last executing test programs:

37.721864688s ago: executing program 2 (id=1800):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
ioctl$KVM_SET_MSRS(r4, 0x4048aecb, &(0x7f0000000400)=ANY=[@ANYRES64=r0, @ANYRES64, @ANYRES8])

36.448311406s ago: executing program 2 (id=1803):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x24, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x2c, 0xc0, 0x3, 0x0, [{@multicast1}, {@dev, 0x659}, {@broadcast, 0x8000}, {@empty}, {@private=0xfffffffd, 0x7}]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {}, {@broadcast}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
getrlimit(0x0, &(0x7f0000000340))
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r7, 0x4004ae99, &(0x7f00000001c0)=0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x40)
sendmsg$unix(r8, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
setsockopt$sock_int(r9, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmmsg(r9, &(0x7f0000001140), 0x700, 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000e40)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67669c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa497ee129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794d7bc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb6", 0x216, 0x0, 0x0, 0x0)

33.890227147s ago: executing program 2 (id=1811):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2a, 0x0, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000005dc0)=[{{0x0, 0x0, 0x0}}], 0x4000000000002b1, 0x0, 0x0)
connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r7, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_PEER_PORT={0x6}]}, 0x24}}, 0x0)
sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB, @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
sendfile(r1, r0, &(0x7f00000000c0)=0x8b, 0x100000500)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
fsetxattr(0xffffffffffffffff, 0x0, &(0x7f0000000380)='\x00\x00o;\xc8\xdd1\xa4lB&\xa9\xb6\x06\x06\x99\t\xf5\x10\x17\'\xcaV\xab\\rw9+\xba\tl|\xde\x93\xea\x95A}\x89\x82\x8c\n<a\xa2{j\nz=>N\x97\xbf\xab\xa4_\xc2\x17\xe7+\xc5\xfe\x16-\xdd\xa7\x00\xfe\xa0\xa2\xbdUw\x01\x80\x92\xea\x15\xc2opg\xee\xbd\t\xba\x9d\x98\x983\xfd\v\xc1\xbd\x1e\xd5h\xc3@\xda\xee\x97\xd5~\xee\xd6$\xc6\x8c\x01l\x1e\xd3\x1f\xe4<\xee\b\xe4\x16\xc3Ku\x84\xcd\x89\xb8\x1bF\xcd\r\xbc\xc0\xbb\xf5Q\x06\xb71>\xcd\xdb\x0f\x8c\x14\xc5\t\x92m/u,^\xe6\xc7V\xca|;j\xc1\xf4$\xe1A\x17\xeb\xf1M\x8c\x82\\\x89\x89\x00\x98\xadr\xd4\x86;\xed+\x899\x8a\xe9\x18\xb4]a\xd2\x15\x93\x84\x8b\x85\xae\'\xf4\xc9\xcb\x8c\'\x88\xff\x02\b\xaf\xe9vc\x9au\xba\xce]\x85\x98>\xa6\xe1\xc0)\xff`\xdepJ\x95E\x98\xa6pu\xbdh\xa2\xe3\x9d\x85\x19El\xf4aO\xb7\xcd\x15', 0xfc, 0x0)
ioctl$VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f00000000c0)={0x0, 0x0, 0x0, "b75cbb1844038d2cd97c945462f31638b5394c00"})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

32.377205876s ago: executing program 2 (id=1815):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
get_mempolicy(0x0, &(0x7f0000001040), 0x7, &(0x7f0000ffd000/0x3000)=nil, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6erspan0\x00', <r1=>0x0})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000010950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836801ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d09a0a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a504a0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x8, 0x10002, 0x3c00, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9}, 0x48)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000007000010000000100010000000700", @ANYRES32=r1, @ANYBLOB="100001800c"], 0x28}}, 0x0)

31.535821911s ago: executing program 2 (id=1823):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2f, 0x4, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev, 0x65c}, {@broadcast}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x13, 0x0, [@dev, @loopback, @multicast1, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

29.842965673s ago: executing program 2 (id=1832):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r3}, 0x10)
syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d0000052406000105240000000d240f0100000000000000000006241a"], 0x0)
recvmmsg(r2, &(0x7f00000055c0), 0x400023c, 0x302, 0x0)
r4 = dup3(r0, r1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000080), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r6, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80}], 0x1, 0x800)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r7=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0xfffffffffffffffd, 0x0, 0x0, 0x400], [0x100, 0x7fd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd74e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5, 0x0, 0x7ff]})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, 0x0, 0x0, @unused=[0x0, 0x0, 0x0, 0x60], @devid=r7})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000600)={<r8=>0x0, 0xfff, 0x0, [0x9, 0x6, 0x40000, 0xe1fc, 0x9], [0x2, 0x3, 0x80000000, 0x8, 0x9c, 0x7, 0x5, 0x0, 0x0, 0x0, 0x7fff, 0xfffffffffffffffc, 0x6, 0x200, 0xc62d, 0x28b, 0x9, 0x2, 0x20, 0x4dc0000000000000, 0x8, 0x6, 0x8000000000000000, 0xfffffffffffffff7, 0x1fffffffc0, 0x7, 0x5, 0x1, 0x4, 0x8001, 0x5, 0xcad6, 0x0, 0x0, 0x8001, 0x2, 0x4, 0x8, 0xfff, 0x8270, 0xfffffffffffffff9, 0x5, 0x47, 0xc3, 0x1, 0x4, 0x6, 0x9, 0x10001, 0xff, 0x3, 0x2, 0x2, 0x8, 0x1, 0x2, 0x400, 0x4, 0xc32, 0x0, 0x8, 0x80, 0x7, 0x81, 0x6, 0x0, 0xfffffffffffffffd, 0x4, 0x1, 0xffff, 0x9e, 0x0, 0x8, 0x4, 0x3f, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x7, 0x3, 0xd6e1, 0xba2, 0x101, 0x2, 0x844d, 0x2f, 0xffffffffffffffff, 0x80, 0x1, 0x8000, 0x1, 0xff, 0x4, 0x4, 0x6, 0x0, 0x0, 0x0, 0x3, 0x100, 0x3]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000200)={0x0, 0x4, 0x6b6})
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000a40)={<r9=>0x0, 0x7fffffffffffffff, 0x5, 0x1})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000e40)={0x14, 0x1, {0x80000000, @struct={0xf04}, r7, 0x6, 0x1993, 0x8000000000000001, 0x8, 0x800, 0x8, @struct={0x7, 0x5}, 0x300, 0x0, [0x100000001, 0x0, 0xfff, 0xa4d, 0x8, 0xfc]}, {0x0, @struct, r8, 0xe9, 0x0, 0x0, 0x8, 0x0, 0x0, @struct, 0x5, 0x4, [0x1, 0x0, 0x7, 0x6, 0x1, 0x8]}, {0x5, @usage=0x1000, r9, 0x1f, 0x6, 0x1, 0x2000000000000, 0x73, 0x5a, @usage=0x6, 0x6, 0xffffffe0, [0x4, 0x3f, 0xfffffffffffffffb, 0x7ff, 0x8, 0x3]}, {0xffffffffffffae58, 0x1, 0x10001}})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f00000012c0)={r7, 0x4, 0x6})
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000280)={r7, "ff0eb82321987d1f6984172c3623d721"})
ioctl$BTRFS_IOC_GET_DEV_STATS(r6, 0xc4089434, &(0x7f00000013c0)={r7, 0x6, 0x1, [0x3, 0x4, 0xffffffffffffff0c, 0x7, 0x7fffffffffffffff], [0x3, 0x5, 0xa, 0xfffffffffffffffb, 0x5ac, 0xffffffffffffffff, 0x1, 0x2, 0x5, 0x9, 0x5, 0x5, 0x5, 0x8, 0x7ff, 0x2, 0x6, 0x8, 0xfffffffffffffffa, 0x9, 0x5, 0x0, 0x77e4, 0x3, 0xc, 0x0, 0x80, 0x7, 0x100000001, 0x7f, 0x7f, 0x2, 0x2, 0xe5, 0xfff, 0x5cf4, 0xe8, 0x4, 0x401, 0x2, 0x9, 0x3070, 0x3, 0x10001, 0xffffffffffffff7f, 0x6, 0x1, 0x2, 0x62ad821, 0x81, 0x0, 0x5c, 0xf3, 0x5, 0x5, 0xec06, 0x4, 0x7ff, 0x4, 0x6, 0x80, 0x8000000000000001, 0x2, 0x7, 0x9, 0x0, 0xe, 0x4ea, 0x0, 0x2, 0x7, 0xbff, 0x6, 0xe0b, 0xd5ef, 0x6, 0x4c4, 0x3189, 0x874, 0x80000000, 0xe, 0x6, 0xffffffffffffffc0, 0x2b7, 0x3, 0x9, 0x81, 0x7, 0x9, 0xfe1c, 0x80000000, 0x1, 0x0, 0xe83, 0x0, 0x3502352f, 0x8, 0x40, 0x74, 0x3, 0x2, 0x8b, 0x10000, 0x401, 0x2, 0x7, 0xfffffffffffffe00, 0x8001, 0x5, 0x3, 0x8, 0x100000000, 0x2, 0xfff, 0x2800000000, 0x0, 0x5, 0x7, 0x6, 0x5, 0xffff]})
ioctl$MON_IOCG_STATS(r4, 0xc0109207, &(0x7f00000001c0))

14.051820211s ago: executing program 4 (id=1865):
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = syz_open_dev$video4linux(&(0x7f0000000140), 0x0, 0x0)
ioctl$VIDIOC_QUERYCTRL(r0, 0xc0445624, &(0x7f00000002c0)={0x0, 0x0, "e5a3d9a0fc393233c68b6616edd37ca1961a04da0e3aca83cc3c43aa33950479"})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = fsopen(&(0x7f0000000280)='vxfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000002e0000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000400007af6ff00000000000000"], 0x1c}}, 0x0)
splice(r4, &(0x7f0000000340)=0xb, r1, &(0x7f00000003c0)=0xc, 0x7, 0xe058a738a5b3e203)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/60, 0x328000, 0x800}, 0x20)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r8, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

