772148][    C1] RSP: 0018:ffffc900097af940 EFLAGS: 00000246
[  550.772161][    C1] RAX: 1ffffffff1c0fd49 RBX: 0000000000000001 RCX: ffffffff816fe240
[  550.772174][    C1] RDX: 0000000000000000 RSI: ffffffff8c3f9060 RDI: ffffffff8c3f9020
[  550.772185][    C1] RBP: ffffc900097afa98 R08: ffffffff8ff69def R09: 1ffffffff1fed3bd
[  550.772198][    C1] R10: dffffc0000000000 R11: fffffbfff1fed3be R12: 1ffff920012f5f38
[  550.772210][    C1] R13: ffffffff8b783d3f R14: ffffffff8e07ea48 R15: dffffc0000000000
[  550.772223][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  550.772237][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  550.772248][    C1] CR2: 00007f693f7ddf98 CR3: 000000000e534000 CR4: 00000000003526f0
[  550.772263][    C1] DR0: 0000000000000000 DR1: 00000000872c9164 DR2: 0000000000000000
[  550.772273][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  550.772283][    C1] Call Trace:
[  550.772289][    C1]  <NMI>
[  550.772297][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  550.772316][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  550.772340][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  550.772358][    C1]  ? nmi_handle+0x2a/0x5a0
[  550.772383][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  550.772403][    C1]  ? nmi_handle+0x14f/0x5a0
[  550.772418][    C1]  ? nmi_handle+0x2a/0x5a0
[  550.772434][    C1]  ? rcu_is_watching+0x44/0xb0
[  550.772455][    C1]  ? default_do_nmi+0x63/0x160
[  550.772475][    C1]  ? exc_nmi+0x123/0x1f0
[  550.772492][    C1]  ? end_repeat_nmi+0xf/0x53
[  550.772510][    C1]  ? batadv_nc_purge_paths+0x30f/0x3b0
[  550.772534][    C1]  ? lock_release+0xb0/0xa30
[  550.772555][    C1]  ? rcu_is_watching+0x44/0xb0
[  550.772578][    C1]  ? rcu_is_watching+0x44/0xb0
[  550.772600][    C1]  ? rcu_is_watching+0x44/0xb0
[  550.772623][    C1]  </NMI>
[  550.772628][    C1]  <TASK>
[  550.772633][    C1]  ? batadv_nc_purge_paths+0x30f/0x3b0
[  550.772662][    C1]  lock_release+0xbf/0xa30
[  550.772685][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  550.772707][    C1]  ? __pfx_lock_release+0x10/0x10
[  550.772726][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  550.772744][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  550.772769][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  550.772787][    C1]  ? batadv_nc_purge_paths+0xe8/0x3b0
[  550.772807][    C1]  ? batadv_nc_purge_paths+0x30f/0x3b0
[  550.772827][    C1]  _raw_spin_unlock_bh+0x1b/0x40
[  550.772847][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_decoding+0x10/0x10
[  550.772869][    C1]  batadv_nc_purge_paths+0x30f/0x3b0
[  550.772899][    C1]  batadv_nc_worker+0x365/0x610
[  550.772924][    C1]  ? process_scheduled_works+0x945/0x1830
[  550.772946][    C1]  process_scheduled_works+0xa2c/0x1830
[  550.772985][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  550.773010][    C1]  ? assign_work+0x364/0x3d0
[  550.773035][    C1]  worker_thread+0x86d/0xd40
[  550.773067][    C1]  ? __kthread_parkme+0x169/0x1d0
[  550.773093][    C1]  ? __pfx_worker_thread+0x10/0x10
[  550.773114][    C1]  kthread+0x2f0/0x390
[  550.773137][    C1]  ? __pfx_worker_thread+0x10/0x10
[  550.773159][    C1]  ? __pfx_kthread+0x10/0x10
[  550.773184][    C1]  ret_from_fork+0x4b/0x80
[  550.773208][    C1]  ? __pfx_kthread+0x10/0x10
[  550.773231][    C1]  ret_from_fork_asm+0x1a/0x30
[  550.773265][    C1]  </TASK>
[  551.141898][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  551.148774][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[  551.159372][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  551.169421][   T30] Call Trace:
[  551.172692][   T30]  <TASK>
[  551.175614][   T30]  dump_stack_lvl+0x241/0x360
[  551.180298][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  551.185490][   T30]  ? __pfx__printk+0x10/0x10
[  551.190066][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  551.196049][   T30]  ? vscnprintf+0x5d/0x90
[  551.200399][   T30]  panic+0x349/0x860
[  551.204302][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  551.210451][   T30]  ? __pfx_panic+0x10/0x10
[  551.214860][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  551.220223][   T30]  ? __irq_work_queue_local+0x137/0x410
[  551.225764][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  551.231127][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  551.237272][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  551.243419][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  551.249562][   T30]  watchdog+0x102d/0x1030
[  551.253888][   T30]  ? watchdog+0x1ea/0x1030
[  551.258302][   T30]  ? __pfx_watchdog+0x10/0x10
[  551.262972][   T30]  kthread+0x2f0/0x390
[  551.267033][   T30]  ? __pfx_watchdog+0x10/0x10
[  551.271701][   T30]  ? __pfx_kthread+0x10/0x10
[  551.276288][   T30]  ret_from_fork+0x4b/0x80
[  551.280696][   T30]  ? __pfx_kthread+0x10/0x10
[  551.285283][   T30]  ret_from_fork_asm+0x1a/0x30
[  551.290048][   T30]  </TASK>
[  551.293387][   T30] Kernel Offset: disabled
[  551.297700][   T30] Rebooting in 86400 seconds..