13.743519504s ago: executing program 1 (id=1868):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000540)="0cc31a4098ddc80dadd3a0aa2bea9050d9f47bcde4cbb8170d3d61aabbdbd869e8a75ab95a3b8e8b960477dbbbbf5cb0fd4a98ea0032d054de676f19c5e1f84def57482d1b3eb94a2a1d3c0a733709610ece6cb54ae7f8c3ed385c3890244d348c9bcfb556ee478845ff23d8a9f2a492531e7c7ce719ef1983bdaf4008386323fc593be590321dbe51aa4ecabebf49ab7edb835efc0f722637337e20cc541399dc617deafa840b68f2b22e5f7c6afb3825871b966ab90a79a4d6d72f29a1e43abdf4d25f6352dfa26c576830c49b18ece887b47c37affa1c3f24fdb0e14151550796aaa09b4669e71d9f4255f63905467b709f7a7185347a078538e4443f0dad324393274e857979db0a9e3894857aacabc2f2ccd9457fda98a520e2b8c83085a206c8aea9dd18a0b66c87b3b61f95fafed84303436c7ae3782f714dc364c10102788b02d3aed05cb29fe974b75e7bf53dfd2554d7b700dcbf24a6fa021732b747a2c7d6d2a649e1ca523f91ba57da29e6e5050da7ec9466884aea64349e0c65b40bd78fe25622a5f854d351fd3282e85e37989b73e1a3b9fe874ad7131850117f285afe15040fd20cd9c861c95b2c1f9844ac1f8b3cd0a7f22269e235866434acb5f4d9d0b64301cd5b4e8c2da68caacd3f7dda0f325120ad99c05a55736067c87cceda7b850758e60ab8829b0dbfdc1ca8322e6716e643e00c2f665781461f08282a0aa366d9927036d685c3a721530dafe21e62906c5710c3214621d6374d9f5eef47eca1e5080e21832e6d639822a3bf99784f7b19e2dfaa7b8ba39dc5212c94585af38e7a50cbf6d619e3f1b8e4c17351203fa037ca4ce7ef32fd8b4387b8583ebd32a0c5aeb05fced1e492670cabc370aba18abe561e2bfcfa6d92c0c3d0419f5f4936772b6a0026a623914f09b04cf5d7c2b3ab010c676e9932f5807240a765b3d92d2bcdd63a91bd0f1c795fe0ecdda5e50ec8fd0a68115986168fb8bb67fa020ed3c416a716fb12d5d918b8522931dcf2bfd0c7bf7d9c56c490c9880309240d0c2cf1a3cafb647e1a9e1fde434cdbcae9eeac3f8c652a85d6aea69b3e9a922cb2727ed8f50e6babd152b96ca623be94c4aedf7e6848650026a7e1df48e00f45714233d9ae79f4e5e13ac220d553da26f7e7bd242d0cd26470bfb99fb84e6035bfb962368222ff72c5a8e34092cc0ecadf270882d604da1b59f09eeb28559b9fa6b91a13d5eb2084b77838ee4aaa241703b17a5e53d042879a15170a1273711989ba2b75c2a5deb21a028dbf9b1445e3ccc419ef5adc4de90be49251813b4fc886920f5ea0f6dc25f8adeabe7065fb3d6bda0aebf27d3593d541d4c101a7c2b04c2fef924f4afaccb0603f769ec075a2eea2394c61917a2fb1e13fccc32ab914321464c81b93ce9989477928c09ca498eeb0e6ef2a15d378976aaf9f069e4bf0cef9c1b81855c6f4e003ce3fdfeaba1e69821970fb5ff0a031368666229afc8f4b07b0addab6d492a6b351af1ec5ba1e78c263e0726ed3495941a28b9da32d56acfe40a32fe58f6e722f9bd647eb7cc74ba6fd4343b18956f40cc8ec68bcd7b231b9b979b8ac899dc27b44ac9a0a73fe2f12102bd6f731415aefc6d74c39f211b8e8b98980d7ffafeb3237bbcaacecc095a29c0a1f3e31824fdf23b953f46e38714615e5e531f531dac3c854c5d35c8e69be5d5c468f28d9b13c35a316ae232ddd3088ba4bc14e19263c4e7f847153633a0a850dbe4c45675e702310b83d20bfd865cda44c87389dc000ebef19b9027bc7de167130892c018e09b9b9cf264f7dc51a7ebd29bbd3e39511c9908be44330fe96f6cb202aae4c0a70bb8aa7daedc8f12e99c087f672c67a4aefd9905476ee4f1bce6f2a760d9823703c55b843d3c74b69652edcd7edeee7791fe5d7786d1745583dcd09596a661d18cada70da172e39ca7ff351ae5d5aa9ae786e0f27509b61113722c11dadb045a45a8d8caa50e44062ecbea4cadd127b1d109b2b2760e9f9760de696523c706fa4d1f0092ae1ab7af8d91f2d1eb0f62b3320b58662bf4e607ac9ebe9c04c4f2279aff0a96072024783d133476614df51e92a7f4e3bc526df588edc8b8d48e82f3d4661f3f68bdc1d657f48b29dfe6069eb30bf25fd20ed83f25528809a70438153526d2b6882890ed73cb6670cae24ae78c7291fcb63bb57cf05703a5f4fa82469d3cb374d948f5fed2946161af65ead4ae75a4b1c7cdb6b2b7afb52012623a8ba17b2044968a903b4e4ea02f90f96e09d98fcf15ddbc27732588f43af4f84589718268322693c1006105522cf4e4b69eb58aac52af881b1533b7a52424f8e9030149b080bb69ca211be12d995b054639754795346c9c9a7a3435e2d781436531da8ad3f597e0ce8391a3ccc25c0ae9f0b7a19db85f12d51773b1cd1b675a402f31f89715d14f00719f38198735d0eca672549fb1c5ea21557afa82a78a86ecf17c177b9404c7e0f99e20eb38a3c331b66f9100ddfb6207eba709e86e41f4e408da583b49435913499d83a5975cc4b074aa7174087f6eb476c33824690e65f61e41cddd742f941ece08a5031887975e473e9583d8bb1cf9ae5fae7925b8254cfd15a9f976cdc554139cfc7828a9ee62493a9316c06c53088192614732efa9e9f9956682341daa1dcf5ef824b1692e5962227a30ac75367d207d13180d01c58bb2576ff84b2f3eaaf4b14c271c508cad97f09a5ef7ffa06b87180e989e62ed4c49fec0dbd260d14320cd11f361b66fbaf73038025ac71c36525062396368bddc66ae5ebf3f3b42bf7d06a8cca2e111e527a612fb0c2f976013f3cb49f4624a3b224f4b1f34c019f0401165373078b238cdfb3ed9f192a46f41d807861effaacd8ec57023bee8b311958da9ebd37da4b8260432ce673e2960cfd85c2faa5c4eec4b63b5178b2893e6f19a07ae95a6f38498b636a189d69d8997bbc15dd7a71a8b32bd4dc4ec967ce35192dad8491bbec40ff917f9db859604796614f62f3cd203a7600d599ee90d307c5d08d202253a81766c3763387fd3271e16629e29abfb74f69ee5ff19f56b355fc4ee84c762fcaa2a37fc11c018e5e15294666c497e9b084f0320eee5728feba9c5c82e2997c0e715d9cde6a98e885478b9c14cf86a0bf93c89987a38ee981c9767b29f3e481f4c91f14aa15ec74667e334bbdce1abca24e67156a3b675e9c87c051154a509a883a079e47f8bc15a842475f44cc873ede41358cf2461d26127f0f5a4c9d219d9ab7530632882c1bdda95474ab5433dcdc3fa2e9b489fb64e9b0ff7f1d3658b48f55e9ff376ed7549e951ec1caf391c93f4f0a031daa651b79717b8a6fa01aae8c0fac3ce1bc05eae689a6b8b391a4e0fc79e6834513d3498df91fd1bbc52f3ed46be28e405c90d9d7403a47161e0682b48d33449ab82dc8e912fb3298b25b10a42b38c12ceaa26ff19950e3e043cecbff9cfd43162df856d097e5f1c9f1627e0d432e219e15b487b118e0b0d0b1dc371ba8c8c6c0204439c57b360ee82b616b36e2ba6ba44ef7f6bc899ba7fbfa103d3d193f1e995d08d723b192f6bd83d7e49622580c05e9356d160d07a9dbfb78255e2826145b6d06d148b51366965f3383ee5245b6b29fb8e08b388632f18229ff64049c3efa253d5713ae13e13fd965512f57a1d19a7782716629ecb41e645afb67b34a9af3836f76599fac7234d27eb5551e03f8a236d5ab1096f2f4eb5e9ac7867966af77d04736033e634476eb6bf0625cbc126ab9f669558a7ee1cc618a1d028ba73306f3e6ce48f0e0b531718e3ecc40f19d5d3822056264ce1010132403c3cfff140ff55270a40ac6fe6872ffba0cff2e7ce0ce86589e66f93454bcbf83b9844303bb8da5878f76e86ed1f205854e826b3efa471d76aaa7e260f082ea19baa0d0195d44a5ab4cb8d783f47129dbdfe199003a9beb67ec4df8f9ba556c8768865466fb5c123428b36a8a8b74788796bcc5057ef4568b18d35128361c00f316b6eccc59418839a902b3af26d5041dc883194754e69aa3d647fad1af599607a0966d0b0c01d61ef9267a01fe6ffee3356e529193b09818b8a1fff13ebc115df78aaaf63fc05de82b1ff03e910dfc347eda7f9837a4eb25df57b30e98a9c7482f0446719c651ddf1955099c1724151973ec8adea1de48846467b2aba8c23acd8ed7430e48c2549b77deee3db02bc1b112700ce1d014df38fa4ac37a8f0d52fb34f2827390b3181351bd38b4fa83fa93ef9c12845f4c667dc8c9beff8cd875b91281c606f727100689a6d97a134b938f44f361fc04ffb396449c9cb8c6c33d2977dc24b02e33f2bbfed13fc1ea1dd47acb96a8f37bafe4c34d08643a3b67ab94305f828625c32e1c064fe13a53988837d5d022901b513745c344aaaeaa3613423708a1b3a45dbdbd55693db754863d2c29f9a372f5426fed2c00cf55fd77945c0c5c83aeff9982e0cdcb089650723f00af3c405d95f7a0e920b252e1c1ba0c60391b1979be75fcffd3f338f2e7fefbf6a0d0d6e0e81fd78308050a2800721f7dcdbd877e611154a12411d9e77d267790eb92cfe6441d6e643269d2d99c4bf2482b791f84b1184be2775d8f3a65fbfdb458f005ed2d861d6e9ed09f041584a1fd1f96cf1977451baf6ea87eef711a1741fa031e233e192d726b57b7ea8e374f565e440771f2567057a10b9a052ac67e4928a559057fb48b9022f806937ea9a08dfe0e9964802137733a3576352d40ecf9169b9d7ccd433ad9c3e8afd2bc3eb143d7a6ea7fd5c1fd83fd9ac89e20d411f223d008dc4e8fc5aa0b4e63f70cc10ea6b37e609fcf077797a0968b5bc976ff2b19d26101a356249bb41ff43eb2516555b69b089a9e1e314aebd36278b7c6d8d5e352626e605919d246cdc5e84b7d069c8d0ddbe2e1bf3ed0aa83070998fe5655ec204f1a2ffa2a0d43240218a38f836e1b96880ea6a2069a8422a863e798807122aa1257289c3d2b3a2a6b27e32d442db99e62a1524a6636c4a76cb7282b9e14e9a97571f7bfca7f16205326b1ace7a6183d1166e592b5a550599568154fe962c76b25d886d18f6aa265862a127cc2b23bab19eab997c8dd4e5aac0017793d90291192f9b0e79eff3df835030ea2fafe7adca294a3dd4ac37f9d63c31d4fcef63639a3ee7f8857412099528e615dfd89cf48813710404bc37c4a104d14e13bd93d5c72dc4eb4cbc49f04d1c7c2750a2f8b9b5887c4d1722bea965948d63b883a26d92c24ecd663f48f95820caeca0810dd850507cb1e176e3c8485196f89a930953180d02551ac6ad17ad905802d5b63b16fce4fb3b1dbf8d94bba538ae28f32ab5bf31e05478b264cd704691ef4f9b98c3c24d0cd249c111e731c5326df23e4fd8f7f4bc02ace6f3cced06d2a48a86bd27028d7834c61ef91f007d14c293cd338e724568454f7e70f223331b3089814dbe7efd6f1d1b406c831a0ec2510311aa341984671d60666aeee5fc285b8765c26f92b0a3fcb970ca8bce7a61e25e4f40299ffe0aed150b51a3687f1fa6da62c3b3daa9545efe0f94dba9e7d55dfa6252e294d00eb9cd16ebc82de8ef7b56e3ae8d7c0f2fd862805fa163afe08af6e20cb281826cafeaa36149a681687887e5fe1105901e5e95a618f5733a2e0c0bd2ce0e662549790c822bd9f7b92da7e305daef5d050d89ce84d015cd5a37b80597435127071a5d84c9017cd896ca4ef3846ceb3f6923c379176faae4fbc2ff6c9dd0cefaa852ae6f7e3dfe45b68d02c7bb1f2d972610a", 0x1000, 0x40000001, &(0x7f00000000c0)=@in6={0xa, 0x4e22, 0x80000000, @private2, 0x80}, 0x80)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
read$FUSE(r3, &(0x7f0000003680)={0x2020}, 0x2020)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000000)=0x402, 0x4)
connect$inet6(r4, &(0x7f0000000340)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x241803, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="d2a113a34296818381e2acb903bf3b010a46c9a087097383ebcb77a593f225aa9caec2b28c51c3b5eeab488172f71048b2a33b2037c4278d5e0c462f8cceb9909e7c5624399548b23e9d424b204221df947ead61839ebcc3c7a2dcd942a369f1a1f2ed803055ccbb133cac0dcf5e5ebb2d1f6e693808e5eea1eb0e2513d18f7d2355f69dbb37a965e4c6128296cb37746c80eae2a7d77e3c279a1d93299c0624125a6497ce68a06f4c508281e4acd9e53d6e577a63801c3df26e100dae5806b029ed634c702f38d5cfcef7b03623c8394643b670a4dadb9723fd67364c120eaf3f8466feb5f92c642b26c5ef46e8844bf489aa620e723b8c736cfec959056ac67134679c15ed1723c13e394c6e221ef1bdae1a34deed1c8517fff5a22347e50fd1a92c1e7a96ce44afef98cf8eb89457543be6973210e4cff2448a", @ANYRESHEX=r2, @ANYBLOB=',\x00'])
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000001091f01975700000000000000000d0000"], 0x14}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
setrlimit(0xc, &(0x7f00000001c0)={0x4, 0x408e})
ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f0000000300)={0x8, 0x10, '\x00', 0x0, &(0x7f00000002c0)=[0x0, 0x0]})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
pread64(r6, &(0x7f0000000080)=""/75, 0x8e, 0x4000000000a2)

11.093495793s ago: executing program 1 (id=1869):
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000007940), 0x2, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000007b80)=[{&(0x7f0000007980)=""/131, 0x83}], 0x1, 0x83, 0x0, 0x0)

10.766396378s ago: executing program 1 (id=1871):
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x420004}]})
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x0, 0x1}, 0xfffffffffffffe6c)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x5421, &(0x7f0000000000))

10.729026627s ago: executing program 0 (id=1872):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrandom(0x0, 0x12, 0x0)

10.425876614s ago: executing program 0 (id=1874):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrandom(0x0, 0x0, 0x0) (fail_nth: 4)

8.422074887s ago: executing program 1 (id=1875):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0x3}}], 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001a80)=[{{&(0x7f00000084c0)={0xa, 0x4e20, 0x1000002, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f00000011c0)="88", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000380)="86", 0x1}], 0x1}}], 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe4}, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = fcntl$dupfd(r1, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @scatter={0x4, 0x0, &(0x7f0000000300)=[{&(0x7f00000003c0)=""/162, 0xa2}, {&(0x7f0000001280)=""/164, 0xa4}, {&(0x7f0000001340)=""/104, 0x68}, {&(0x7f00000001c0)=""/6, 0x6}]}, &(0x7f0000000380)="259374c96ee3", 0x0, 0xad, 0xb12531df61d0214, 0x0, 0x0})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000001440)=ANY=[@ANYBLOB="b1eb5400ede293d8530b00000000010000840400000000000000020000000000000000d9050000000000000604000000000097a307882b130148d91076a96978a1efb21b1639ecd14b9791154706feab0cdb86c12e3e6069a8bc5cb033aa", @ANYRESHEX=r3], &(0x7f0000000080)=""/227, 0x3e, 0xe3}, 0x20)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, r4, 0x1, 0x1}, 0x48)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000040)={0x18, 0x0, {0x4, @broadcast, 'wlan1\x00'}}, 0x1e)
sendmmsg(r5, &(0x7f00000052c0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000940)='!A', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000a80)="1fa7", 0x2}], 0x1}}, {{&(0x7f0000005380)=@nfc_llcp={0x27, 0x0, 0x0, 0x6, 0x40, 0x8, "4d71e5f40f456029339810a3c69620974fbdd74a0512fc592e4fb7e895b1c6246daf9934512f6ff08c1c4ea20fbc354f0d7945bf65e5234ba4d3ede5d1e0be", 0x1b}, 0x80, &(0x7f0000001580)=[{&(0x7f00000014c0)="d04d0ee4f88dfc56fc339e7cc2e6c0c6d217b05e7a01c57ad9c252b7c8ee416fc47dfd037712d85abfb6bed957d62540c9f731d800b61d091daff496285877507d7d3ed002b6d94d8bd5173a275ed33a1124eb", 0x53}, {&(0x7f0000001540)="d48656", 0x3}], 0x2, &(0x7f0000005400)=ANY=[@ANYBLOB="600000000b010000b400000086b795c3c7131d354dda98680436c6c043d2fe1ed2bbf2cbcf3fdb39820a110e4e0e8f820bcf7739eb685de344993577ab8c6890d69042d608c77c422e33a0a2406981955dd03b0a175a344ccd5df35466000000bc0000000100000009000000b93df74bccfcc42591c94aee194e322f6fc48760a364eeda08ad00dfa24289da6bf53dce32d2f2041e6531cfc903e1701c336b60568b72a0fe1c11326c3d28e9347873170cde9066b662928924f4fdf8556ce22622431503b69ae35add9e7b63b19f1c4fb51ec0ebbbadacf4e838774551bbff61cc10841308d5d16f3412a1725c43f19bb1d483dc81e6bb2710a38bdb9c25618d4f19d09550152179bfd673fa7472d54b0400f034aac625e8b0ee46000c1000000000000001000000cdfd6671f4bd27b74619688b8ad53b3869a2255be605cc1818ecb02b7389b03ec1ab9844bc488483fa72244b98e08387132abf14f1ab7fc5232d75d9258781eefd3a4e987ea0d1d1bc18fb369d86148ae08f79b7a1043274568fc15845fe872f5664c4633770132e6b2d3207297c5ab47c9556c7afb386f5079caf982aa9c03163b4923bc57cdd55923f547b628c00d5839ead9534185805f63518c5e5fc01edd5c7df962b99c8ba9419edbba0fe6c4827ff10c83211c6342d2ad50dcbe8e970f05bab3ac8428b47347ba0c878a78b756a36537aa55c1ae38130295ba0329effbcc70bfc0ef85eb16fd42922b88982b74c5736d6e74bd786d17475385025c653a7fd980894ad2eec49c99e20951a44864725d48cb2bdb4588f47d08594a8852fcf92fb9dac64830be91ba28979fe5ec879e9096c7ece6d6fdab575f9d1ef7eac04f461a71d002b15696a7f392bab3f17b1c44e6ccecc7a6939c04ec2f7e15813a8b34b6c8270430eadd99ad267940c16b261333b9d23d97011b0c7677ed509c3445226999eb77a023736d04f3a6b1242c7c084cd45dcd711a1609c47cfc87c7f75d83302548d1008bf332d6392e2c1277e9e11cdaf7accf72a59a04d5f04ec4751d500f06b759ba19f2268a43f9ddbee8e558c7b03cb24fb6467e6011f03192c74864786e7e2850418f9a440687ec305b51f5a952103f65606dbb74f45fc9f856ee73a90b486c73a387090c5ed6ee5b20e55aa8cf0cd25733d05c800eca59e578f1df743c1c55e27b5d2396b37692b61b1b54e23ad4fef5ea70e7d30d892cff3188f0a822c544167e44d8bc1fed2dfb356ca194a580c467da2b1a5dac7f31a0c1418364229f683c183a24bd898321ac2b5ce0e31724e895bfa5e050d5c17d2cdc14ba5f08321a6d4e336fb5f48025c1ded036717441e7c9e2fad10f6d7bc59107d1559026e17ae942a9d973acde4535d0fef8fd50686016697808c72611911178b4202493dc3a837245c60cacab9b969dca79dafa4f26aa23e4ebb924d00cf3ea2209051f7e021b73ab8e2498d1fd99dcb221c7c9f3fe87b3930be893d696b98cc95b5852fe9bd8a6ff397574eb244c6857eb06da27bbaf4650e7e5caed6dfd50eba8f73cf7c1459eedece40a7781b098ee3979ca0dba8e057de2ed99ed668e829bdb25c1b0b015f32d13135b95b4a1c4b4e66f2ce03db13db5a85dbe6c52587b0eed3adf786f8904640d13af40c796132e9a4e9ffdd4e13085328e0801d62e955b16bba96f55a72779de77e0cbbdf4cb7cab724bef09181895930cd4ec6ae61114fab85187033e609afe73ba216d30bd5cb8128cfe980e75578608e1c26f7fc105a5c11464a94af3f3253f3066d2fc378bf7d9f6c1734bae8ecc4de9fd37cfdbc02403b671ff4a2d80e9ef6fe5f4396ff27eed62ecff2c318d700b2110a9f4f75fe257109af47a8af6793516cfe90ea37de6265fffce0e8e31041f65c3af9959c866f1ce23d1c5a17cdb2befa89c56e2a9b35923ff47879c0d4e0ed44c1a58f8fd66a7e7f26dfc1dafb1f975761dc1e078452d3601162073bea20763258e1b80385df1a79953e14846c1f724acc7734dc5a7bc47a1cf936950e41bedf9364087f292d65ae5e0404e641bf6049ac7f149ea3d4190a85540181f4cdc011dbaff8dcc14de478005776cf141b2e9f2e79042c2a9904915eedd597ae8aaf2ebc23e8230b0eaa1e52ab048aa051f8c136e9adca1f8cce60cfa68f0d443faf0bd93bf10e1daf01c113eb18f1e34b0ce1fcf16a01231a8559e3bd2450e90575b2576fc0ab582a5deddc631d60af12cd966567ae3f05d42cf70b16df293bdaf46a7d151c2d3927a028a834054544da0cb015a4d63d3936130e4ddf5aa8d260ffbec9c7688fbaec2d7360abb332a21e6d0d1e5f70b2ac5209be67a119f199855d00c3faa9b3bd0981bc1d9cd2fbd2416f28761f6737b4f38195338aa42202c8cd4929a186ee6cce4a408f75e815634fe937fb9cf2eb16c5ce41573f5ce3141a5d36b295a9d15000f0250be487d2b22a871b5bf7fa4742b41be8541333d054ef02f3c4b52af3ffd8908a8aef341668e97ebba81e55d2c8f50e886d65b357b281d21523203e5e36da22c4ba411d2df5c34c6aea26f2bcc6416df15395757121b09ad38f5d02baada832f68cc9c7d43724a78b8662458c2d80f9476ec4b895c03d2ef48e6178099b161a768cbb55127c2ee1629a418ddbabd994b85d621cf109237adf2d1360d97e749d3203efb86946c85e5f025fc78f7e901bfc6623c38a32552f78ac6dd46fd71d5cb90610508085eaf15c91ad31871622097d9d0680e33dc89da9220cbceda7d1d5beb28da171d4c0c2560e98cb2124fe0d3eb80936bdf55193abdc8b2cc9569544f42018195803ab72bf13d19d2d2424600288132071f3285ce0fc14fb80265c2db02668989fefc639ce6bf892856ec352ad84c185435727c91220b09d7eff2ea36c8d714bf51612cb7f9438bee1334fe4a818bbc212fab5d4281ae302b409aaba6d49c9648a8d5050c94d94892c53b13a91e36261765ee75363ae6f86509ad89f4bf2724e59e7b8ff65dd3c2b98956a76ea1c1cc89a522c39bb9d8b50ab8aac9ba8a37554ff3d160476d0971484f404ce81f02740a16ebc7bb6cfc20b1fb9db7ef85f8384729d00ec95e05badd943031567cfe6398c5b79556f71addb6bafb74bb1b1a24bc4bd4978b34ef849f523badf229e0c3674d2d47f8b1e7727860d51726dea6b3bd9db635fb10a4d3dd81b5f53ac953a09b3de60ac36b9bc855a37a6e17e9f5a0ff2b36251d300634cb073a7f2613acb8a9a67bc106370f1e7fe53b903e2236dd6e992415ec4ae139cb444cd6ffaacea54601074497e143e090fe22374f08da08e753c82d02f20142a446824920e817c9ab8798f44147e77878805e43bc5801878ca5fdda2fb8203414e46a8610cb1a6ca01dbb9ce23851c9a6172b72e302c3a49be5d9e9724e1904716ecf89eef3d19e675b0d8ea93d3d352c12c26fa5a4bb7fc78c615470119144f38a0b223ecbd181944b0cbf57af6586449f05e79a22225f8b5bb3cdbefb0ff898644446fa814ce9454e73729a6c6aed2c86ac0ede31256757d3c303381ebe506a517294ed991aef66e2e0bdb0c1fdfbc14f678195abde6bb8e9dcfbc3ee3eb439c7d40247e841f3e4cbb510c74dfbc51f3814965a4eedc3c5f5b2a131ffb3c120cfd60f8bceb592acc3a25ec3b4fdbdcf24988c29012c542570c82345c50b16b2e344225fd04ad11829e9863cd441c9450a096d5b977191c897fb35eaf0d11fcf54b5892c086065bd0f128efc2ac1f82417ce915ee7efd9be013a638635b44fdcdb1575f47ecef4c447331c7b108e44450c1a766e7b8a2a373c600a137275d00a57267b8debdac2d5a5f1979f6719f65e9103ffe155e0c7100fdaf31d2b622f1fab3674896beebbf4ae2f5f7797b01ab1432e0ec131d68cdd16becaefa3edb32c6cc3842de0b53f8e439b8e60344f605c0819521ae5d1521936f1aa0bb67cdb900170be0e840f6721608f23f2eecbe56f353c8f1d621cfe4fb9634045a6d29b274ae616c03b125500e33dab6329623c2205e70cee2282732052f99d7f7888cb4f8529d3557ca1c7921b8b9b8ee18d50ca2d415c0c457139fc5e4ef6c643190cc08f793f70f8402b384469017cea1f50f50af4f3ab52d5cefed124fed9ed548d3c60fece3c1d9d25eab555d254da16554e0f12648ece77a6488c74461e7c53228ad7554b6e764535b1d030a151fafafe5058aae2c39f635768d370115fbfab2eeab92714cb0bb280d4cbaccd2b7ee518463b1e29774d008a91de97919d90ac218970dd0cf2a2c04de7ea9557f81cd909d5fedc6938d9507cbbef981ba0017932ea672a482dfc6765ad25f64959714cc16a95e91ad020d39ac2d52e4e2f02e75459b37c37106a4b524cc33bfdaca093ff11c359b447e5a27a38d3f675ca1189cc8da4aac495f911e9560100aa5f7d644a0aa706bf7f33e86ab17f074f79cd95c7189e2f89345e496605b16f1644b2082834e515d37e6ecc1610fae5aaf130ab3010db0a70b260e57292913ff8a3c79b23b1d4fd17cf6871c2a6a2e8ab975fe0d93882316234c9af9fc02212a12a5045a83c9434a0e2d0080dddbd162b92231aca5315d1c6fb23f510667b526c4c11b7cf36a94a760caad570921f3f3302efbec1f35bb112984641c4c1d4fb02a22bd4e13d93e73b888cccf78a47e4a8da7decd3610c7a5a45039c3612ad872782b9f7d7d3fe571bae0eb3777588291364cb906c6c910a7276beecd838e224a5e5df1d98a777c24d68f6e728690b8e1b918a63c05bd5477794fd2520bdd45266aa0971d5c4a6f6c5aa675b2b2047bb1c60dc49045b8b5505438e9b09cb30a30a3e35b304fc552d4ceb414c991f78f1a4cd174d2f631afbd60e90b3cd095e9648d4536cdd45f7d7e89334d415d58c3ebf613c92eaa8eba84294712003de223e778d24b0ab0689de3db7b6039bee1f28d8e4336d0627a5c3a5a9330b404236be8305a1841fc548197d29d0f2e3f18b7a3c59a09ee42025778693a9d0b025f7e1940d19350cc105b03fe11ffc8a51361b198f054e5fc892ef45a1cdb27ed7cae946a3c57c4d2c0bff3df9b85b050992ced6e72dd8d280fb132217509f88432255548259d3d6a78aba81cf87398ea6d083c236820097197484b4e03944df030e5386386a8439cf284e7040f569d11045fff268233c6c3cfeff14b211dd08412681148dbd9da39a4496353617296deef98ec20d159a0cc8788c3da73693996c5b66ae5551065ee2ccdf43cba10afca0ffd4505a5e2ffa71e0bc7de1a52e3a26e6369e2cd576ad81bf9b27867cdbe172e571b84522ebc9392603129c011c095d4d256d9afc6b91fb3d79421465592c3b27e1afc3b0e194eacfb8cbee1f43858531742df3e4d450c92d4d36ff056c77631e9378e3edf26d8f0277f50980afbcbc73e74569c4ad7af3fd33d225b9cb803bede68b79be8fcf62fdd2ea61eed8c1806bff1ae89efd1f8bdb612fccfcc1319772555834412bd732589d52c8015c0b53a1e325ee1b634e3af0a00d31ad30cf16f7a72df4254de53639828373ed3b8c8e977d72ac5ffb005a940a9d23658952806a49f5d01e19fa44a4c71ce422ff624013af64912abe31848ab5e5349e5f0c94ea670828b92162343a347440e0d1b8c0f3667e69dc33e49178a666e54cd05e71d1f2a76a75d9d228e6c4deb61176a71215efbfee0827e82e6672fe53e89a3b724ef1e274d81bdebcf71387d2c832527ad170b603309e278cc2b85c00c2252911b3f0d55a96cf7d3c617fd1b82f093aa9a196209da498f8e76d403fab0d2c9ddbd55cdb78c6dad520c7a2dd05210a0dc6ea70fc2cfdde45077c7b0cbb54d2ca4d0aa848cb87832d44f361f4c9adbcf72979066271694dfcdcf2988e62b49bad417ebb622b3c6b3bd12a4651caf42c089a003e5af3606269f135677c3bdef2451f4d7e54a085328c0b7dc621fdc2edcc74d5becc5fb3f4b174ff3686942da1a632c3d5e5e6a1c1c7b6193f961e796d520af870af72bcf2e09a72aa8579aac1e20eb0f5ce91a63870e3809d5878b245118502e6705508197416cf1c0af5df7f6590a0e7fcd58814e050aaa42a24f771f686e8fd47438b370e9b9c3adf38edb4d3524f31db14232b00184930aa013efc4c0f48522daad134512cd798f64e94008c102b59eb43897dd22efa7fdc30b71689eb0142e7c7d468d61980000000701000002000000a34ad0e82b914c048691c0eea580bb1289c3d9fe84c4a823a510a26251015ccf1fa5063d6dcff54e7a21f0271482128b42536d8b76f2904fc7c0b867457e6708ba819733fd567d41fc96b049072a11e5866f3ad94ce577cad931ecef4754eda2df30d7b8b271a1241fe97e039054815f9c3f159effcc8561671435f488449b22674c4b0a2391a1d062000000f80000000600000002000000cb69314fe2dc0be0214c58bcf08c68e7f026e18dddbf02de541cf793005891783c9a96b169fd8c873f416e0fdf115f074ed6b38d0007bb00a9685d6b8cd9ba74817cc88beb025e6d19d7e2df1efbc9384b36d37f1a65f07c53b22a20fdb47e37b619c38a1f8d3b4caf298c8dcf3b7cfe3a325cd2631ec8f84b0c816a66e9d654b361f8bcd1c492b3137fc0c0c9683330d0d14bdba53f2801360dec1abed8f9ee96cce3a3f8482bf4ba05d1d7df43cec11bde826cbe1f1ad05944b42677ca895e7c84741e2d0db2e3ddedd7d596723fe76cad9c1b9716730dbb61dfe453c9f5c4b685819b2a0a4b32390000008c00000013010000860300001657f57d284781d19e5272aa36e8199320d64ea468e07d0d4275118b210db101b83abde99ab4a8b587a8320775d4f64702ddf9b74935f15fc2ae94b7fb2aabcbe5235d60f0f619d63d2f35577ede3657a2681fc9536cc876f31efb8fb5d161738d82be31271146244b4bcf8ca2c43fcac2e873acbc389fca0d0086bc236d00003c0000000b010000140000006f24eb208056aca44581317488172c0904b4e58cc772d88178d37445e2a4164675e39ec46a0a286809f80fa1b972100085790bd7edc9a48e667030c9b955a44b6ee6472dd1c40224b8833053dbc6c7ca94ce34dcf8a8ba34f9b1541bf2f4d7f90aedd7457934229ffea6b0846a48920deec2c9c85d9b3efd7fc0057901f7d0dced02318f65a18ce7481dd86c518395e96b586fafa3b359111a9c0f74867c19905cccd7a2b188c8b67415a9db2a5c421b6cff6543e35d53697c9bd41395408f670f6148620cf0eb377d091903bc4df1ec76ff948f0de276ba410c20e9d5c410ef2a47eeb4656610b520ace3677e73d12f7fab9e20044c9f1eabbef6b01354c6bc11ded40884e4c0e1d0bc7f24cb730a9b390423"], 0x1380}}, {{&(0x7f00000015c0)=@ax25={{0x3, @default}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @null, @default]}, 0x80, 0x0, 0x0, &(0x7f0000001800)=[{0x48, 0x101, 0x8001, "f949ee24751815b9ede1d7d3ebe40deb1ff28068e67056d8dd81953094b5b940fe8c25aba0feaf2054acae32e4365666cbd6685ae51536df1e"}, {0xc4, 0x110, 0xfffff213, "ce9592772a7ec7c4a877224c5576c7202a5c0180c0af45debb3d7b96f493d739fb644926cfe9c56e23df49f7a26e8480609c72efba9e49c45b618797db0fd25b687221222c4b88947dd39e326131510f83292806b5db47f7bbf82e154357bbae15fedea5e78a99ff57d730b7f1115c04de1b06fa2d26b6e227fbb0957e449e02692916dcd9c9fe932c1af67b4ec63b8f641469334196b8d5b57253aa8a7ac004c4aa68bf4df807bac89d212b893a048c6ebabd9f2a2a5d2f"}], 0x10c}}, {{&(0x7f0000001940)=@in={0x2, 0x4e21, @empty}, 0x80, &(0x7f0000004140)=[{&(0x7f00000019c0)="f62600dd7af8754b1c325928477bb1c704e6d7bca6d9785efdb9b228feb77428de37b14016802d909ccf6af646b1ddaf7697ff18c8a238111ac1921072291f864ce6", 0x42}, {&(0x7f0000003e40)="dd0dd2977df955b691ad16131b16223bd2e4950ea767b39d0dbd05b70aff6781e3e60999e6776ad78b8af3f69db74d6cb8191a52a9964e7263645a0bd8b5e98f630ece866a14d797db6c8332debf58417fff1255b2adc9a38f3b50dfa32352f57db4c6244f091b5eabeded4d90708d0cc7e7419e6863665d9d2049d456020e1b98ac8d961c767e4135118bec463e5f420fb788e6ed387c7734c7a0f50bb544f13f438d38fe4a02a35046d6d1364b0ea51ba1a0054539d13932d743a131836e880cadea45fd0bf6c83ca47b67eef0df667717c7fcf677572bdea583279122b5f31ff444226b125dc9440e5b6c99190991bec4a83005ab3178", 0xf8}, {&(0x7f0000003f40)="a2f5890ef0a8ba5def3b12c14ddb651cf58f20e6d6e60283ebac37e6378e6499fa21073615bc3bcb06647f4435333d51ba704bfef3a68f87074906cb1785be6e2a4d038224d412ff308988b4f2aa980c25774652cd8e45c69c1bfc8b0116a2312baa010badb7461f3cb2b42d8a52d51a0b1c1fb9478954eec288992feb48715c102cda682f7a4c68a23ada5320fce6e4a536dd9ae92b6b08f5083e99ab8cbea609bfe470c17360c70c0f163f31527cbf5bed3aca8749faf1a336dcf0e92de9452da9660300b677", 0xc7}, {&(0x7f0000001a40)="4c33fe5fe9ba6b9ce119eccdaaaf546f13e7d0923b37a782e56c2e2cb2a62b115f", 0x21}, {&(0x7f0000004040)="967b3899e4cd406edff808ccd3d1abc14bc9230aba4492cbc35117ebc24b5ba367098f08012f5dc08762c50fcb91b9f11d5c42f56d9ade4c311eb544d57e62e956687fd2dead108d1b3884b98d7efca95c1c886cb0617e21372b57713f4c7df43534052965cc255ce62cc0c299fbde1131e4f313043f2fda61dc439571b31daf2cb64c41cd3cde924d55c6a365523a47578c250b84a09d2e92edd439f370ba753c68f9c879462049949e1238894db78456f2bc5b1f6dfdf7f9f17209e0d6741710f1", 0xc2}], 0x5, &(0x7f0000004180)=[{0xdc, 0x84, 0x8, "6da35b637e4030473c0f1f41ac523b9cd61a36d69d3672cbe8f8150ee287a9d01ea9be116daafdb2995a41cccaed551de11d277ee6e2287be5b59894638dd6e060628b86eeddd60c83fb18f653cf7621f1971dff6f185f5f336cc99750bcfb7e33e7083b1377893b0aabcc60d00594ce5d6d854b32d5d312f6132e142c9c015c076d7dfaa288d1cc04d23da3961656c20b04c8b5a275422043ca673102a3b85658bbd7298e385575e0bad668d383e6d7432e267413f9da26315d4d897a7ca942824827d75378e2f8195d53ba46e8"}, {0x100c, 0x1, 0xdf7, "36db050af578e466b5fd4a9d1b3348c4279bed7bf750917c6a03adecfc43bd950d6f95e2ec17483b9c85d4c5dd37dfc2682de6630ca488af78823887ba9b2ad1a7dbdb3e830d332b62b00666ec17519a50e836a8a5b7034ef4ee0793281da150490a6498e2dc8726e76356a39cdcacc1a8aba2bf285c20bd79c1b8642007759f4ed244b8a40a37c5c665721916d7d9ebeae384bb5b67ee52a41c2c6457e6b9ff3b74b8d52609951508309e0300c59d3f3f73d735c3f382a616de70c83facfcdb0a7668c1180dd428d270e6080ee394e153f44eff5bbd614ae02bbe9516fc4380e533643cd8f49f701ce2aed827575013925ef9de9398ebc8f9b50188701451e10c48c4e444e293227eaed288997f580c0c762782fe2bade9901aca70fa015f0886c096cb8d2934848f6e42dcc75e1f012b7f23b39218cd957d6ac1b2572a8da666ce7f20ab6430adbafc23d5b54c89fe0b9a4b96b3c0752cf3dbf726af81b563d2d935ed2dfbaac0a9135c058a210f145a2ae1d8b0f2ce0befff8947632292267a8265712dccb8833bb9f2ffa12f26b74ba10de08fbf410d63fdd73e020eede7ce728c54d9042500c04f1adffdb12785ca29c9d5b6433113fbea591ae8b55e32a2cd4ab896257e0994f4b57d4b3bc4f22fd9ed89b3b02ad397ebcf463b7aac2c3210f0cc3242c59d5e57b5f9a0c1c9a351eac7329a457aeaa3f1b5c0cf3a85653f2e5f56e60015e56b8186ce8c4251f478239f87ef49aa49c4f4f0f2cc63e68a0faf2e7ddaba02d678c8703f50b5d7c8db0aa66d0fbb4fa9988949680e25aba97ca7296535da3fa4e8f54cbaccb47d47ed4e69059844762d1ec5746b026ae7c0da10a4410f98262a293e791259f745dcfebf552d3ebf7714c45600584948b71c84ef0ccdeff92e6a90c3c4667e43e5fb5461e67215b67b30067340ac9bcb01ce9227df91eec2eaa3be6964c35553a83dd0041b310cdd5319efc8e342fd9e0171902ec2acb23e6a1977518ef6f6957706dd458d7314b6e3f8cb4c59d584c1db13c473929194ea75f1390a05e61e1565970fb6cb4b3321956aba8bbb0cdf59c1041709c0ed3c2f5a821b42f4b6856c79c5d81763234968a62cc4db4ac67a881d5c6be0e5b794c4717db9abfcffd561453a7e5dae8a3b3c05e302365e873c9335bcfb40467e62ae2c6b8b476270c05f393d077586bcfd20a33959ea7dbcce1d968a90b233ade82c66f5dcf04e0eea5b76f3360193a36dbc81b645f4ae7313b900cc9d958ae356724307820633c8b7694ae29ca7a29ee5bd8eabd452761b900bea4bc9d48291d64664362d2949f6f924ca0d68debe935163efdd7fb59013440ab77b1606f2482db79efc2d4bce6d630cb35b9b7106729f804959180098f11888bbf18943b7ba3fcc3a1fb1bd4cfa05ab7826b5d2542250d5f7d9ee114807f40bfd34099b0ba54f592255bad46ab9bd07df8b2ee1df77316e43556c755cdd6be39f1c9223d0fa48c8723a21795896023f7a4c36596a9868bf98096889f13879828d774a6e29e1cc00d9633ab72ffe49053786a7c372e1c4dd99cf5c400731ab46c4796c67cc6cbd13050ebbe0b80afe20120fad2f3923f693752be9cde31a72d1e585a2657f6d5d6f93fa7fb633ff29eb81dcd74403999ea61bdc90cc6f42ee6212c68ac50dd879256177a1210d42d00e53d89a32da1ad64c7382fba2954b60e0e5a41d0d20cd2b788e191bf8c7e90b8ae7b63a6c333007a5cb62532ea417b61a29374ba83ef66bcdebda1ddc661735fe8410526fb5cc71bafd4093f26ae7c606790b4e946442e43b79b54252d49d5b9d48cd3824cd1883a273111e9d166758bf786fb9f08e91b59b87baa7fa6b5272e3ea7d622096e4b02cc03d877a4edd57dd533fc0c9eaff82ddb0d1136e6f0f4ddf199c2d16b95d03626b93eef6c40f580a0a4f9067b1af101e5fb51151f68d9e240c9d90d08a16d56340c9ea05a733931c7d7eef92e7cee867102fd6e5ccb87bb70c63e250efbaaa62539530dd3d6f935fa77d1c1dc36648cb11a723f33c30a127a0193c10820bf81c5fbb611edddb606698e38acee0c2473d42507349b07fa7d7d31ba6b0b08d89ad2ed30dca6cdba30c57854bc54f8aa34bac4e6987f75b8000fcc5dfed4624b3fa78bf2c94f7f72220494ee4d4008c12d5f02b6adce8630c9014e2e90c28b6a6d418f86bd26619a813185fd32b6dfacf219fa15cec0b79740b1a14e1c0632d11fef59fbb40ec84db2ed473c019dbd5b1eb4b71fbd3755389d004081215eb3bd47ab69fe25c76641b4a13223839bb09b725b8256758af8116379538306fdee21d5474cc2b6e2e62713d419ec060cad3de489e6142429baa720d69b4d75a2a4f8d807179b8c81d453a092f56d10c31bcbb83c58e4c60dc8675cae64f408ffe8743e29b6ee72b24e77666a00c81087d3f1ffd2b1a9c1929dcfc73754613c4f1d655bd682b1d566422518c5c7680251e0efd1ca7ad8a41ca95c625e82ec94f5fee30bf283d1ad8cae6be92c7878becc6c04a157119e039d7c70576f8e481beefd7d98658ebcdff284844f13531f009da532e34ed34f132bc72a490c953cb075c749f9a83f3d00103c1949d4265bc20b6cefafcd9127b215722825f3e27e376e54c8fae2bde6465ba3b5a02db539d7657d0764e2ff9f2b7fad20263174c4705513eac2a36d6c27dc008408fa74f28be00937ea40f1bc796c0a1455cbaa3bf56457bff9e8526dc9120f388c64d297dc259ad2d3e5185e728d86b2554a55d6d8b6a341e2717b384106f34907f1a76b6f23e0fa6a298adbfdeb8c30c820331dc0b1e53a35fc7151f444cbcf97af165d9fb92da3e65ec3f11e90fdfda5def3fc66fe0c87050b2d78bc7b05ef46ea2044c8cb5a7b942664b3057086c0d5fac03970df8bedda9d0d338be15382e9e5a83b2618036141bd6cb357d7fcf20180ddbe2a09763005d08fbff5d0e5f7efc1515181a9100c04ce9ed7ac75c83c29163225303456ac972bc05a773197a42cbae23fce302f82180da95ba4cc9c7cc6ee5c55fc52dfea48f469acc58d1a3e51ac3eb78b4ff20604bcb93c3cef734135ba3880f8bec12927343ca5cb31a9bcf1ad07bbc9a2bf6664a1081f951e5a9c38ccf5f3e69fd2e27e4de34e15e8cf3b63977dd9628942159d74d7f0c3492866b26b74ae595d45b641a6ec31bee412a014d21c492a7defd9b42c10958bbeebfca622ec8c0034b205aafdfa5082f2f4ae809b4c14cf82c9b4c36defe38674e2629dabde3934b14f88a54b04e76553f7fd2ae6b2d0c154c17bb08c36ded619b12aba4e56d47a438d5f37d46f42299a0d05b7c8e8d0000af9480a80a923ccaf3d484662adf657809c2bfe88903c544ad1b168918ee0f19c38f7f3b8c9d3f7e3b1ff03bb02fe1ecbbdc7f796ba795e3950eb801a0d5cf3a185b3292c438cd88ca7533af6e8ef2d5299fbbe43e9c94c68f8bd256c15fa8c65ae60f6b86bfebb4d69cfb0e42b3f2a2e6bba5922974e6b48d3fac9fe06cd69639747c57ddd0ebdc308e57ce86bee2e767414b90ad10fdcc3cd3161275e009e62952007336365adc8f8786bbf1e01ad823de9c21689d9b79ae7786178bac8a19b1785eac34c7cde09a559e8e66214db62d4ac264e9630fa89bdfa5435173d5d15bba9b2301702d2f184c02d6e048392b68f076831ee3b1391e948d9c0abe69d97e773be0bd57dd32797a2e4bbc55fde0c91fe4327f965aed28e842276a776b1a1fc2042633ba5bceb1bb7ac28db0fb07d7a039500ec55c55b76abd4abe62916123cff75645a12514b3b526c5dc8276669d19b83b8dc495dbe8497249c587a984d5e9eba4d1b963f14a521c35781462ed312459cb712d33052f1968a9313f97f59b073b7f28e4c1b07b59ae916440310394de03c3f2a929bd8015a91ab9ff73e207c88c172370def400502fb99b856cf5f9bbc6443d92ea75785ea15737ad7a46cf8929aca261ef802371035577ca158848d85d3de0162559d4508e156cfc4ae2d887210fe3f597a22e07055d8d3709a92dbfd40ae61d5f6e5a1999239a72f017280432388c779ea0f9e8f6bb65cac2b4f9d8261a85c5860d7c6284e20d094d297c1656c331b8fda91351c3000afdc27f13aa17b574aa109a4e836ae6ef99c5481e93a9fdbefb26f768620ea2b80607c937174d3d4a683ac5e50e32b553dc8325fb1ec1c3cdc98e89b06daf9d282affb24695d275a796fe110c60db3523872e267db05fe569b1ac6f241f5519d9122b52d11a81a727bdc756be335a4e67337a4a5fc771c8fbbf32f433b4c517a9acd49d81c2accbb3b8376d80d3a7f018444cc7dc09274c032947c012736de40a29506102741b522189167cbfcf11e4c14e604ffcc42f3a0dccf355e82b1e15d44ee4b2232417cf1fe0c2d476441a7b3d971e32fc2d320a4041f9eef5e1d58a04b44b13f6c4269ad527f14d177f008268f0e3732d58855be253a521621bf0ea035bbf7b743f7b3f2641609988b8941474e0cf1e3aaecd1926a2da28e650594a2f28c42e389516c8e16f35458cf5ff186022df864073f70a95289ab340135aef0b51bd4d45df51415a28b6b671f394191494451f754bbb05300365afcd872368e51e8f06c7b7016eaac50663d9e16a137c6a744e22c870c7494cd27a0ce5f936d1dd9918641802fe8c919b1a3da5fd8a9e5230a9866d667d8417a981bf9d0820057b327deb35d4997a372e76da7a1d9e23a11eeb693ef44436e33991d66e617524f351f42e008821e43789736a9146d8144731eb7aaf3b3b40fdd5c324a5feb501aa8c17edc271709d2ab6714d97380d387ffb1a9d1f71c8fcc4a714bf1bd5784c7e782b4b8a95657207ad7a71f1305ce74e3d9802964f5e35bde48ea08e15214b7d89fcdd0eb9b436851034428073f4bd1f40ed336acda34080102f2d83b164e322d6d95f678e7dcf1c351716c4f668f8597b39639ba383f957d1ca0734f39e17d71458c98c0030b0409eb333376d1301ab67ae9a70b4bf6ad1bc6fc6e884231a8334ac656f06ba2f8312b8893e9b4c135403953626dbd0c81a1a4c87ec4226b49e05773e59e20e148329b6e29bd22ca833a1af2d4b1b3e4a27a652962f93f7b14ef3ef05eae61b01fe39f8c530bdc8a89e3eb0bb9fc984e1162bbd2730a9ef84e8e4b2ae267beff3776b5696cc9517fa4d716920150f7599e5ebc8e5ba7b423688e0fd8eb9719352134167e3d0ff96c6accd75f07bc5a332655c95a5900604abcb0060bc19656f3ff7925ad3bb0953b96aaf862a0f19f9f530740615180b77a9083237b25905a3cb32cd27af2e051955c6960431e4c370d0753d973206aff9c3b8d4ef79dedbc9c459f159829b49687ee6f54e0797a627d28b6984038d819c3cc6da9f43b139952fa0174964c501e545f909741f5d799be2ca3752cce42ea69dd1a14974886836f87fd08c3f1b0656baf9bd7ac2fa5f13127a32f63d0503b84a373a69672fbac603518b803401430f61259d15b875b12f68d47946ddbe678ea642b6a3c8bd9e55157d31686225ba4842b5926b1f15a400079df92bf49eec9a922cca5d9ef5af8aadc85bc54302599ee35573493c83fda8768ca417d54545238a17a1fc75799da9dabcd9c727ec681a4cdcb77a10f855a56d15bbb7ffd1710afd46829d499c80b724aba1c19e4d2544f7a422cf562322026873468c4384a65297cdf2e28ec64935777defaf88626396470150d685c83d1187a9e892e898bd95e508e3d25dc14bdcace3c0ab0577813ebb7d"}, {0x14, 0xff, 0xffff4b20, "1cd368dcaedb49b8"}, {0x18, 0x104, 0x5, "05e5180b628dca49d8c133"}, {0xc, 0x3a}], 0x1120}}], 0x5, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000001240)=ANY=[@ANYRES16], &(0x7f0000001200)='syzkaller\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x6, '\x00', 0x0, 0xc}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xc, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f0", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000000))
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x7, 0x80}, &(0x7f0000000100)=0xc)

7.0561729s ago: executing program 4 (id=1877):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000029c0)={0x48, r0, 0x801, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac02}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "cabee339084eeef16f162471f4"}]}]}, 0x48}}, 0x0)

6.946233139s ago: executing program 3 (id=1878):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xf, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000032311b6af73ecab33839b70300000000000085000000bb000000b70000000000000095005ba2375f00"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x101, @empty, 0xfffffffc}, {0xa, 0x0, 0x0, @remote}, 0x0, {[0x1]}}, 0x5c)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./bus\x00', 0x80, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="4000000010000100"/20, @ANYRES32=0x0, @ANYBLOB="000000000040000018001681140001801000020000000000000000000000008008001b0000000000cacce0d003e7e1c36eb4adb915e5efdb2f0d9aa0bf731c1a4bae76900428e0e397dac0e9443fadb82819f0a85c0dfef635362d923b5018291fc367473a1a9f3aa60ee00d6d37e73ca5479b4beb7c66951da5a325cfa0afd924bfa5c1bbd1a2c9c46109c65c2bd63cbc8889ba595b2fb642ef5137b807deffb02f0f46e8cbbad7c8a5870afadeee4478d581e2bb49846b608d073fc2e1a62809f36cc7f624a4a6022287e566f5e9ef23078e86384e67e7e4cb89d967a251abdb684bb2c3e3c1d75089cf86825b97ec7c2430df5ba3f813949e01cf05c3c93049e9505426918b9cc4e2355cde39ecb2a0dd38183f5b42c29b5d86d83a465a3baae55469724e41e86b4319fb191657b6b2c261440b18322a615e394ba6c5ad2be2ff41e947fd49d840fff3c627b855e8467074759bf1bbb6d43934993bedf1a0ee2657fc936afdc58098cc6499ef4a7344973a5cf58df24b3a3843bc1f4b79cc6e743b89c9fd6fad334cc4f629017604000000f6cf89546a973dc122ab4b4edc0060f77cb0f2f3046df2e0b1362fe726e1012415be36dcdd"], 0x40}}, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x2200000, &(0x7f0000000400)='quota\x00\x00\x00')
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
socket$unix(0x1, 0x3, 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

6.789934262s ago: executing program 0 (id=1879):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1a, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x90)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000100)=0x9, 0x4)
sendto$packet(r0, &(0x7f00000002c0)="05040800d3fc030000004788031c0910", 0x10, 0x4, &(0x7f0000000140)={0x11, 0x8864, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14)
r3 = socket(0xa, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000a40)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0xfffffc66)
close(r1)
socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000300)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000010000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000063d44df12b000000000000d781ab88e29ad75ae39701e6794ad0b7efcb57ef6f1b7ac2de8a14e9c49cfeebe9bc86c0e9d4e7c5a6e29d57127288c835c0522a067ca760b7029bd261fbb72753d3d9c3d3031394158ea1395bbafe43b1b932fb283970069ec5bea49e51ae5704605ed78a65e8456eca133d40936d68a7528e6d2c372975805e347228edf663ad7f8917279d3dbfa191c9f39381d40d22993169a123a0be01224cad5e5328989e3254c93a8868fa5eadc79fc709afbcc2ef751f57bafbfeede98c02798f98f0fe8f09518b7d10e386b4928227875686256bd82eb7dc858b3b3be2b52e583fb024e851148fea40206b1c626c37b86647bd9f606f0edd8c"], 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000206051100000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800064000000000050005000000000005000100060000000d000300686173"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x0)

6.738330998s ago: executing program 4 (id=1880):
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000007940), 0x2, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000007b80)=[{&(0x7f0000007980)=""/131, 0x83}], 0x1, 0x83, 0x0, 0x0)

6.514565328s ago: executing program 4 (id=1881):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/vlan/vlan0\x00')
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x8, [{{0x9, 0x2, 0xfffffea7}}]}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c"], 0x0, 0x28}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r2}, 0x48)
ioctl$SIOCSIFMTU(r0, 0x8923, &(0x7f0000000040)={'macsec0\x00', 0x7})
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080)={0x80}, 0x1)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CONNECT(r3, &(0x7f0000000340)={0x6, 0x118, 0xfa00, {{0x7, 0x37, "49d23fa4d194dd66f7872b424dc03add1d6243207fa21135fd5cd4546acb209fcb7e1e180d24029d841027579ffbe2f69bc45c13962adefdcaf6c8b1b75253b5887eeb53a7f631ce8fb8d9917ffdc4a2af9a926b0ddecfd194aa1ef85c8e8dfef9fa5a21e4aef4051695c767a6f444cdbed24ebfa294aa10d2436d51eac230263ce1d55252d067f4d4142673801ce9002273eee29d994ab3fccc4f16a32a628231c27b6f79ea3cc81fca1bccfda654740db79deda4125d41b6b6acc07093e9e6cfc51421d9911c915d908490d3236ddc497dbbfdbc29089180c510f94361c89129138ab5e626d2c26d1cbe4a01ca7d3ec798e358b67ce6def5e1ec958964a5ff"}}}, 0x120)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x6, 0x0, 0x1, 0x200000}, {0x3, 0x1, 0x6, 0x3}]})
socket$packet(0x11, 0x0, 0x300)

6.245728158s ago: executing program 0 (id=1882):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)={@val, @void, @eth={@broadcast, @dev, @void, {@mpls_uc}}}, 0x12)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0xa, 0x80, 0x80}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f00000001c0), 0xbde, r2}, 0x38)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x56, &(0x7f0000000300)=@string={0x56, 0x3, "4f512758cd70d4acb68be8180f6158ca28dc5677e09d9bff9eadd64d51fb756ac85c0970cc8910eabf327a798f3e818d3f30fbe1370d747590bbd151d2c25b3f44550df4f47490c0283a31f4e9ee7c1f0b76a6ef"}}]})
syz_usb_connect$uac1(0x0, 0x8c, &(0x7f0000000400)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7a, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@processing_unit={0xa, 0x24, 0x7, 0x0, 0x0, 0x0, "323416"}, @output_terminal={0x9}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x0, 0x0, 0xa1}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, &(0x7f00000006c0)={0x0, 0x0, 0x25, &(0x7f0000000500)={0x5, 0xf, 0x25, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x0, "79f03953c4c96fe6b1d67b8b584cc085"}, @ssp_cap={0xc}]}, 0x4, [{0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x415}}, {0x2, &(0x7f0000000580)=@string={0x2}}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0xc1a}}, {0x0, 0x0}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f406", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}, 0x1, 0x0, 0x0, 0x20000004}, 0x4)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt(r6, 0x65, 0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={0x0, &(0x7f0000000100)=""/95, &(0x7f0000000180), &(0x7f00000003c0), 0x4, r2}, 0x38)

5.780853101s ago: executing program 3 (id=1883):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x2)
r5 = dup(r4)
write$char_usb(r5, &(0x7f0000000240)="259772bd9402000000000000008c19f3da78ce7f427cb49491881fac78851681a78c8049cbb19337f4077f7ec86308", 0x2f)
r6 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x0, 0x168, 0x9, 0x0, 0xb, 0x2e8, 0x250, 0x250, 0x2e8, 0x250, 0x3, 0x0, {[{{@ipv6={@mcast1, @remote, [], [], 'macvlan0\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x1a0, 0x1e8, 0x0, {0x0, 0x28e}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@private1, [], @ipv4=@local, [], @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}, [], @ipv4=@local}}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@rand_addr=0x64010100, 'dvmrp0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'veth0_to_bond\x00', 'caif0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}, {{0x0, 0xfd}}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418)
syz_usb_connect(0x0, 0x1b, &(0x7f00000018c0)={{0x12, 0x1, 0x0, 0xb2, 0x1e, 0x66, 0x20, 0x403, 0xd491, 0x3a75, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x0, 0x0, 0x90}}]}}, 0x0)

4.540554852s ago: executing program 1 (id=1884):
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000000140600fe8000000000000000000000000000aafe8000000000000000000000000000aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="e3"], 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000440)={r3})
r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7, 0x0, 0x0, 0x0, 0x0, [<r8=>0x0]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000100)={r8, 0x0, <r9=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r9})
close_range(r1, 0xffffffffffffffff, 0x0)

4.426382805s ago: executing program 1 (id=1885):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2a, 0x0, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
recvmmsg(r2, &(0x7f0000005dc0), 0x0, 0x0, 0x0)
connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r7, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_PEER_PORT={0x6}]}, 0x24}}, 0x0)
sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB, @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
sendfile(r1, r0, &(0x7f00000000c0)=0x8b, 0x100000500)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
fsetxattr(0xffffffffffffffff, 0x0, &(0x7f0000000380)='\x00\x00o;\xc8\xdd1\xa4lB&\xa9\xb6\x06\x06\x99\t\xf5\x10\x17\'\xcaV\xab\\rw9+\xba\tl|\xde\x93\xea\x95A}\x89\x82\x8c\n<a\xa2{j\nz=>N\x97\xbf\xab\xa4_\xc2\x17\xe7+\xc5\xfe\x16-\xdd\xa7\x00\xfe\xa0\xa2\xbdUw\x01\x80\x92\xea\x15\xc2opg\xee\xbd\t\xba\x9d\x98\x983\xfd\v\xc1\xbd\x1e\xd5h\xc3@\xda\xee\x97\xd5~\xee\xd6$\xc6\x8c\x01l\x1e\xd3\x1f\xe4<\xee\b\xe4\x16\xc3Ku\x84\xcd\x89\xb8\x1bF\xcd\r\xbc\xc0\xbb\xf5Q\x06\xb71>\xcd\xdb\x0f\x8c\x14\xc5\t\x92m/u,^\xe6\xc7V\xca|;j\xc1\xf4$\xe1A\x17\xeb\xf1M\x8c\x82\\\x89\x89\x00\x98\xadr\xd4\x86;\xed+\x899\x8a\xe9\x18\xb4]a\xd2\x15\x93\x84\x8b\x85\xae\'\xf4\xc9\xcb\x8c\'\x88\xff\x02\b\xaf\xe9vc\x9au\xba\xce]\x85\x98>\xa6\xe1\xc0)\xff`\xdepJ\x95E\x98\xa6pu\xbdh\xa2\xe3\x9d\x85\x19El\xf4aO\xb7\xcd\x15', 0xfc, 0x0)
ioctl$VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f00000000c0)={0x0, 0x0, 0x0, "b75cbb1844038d2cd97c945462f31638b5394c00"})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

3.323260861s ago: executing program 0 (id=1886):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
dup3(0xffffffffffffffff, r0, 0x0)

2.797314134s ago: executing program 4 (id=1887):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xe, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
write(r1, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)

2.093668175s ago: executing program 0 (id=1888):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="a0010000100001000000000000000000fe800000000000000000000000000000000000000000000000000000000100"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000af0000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000000000000000000000000000004c001400636d61632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000"], 0x1a0}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x28, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@typed={0x8, 0x17, 0x0, 0x0, @u32}, @nested={0xa, 0x16, 0x0, 0x1, [@generic="92f2703ff0c7"]}]}, 0x28}, 0x1, 0x3000000}, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r0)
sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x70, r6, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x5c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xe6}, @TIPC_NLA_PROP_PRIO={0xffffffffffffff05, 0x1, 0xb}]}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040010}, 0x24040000)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000200)={0x1f, 0x0, @fixed}, 0xe)
socket(0x1d, 0x2, 0x6)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r8}, './file0\x00'})
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f0000000200))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r9 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r9, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

2.000819559s ago: executing program 4 (id=1889):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x31, 0x4, 0x0, 0x0, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0x0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x13, 0x0, [@dev, @loopback, @multicast1, @loopback]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.737996497s ago: executing program 3 (id=1890):
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000007940), 0x2, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000007b80)=[{&(0x7f0000007980)=""/131, 0x83}], 0x1, 0x83, 0x0, 0x0)

1.125892911s ago: executing program 3 (id=1891):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1a, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x90)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000100)=0x9, 0x4)
sendto$packet(r0, &(0x7f00000002c0)="05040800d3fc030000004788031c0910", 0x10, 0x4, &(0x7f0000000140)={0x11, 0x8864, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14)
r3 = socket(0xa, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000a40)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0xfffffc66)
close(r1)
socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000300)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000010000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000063d44df12b000000000000d781ab88e29ad75ae39701e6794ad0b7efcb57ef6f1b7ac2de8a14e9c49cfeebe9bc86c0e9d4e7c5a6e29d57127288c835c0522a067ca760b7029bd261fbb72753d3d9c3d3031394158ea1395bbafe43b1b932fb283970069ec5bea49e51ae5704605ed78a65e8456eca133d40936d68a7528e6d2c372975805e347228edf663ad7f8917279d3dbfa191c9f39381d40d22993169a123a0be01224cad5e5328989e3254c93a8868fa5eadc79fc709afbcc2ef751f57bafbfeede98c02798f98f0fe8f09518b7d10e386b4928227875686256bd82eb7dc858b3b3be2b52e583fb024e851148fea40206b1c626c37b86647bd9f606f0edd8c"], 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000206051100000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800064000000000050005000000000005000100060000000d000300686173"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x0)

458.518385ms ago: executing program 3 (id=1892):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000100), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000480)={&(0x7f0000000040), 0x10, &(0x7f0000000340)={&(0x7f0000000400)={0x5, 0x0, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "279798af2ecd0648"}}, 0x48}}, 0x0)
dup3(r0, r1, 0x0)

0s ago: executing program 3 (id=1893):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0xfc, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0xb4, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x98, 0x6, [@m_connmark={0x68, 0x0, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}]}, {0x19, 0x6, "66396e732cf67237ecb590a592c571fa73ca19ec26"}, {0xc}, {0xc}}}, @m_bpf={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0xfc}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (fail_nth: 3)

kernel console output (not intermixed with test programs):

): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.683867][T10970] hsr_slave_0: entered promiscuous mode
[  549.707558][T10970] hsr_slave_1: entered promiscuous mode
[  549.721747][T10970] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  549.730244][T10970] Cannot create hsr debugfs directory
[  549.771126][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.782420][    T8] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  549.881838][   T35] bond0: (slave netdevsim0): Releasing backup interface
[  549.912924][ T5139] usb 3-1: new low-speed USB device number 32 using dummy_hcd
[  549.914875][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.974853][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  550.002941][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  550.037609][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  550.042952][ T5086] Bluetooth: hci6: command tx timeout
[  550.088690][    T8] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  550.115743][ T5139] usb 3-1: No LPM exit latency info found, disabling LPM.
[  550.173200][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.219923][ T5139] usb 3-1: config 1 interface 0 altsetting 11 endpoint 0x81 has invalid maxpacket 16, setting to 8
[  550.234945][    T8] usb 2-1: config 0 descriptor??
[  550.240122][ T5139] usb 3-1: config 1 interface 0 has no altsetting 0
[  550.690347][    T8] wacom 0003:056A:0043.0016: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  550.812060][    T8] wacom 0003:056A:0043.0016: hidraw0: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.1-1/input0
[  550.847676][    T8] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0043.0016/input/input92
[  550.886288][   T35] bridge_slave_1: left allmulticast mode
[  550.891999][   T35] bridge_slave_1: left promiscuous mode
[  550.912289][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.983454][   T35] bridge_slave_0: left allmulticast mode
[  551.003335][   T35] bridge_slave_0: left promiscuous mode
[  551.009182][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  551.206083][    T8] usb 2-1: USB disconnect, device number 45
[  552.153015][ T5086] Bluetooth: hci6: command tx timeout
[  552.682400][ T5139] usb 3-1: New USB device found, idVendor=056a, idProduct=005d, bcdDevice= 0.40
[  552.702366][ T5139] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  552.904891][ T5139] usb 3-1: can't set config #1, error -71
[  552.957653][ T5139] usb 3-1: USB disconnect, device number 32
[  553.365249][T11096] FAULT_INJECTION: forcing a failure.
[  553.365249][T11096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  553.379720][T11096] CPU: 0 PID: 11096 Comm: syz.0.1504 Not tainted 6.10.0-rc7-syzkaller #0
[  553.388178][T11096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  553.398270][T11096] Call Trace:
[  553.401582][T11096]  <TASK>
[  553.404539][T11096]  dump_stack_lvl+0x241/0x360
[  553.409272][T11096]  ? __pfx_dump_stack_lvl+0x10/0x10
[  553.414527][T11096]  ? __pfx__printk+0x10/0x10
[  553.419170][T11096]  ? __pfx_lock_release+0x10/0x10
[  553.424250][T11096]  should_fail_ex+0x3b0/0x4e0
[  553.428992][T11096]  _copy_from_user+0x2f/0xe0
[  553.433634][T11096]  __se_sys_mount+0x17d/0x3c0
[  553.438365][T11096]  ? __pfx___se_sys_mount+0x10/0x10
[  553.443608][T11096]  ? do_syscall_64+0x100/0x230
[  553.448431][T11096]  ? __x64_sys_mount+0x20/0xc0
[  553.453262][T11096]  do_syscall_64+0xf3/0x230
[  553.457819][T11096]  ? clear_bhb_loop+0x35/0x90
[  553.462551][T11096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.468501][T11096] RIP: 0033:0x7f3d0ab75bd9
[  553.472954][T11096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.492596][T11096] RSP: 002b:00007f3d0b94f048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  553.501059][T11096] RAX: ffffffffffffffda RBX: 00007f3d0ad03f60 RCX: 00007f3d0ab75bd9
[  553.509226][T11096] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[  553.517221][T11096] RBP: 00007f3d0b94f0a0 R08: 0000000020000580 R09: 0000000000000000
[  553.525208][T11096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.533187][T11096] R13: 000000000000000b R14: 00007f3d0ad03f60 R15: 00007fff1d83d538
[  553.541182][T11096]  </TASK>
[  553.608294][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  553.635537][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  553.670620][   T35] bond0 (unregistering): Released all slaves
[  553.795282][T10800] 8021q: adding VLAN 0 to HW filter on device bond0
[  553.917107][T10800] 8021q: adding VLAN 0 to HW filter on device team0
[  553.977034][  T786] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  554.026984][ T5136] bridge0: port 1(bridge_slave_0) entered blocking state
[  554.034267][ T5136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  554.118853][ T5136] bridge0: port 2(bridge_slave_1) entered blocking state
[  554.126118][ T5136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  554.210343][  T786] usb 1-1: config index 0 descriptor too short (expected 65191, got 72)
[  554.238945][T11115] binder: 11114:11115 ioctl c020f509 20000040 returned -22
[  554.253509][  T786] usb 1-1: config index 1 descriptor too short (expected 65191, got 72)
[  554.280041][  T786] usb 1-1: config index 2 descriptor too short (expected 65191, got 72)
[  554.303848][  T786] usb 1-1: config index 3 descriptor too short (expected 65191, got 72)
[  554.323919][  T786] usb 1-1: config index 4 descriptor too short (expected 65191, got 72)
[  554.351363][  T786] usb 1-1: config index 5 descriptor too short (expected 65191, got 72)
[  554.381420][  T786] usb 1-1: config index 6 descriptor too short (expected 65191, got 72)
[  554.404411][    T8] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  554.422604][  T786] usb 1-1: config index 7 descriptor too short (expected 65191, got 72)
[  554.445920][  T786] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  554.462633][  T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.476240][  T786] usb 1-1: Product: syz
[  554.480989][  T786] usb 1-1: Manufacturer: syz
[  554.506768][  T786] usb 1-1: SerialNumber: syz
[  554.537932][  T786] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  554.557184][    T9] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  554.566550][ T5139] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  554.653112][    T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  554.692502][    T8] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  554.702145][    T8] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  554.741893][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.760509][T10970] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  554.763970][    T8] usb 2-1: config 0 descriptor??
[  554.801908][ T5139] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  554.840484][ T5139] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  554.884118][ T5139] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  554.918198][T10970] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  554.962125][T10970] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  554.994227][ T5141] usb 1-1: USB disconnect, device number 40
[  555.007431][ T5139] usb 3-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  555.017110][ T5139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.061705][T10970] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  555.061919][ T5139] usb 3-1: config 0 descriptor??
[  555.104035][   T35] hsr_slave_0: left promiscuous mode
[  555.110723][   T35] hsr_slave_1: left promiscuous mode
[  555.119224][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  555.127234][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  555.135588][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  555.145889][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  555.175651][   T35] veth1_macvtap: left promiscuous mode
[  555.181375][   T35] veth1_vlan: left promiscuous mode
[  555.187078][   T35] veth0_vlan: left promiscuous mode
[  555.519800][ T5139] wacom 0003:056A:0043.0017: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  555.552026][ T5139] wacom 0003:056A:0043.0017: hidraw0: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.2-1/input0
[  555.600977][ T5139] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0043.0017/input/input95
[  555.642692][    T9] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  555.651366][    T9] ath9k_htc: Failed to initialize the device
[  555.840936][ T5141] usb 1-1: ath9k_htc: USB layer deinitialized
[  556.959848][    T9] usb 3-1: USB disconnect, device number 33
[  557.458584][   T35] team0 (unregistering): Port device team_slave_1 removed
[  557.594615][   T35] team0 (unregistering): Port device team_slave_0 removed
[  559.139830][T10351] usb 2-1: USB disconnect, device number 46
[  559.360842][T10800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  559.548488][T10800] veth0_vlan: entered promiscuous mode
[  559.655663][T10800] veth1_vlan: entered promiscuous mode
[  559.682662][T10351] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  559.700847][T10970] 8021q: adding VLAN 0 to HW filter on device bond0
[  559.761192][T10970] 8021q: adding VLAN 0 to HW filter on device team0
[  559.861750][ T5184] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.868970][ T5184] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.883462][T10351] usb 2-1: Using ep0 maxpacket: 16
[  559.894501][T10351] usb 2-1: config 0 has an invalid descriptor of length 253, skipping remainder of the config
[  559.907822][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.915056][ T5184] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.926062][T10351] usb 2-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  559.938475][T10351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.976347][T10351] usb 2-1: Product: syz
[  559.980582][T10351] usb 2-1: Manufacturer: syz
[  559.985877][ T5086] Bluetooth: hci2: unexpected event for opcode 0x0c05
[  559.996741][T10351] usb 2-1: SerialNumber: syz
[  560.001640][T10800] veth0_macvtap: entered promiscuous mode
[  560.010773][T10351] usb 2-1: config 0 descriptor??
[  560.061505][T10800] veth1_macvtap: entered promiscuous mode
[  560.298822][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  560.313312][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  560.323585][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  560.355550][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  560.366234][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  560.375905][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  560.376107][T10351] usb 2-1: USB disconnect, device number 47
[  560.462016][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.530015][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  560.558067][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.574860][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  560.585590][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.596119][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  560.607878][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.618878][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  560.629618][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.643878][T10800] batman_adv: batadv0: Interface activated: batadv_slave_0
[  560.723708][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.779901][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  560.793988][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.804758][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  560.815462][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.825608][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  560.846197][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.857740][T10800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  560.868741][T10800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.881905][T10800] batman_adv: batadv0: Interface activated: batadv_slave_1
[  560.941872][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.951372][T11156] binder: 11155:11156 ioctl c020f509 20000040 returned -22
[  561.005972][T10800] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  561.026322][T10800] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  561.041502][T10800] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  561.050428][T10800] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  561.158521][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.243948][ T5141] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  561.457945][ T5141] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.473099][ T5141] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  561.486187][ T5141] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  561.499756][ T5141] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  561.513079][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.535094][ T5141] usb 2-1: config 0 descriptor??
[  561.708215][ T2396] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  561.746069][ T2396] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  561.796295][   T35] bridge_slave_1: left allmulticast mode
[  561.807933][   T35] bridge_slave_1: left promiscuous mode
[  561.819481][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.836841][   T35] bridge_slave_0: left allmulticast mode
[  561.843638][   T35] bridge_slave_0: left promiscuous mode
[  561.852054][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.994482][ T5141] wacom 0003:056A:0043.0018: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  562.030431][ T5141] wacom 0003:056A:0043.0018: hidraw0: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.1-1/input0
[  562.057177][ T5141] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0043.0018/input/input98
[  562.442496][ T5086] Bluetooth: hci1: command tx timeout
[  562.700921][    T8] usb 2-1: USB disconnect, device number 48
[  562.868409][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  562.888343][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  562.910550][   T35] bond0 (unregistering): Released all slaves
[  563.038162][T10970] 8021q: adding VLAN 0 to HW filter on device batadv0
[  563.081392][ T2795] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  563.108343][ T2795] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  563.194343][T11153] chnl_net:caif_netlink_parms(): no params data found
[  563.319428][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  563.328322][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  564.596510][T11153] bridge0: port 1(bridge_slave_0) entered blocking state
[  564.598116][ T5086] Bluetooth: hci1: command tx timeout
[  564.718733][T11153] bridge0: port 1(bridge_slave_0) entered disabled state
[  564.762088][T11153] bridge_slave_0: entered allmulticast mode
[  564.784412][T11153] bridge_slave_0: entered promiscuous mode
[  564.828659][T11198] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1523'.
[  564.944464][   T35] hsr_slave_0: left promiscuous mode
[  564.967185][   T35] hsr_slave_1: left promiscuous mode
[  564.981012][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  564.999928][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  565.015420][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  565.037407][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  565.149186][   T35] veth1_macvtap: left promiscuous mode
[  565.164678][   T35] veth0_macvtap: left promiscuous mode
[  565.177038][   T35] veth1_vlan: left promiscuous mode
[  565.189795][   T35] veth0_vlan: left promiscuous mode
[  566.066518][   T35] team0 (unregistering): Port device team_slave_1 removed
[  566.186585][   T35] team0 (unregistering): Port device team_slave_0 removed
[  566.673236][ T5086] Bluetooth: hci1: command tx timeout
[  566.938747][T11153] bridge0: port 2(bridge_slave_1) entered blocking state
[  566.949746][T11153] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.957234][T11153] bridge_slave_1: entered allmulticast mode
[  566.967464][T11153] bridge_slave_1: entered promiscuous mode
[  567.223899][T11234] binder: 11233:11234 ioctl c020f509 20000040 returned -22
[  567.239413][T11153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  567.285458][T11153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  567.461712][T11153] team0: Port device team_slave_0 added
[  567.508081][T11153] team0: Port device team_slave_1 added
[  567.540268][ T5131] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  567.649999][T10970] veth0_vlan: entered promiscuous mode
[  567.829398][T11153] batman_adv: batadv0: Adding interface: batadv_slave_0
[  567.855356][T11153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.881461][    C1] vkms_vblank_simulate: vblank timer overrun
[  567.915514][ T5131] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  567.931526][ T5131] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  567.958117][ T5131] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  567.976557][ T5131] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  567.986012][ T5131] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.995713][T11153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  568.009948][ T5131] usb 2-1: config 0 descriptor??
[  568.049345][T10970] veth1_vlan: entered promiscuous mode
[  568.072017][T11153] batman_adv: batadv0: Adding interface: batadv_slave_1
[  568.079371][T11153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  568.106279][T11153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.374861][T11153] hsr_slave_0: entered promiscuous mode
[  568.390103][T11153] hsr_slave_1: entered promiscuous mode
[  569.165171][ T5086] Bluetooth: hci1: command tx timeout
[  569.178924][ T5131] wacom 0003:056A:0043.0019: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  569.197602][ T5131] wacom 0003:056A:0043.0019: hidraw0: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.1-1/input0
[  569.217733][ T5131] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0043.0019/input/input101
[  569.254910][T11153] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  569.300417][T11153] Cannot create hsr debugfs directory
[  569.694829][T10970] veth0_macvtap: entered promiscuous mode
[  569.727609][T10970] veth1_macvtap: entered promiscuous mode
[  569.815981][ T5139] usb 2-1: USB disconnect, device number 49
[  569.929603][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.941783][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.953557][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.966526][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.977894][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.998641][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.017094][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  570.030583][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.042537][ T5141] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  570.050363][T10970] batman_adv: batadv0: Interface activated: batadv_slave_0
[  570.077187][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.102337][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.116286][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.132449][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.142853][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.156347][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.166830][T10970] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.184764][T10970] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.200145][T10970] batman_adv: batadv0: Interface activated: batadv_slave_1
[  570.244641][ T5141] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  570.267279][ T5141] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  570.272191][T10970] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  570.294472][T10970] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  570.311831][T10970] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  570.314274][ T5141] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  570.320998][T10970] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  570.339975][ T5141] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.505474][ T5089] Bluetooth: hci0: unexpected event for opcode 0x0c05
[  570.672261][ T9146] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  570.861674][ T5141] usb 1-1: 0:2 : does not exist
[  570.882399][ T9146] usb 4-1: Using ep0 maxpacket: 16
[  570.896449][ T9146] usb 4-1: config 0 has an invalid descriptor of length 253, skipping remainder of the config
[  570.928931][ T5141] usb 1-1: USB disconnect, device number 41
[  570.945291][ T9146] usb 4-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  570.969441][ T9146] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.978131][ T9146] usb 4-1: Product: syz
[  570.997159][ T9146] usb 4-1: Manufacturer: syz
[  571.008277][ T9146] usb 4-1: SerialNumber: syz
[  571.027588][ T9146] usb 4-1: config 0 descriptor??
[  571.078117][ T5287] udevd[5287]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  571.116098][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.157904][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.271610][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.357968][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.382615][ T9146] usb 4-1: USB disconnect, device number 32
[  571.525891][T11153] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  571.596888][T11153] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  571.653819][T11153] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  571.680529][T11153] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  571.900283][T11153] 8021q: adding VLAN 0 to HW filter on device bond0
[  571.922404][ T5143] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  571.978657][T11153] 8021q: adding VLAN 0 to HW filter on device team0
[  572.014933][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  572.022252][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  572.063867][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  572.071161][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  572.132413][ T5143] usb 5-1: Using ep0 maxpacket: 8
[  572.169478][ T5143] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  572.198490][ T5143] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  572.246769][ T5143] usb 5-1: config 0 has no interface number 0
[  572.423940][ T5143] usb 5-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  572.438093][ T5143] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  572.447845][ T5143] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.545786][ T5143] usb 5-1: config 0 descriptor??
[  572.594712][ T5143] iowarrior 5-1:0.1: no interrupt-in endpoint found
[  572.983823][ T5136] usb 5-1: USB disconnect, device number 37
[  573.856485][T11328] FAULT_INJECTION: forcing a failure.
[  573.856485][T11328] name failslab, interval 1, probability 0, space 0, times 0
[  573.870358][T11328] CPU: 0 PID: 11328 Comm: syz.0.1544 Not tainted 6.10.0-rc7-syzkaller #0
[  573.878842][T11328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  573.888939][T11328] Call Trace:
[  573.892257][T11328]  <TASK>
[  573.895223][T11328]  dump_stack_lvl+0x241/0x360
[  573.899958][T11328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  573.905212][T11328]  ? __pfx__printk+0x10/0x10
[  573.909858][T11328]  ? ref_tracker_alloc+0x332/0x490
[  573.915025][T11328]  should_fail_ex+0x3b0/0x4e0
[  573.919752][T11328]  ? skb_clone+0x20c/0x390
[  573.924213][T11328]  should_failslab+0x9/0x20
[  573.928756][T11328]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  573.934162][T11328]  skb_clone+0x20c/0x390
[  573.938465][T11328]  __netlink_deliver_tap+0x3cc/0x7c0
[  573.943781][T11328]  ? netlink_deliver_tap+0x2e/0x1b0
[  573.948995][T11328]  netlink_deliver_tap+0x19d/0x1b0
[  573.954126][T11328]  netlink_unicast+0x7b8/0x980
[  573.958916][T11328]  ? __pfx_netlink_unicast+0x10/0x10
[  573.964306][T11328]  ? __virt_addr_valid+0x183/0x520
[  573.969439][T11328]  ? __check_object_size+0x49c/0x900
[  573.974935][T11328]  ? bpf_lsm_netlink_send+0x9/0x10
[  573.980133][T11328]  netlink_sendmsg+0x8db/0xcb0
[  573.984960][T11328]  ? __pfx_netlink_sendmsg+0x10/0x10
[  573.990289][T11328]  ? __import_iovec+0x536/0x820
[  573.995172][T11328]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  574.000738][T11328]  ? security_socket_sendmsg+0x87/0xb0
[  574.006221][T11328]  ? __pfx_netlink_sendmsg+0x10/0x10
[  574.011518][T11328]  __sock_sendmsg+0x221/0x270
[  574.016207][T11328]  ____sys_sendmsg+0x525/0x7d0
[  574.020991][T11328]  ? __pfx_____sys_sendmsg+0x10/0x10
[  574.026304][T11328]  __sys_sendmsg+0x2b0/0x3a0
[  574.030909][T11328]  ? __pfx___sys_sendmsg+0x10/0x10
[  574.036037][T11328]  ? vfs_write+0x7c4/0xc90
[  574.040505][T11328]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  574.046847][T11328]  ? do_syscall_64+0x100/0x230
[  574.051629][T11328]  ? do_syscall_64+0xb6/0x230
[  574.056324][T11328]  do_syscall_64+0xf3/0x230
[  574.060848][T11328]  ? clear_bhb_loop+0x35/0x90
[  574.065549][T11328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.071460][T11328] RIP: 0033:0x7f3d0ab75bd9
[  574.075885][T11328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.095502][T11328] RSP: 002b:00007f3d0b94f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  574.103928][T11328] RAX: ffffffffffffffda RBX: 00007f3d0ad03f60 RCX: 00007f3d0ab75bd9
[  574.111906][T11328] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  574.119907][T11328] RBP: 00007f3d0b94f0a0 R08: 0000000000000000 R09: 0000000000000000
[  574.127888][T11328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  574.135866][T11328] R13: 000000000000000b R14: 00007f3d0ad03f60 R15: 00007fff1d83d538
[  574.143944][T11328]  </TASK>
[  574.246334][T11331] binder: 11329:11331 ioctl c020f509 20000040 returned -22
[  574.259944][T11153] 8021q: adding VLAN 0 to HW filter on device batadv0
[  574.332455][ T5136] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  574.522387][ T5136] usb 4-1: Using ep0 maxpacket: 32
[  574.531351][ T5136] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  574.583144][ T5136] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  574.611369][ T5136] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  574.689072][ T5136] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  574.772043][ T5136] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  574.858889][ T5136] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  574.963436][T11153] veth0_vlan: entered promiscuous mode
[  574.985068][ T5136] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  575.040085][T11153] veth1_vlan: entered promiscuous mode
[  575.049613][ T5136] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.074430][    T9] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  575.091708][ T5136] usb 4-1: config 0 descriptor??
[  575.298740][T11153] veth0_macvtap: entered promiscuous mode
[  575.310047][T11153] veth1_macvtap: entered promiscuous mode
[  575.353472][ T5136] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 33 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  575.385076][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.432293][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.446936][ T5136] usb 4-1: USB disconnect, device number 33
[  575.470627][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.485527][ T5136] usblp0: removed
[  575.500661][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.515185][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.535131][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.553522][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  575.577386][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.630863][    T9] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  575.642294][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.659641][ T5086] Bluetooth: hci3: command 0x0406 tx timeout
[  575.672982][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.692649][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.694179][    T9] usb 2-1: config 0 descriptor??
[  575.762629][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.805479][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.831236][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.844733][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1551'.
[  575.864242][T11153] batman_adv: batadv0: Interface activated: batadv_slave_0
[  575.925282][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  575.961673][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.002380][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.035640][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.072297][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.131006][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.153404][    T9] wacom 0003:056A:0043.001A: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  576.170756][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.203388][    T9] wacom 0003:056A:0043.001A: hidraw0: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.1-1/input0
[  576.204654][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.260543][    T9] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0043.001A/input/input104
[  576.270309][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.319476][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.365502][T11153] batman_adv: batadv0: Interface activated: batadv_slave_1
[  576.420860][T11153] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  576.532413][T11153] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  576.541185][T11153] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  576.619626][T11153] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  577.655726][ T5143] usb 2-1: USB disconnect, device number 50
[  578.008482][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  578.070164][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  578.189829][T11392] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1555'.
[  578.242412][    T8] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  578.317182][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  578.392928][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  578.504668][    T8] usb 4-1: Using ep0 maxpacket: 8
[  578.526240][    T8] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  578.562298][    T8] usb 4-1: config 0 has no interface number 0
[  578.613475][    T8] usb 4-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  578.702393][    T8] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  578.749765][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.666608][    T8] usb 4-1: config 0 descriptor??
[  579.689658][    T8] iowarrior 4-1:0.1: no interrupt-in endpoint found
[  579.700274][T10351] libceph: connect (1)[c::]:6789 error -101
[  579.719429][T11432] usb usb8: usbfs: process 11432 (syz.1.1561) did not claim interface 0 before use
[  579.729386][T10351] libceph: mon0 (1)[c::]:6789 connect error
[  579.812980][T11424] ceph: No mds server is up or the cluster is laggy
[  580.246068][ T5139] usb 4-1: USB disconnect, device number 34
[  580.272691][T10351] usb 2-1: new full-speed USB device number 51 using dummy_hcd
[  580.505352][T10351] usb 2-1: not running at top speed; connect to a high speed hub
[  580.545974][T10351] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 64
[  580.591991][T10351] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  580.622302][T10351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.637953][T11455] binder: 11454:11455 ioctl c020f509 20000040 returned -22
[  580.809330][T10351] usb 2-1: Product: и
[  580.836662][T11432] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  581.113330][ T5139] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  581.275544][T10351] cdc_ncm 2-1:1.0: bind() failure
[  581.319788][T10351] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  581.324941][ T5139] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.370834][ T5139] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.389432][T10351] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  581.419939][ T5139] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  581.459249][T11472] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1570'.
[  581.460214][T10351] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  581.492828][ T5139] usb 1-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  581.522642][T10351] usb 2-1: USB disconnect, device number 51
[  581.541162][ T5139] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.651937][ T5139] usb 1-1: config 0 descriptor??
[  581.984813][ T5143] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  582.220057][ T5143] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  582.260204][ T5143] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  582.295515][ T5143] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  582.322487][ T5143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.700424][ T5139] usbhid 1-1:0.0: can't add hid device: -71
[  582.719866][ T5139] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  583.109675][ T5143] usb 3-1: 0:2 : does not exist
[  583.142070][ T5139] usb 1-1: USB disconnect, device number 42
[  583.347017][ T5143] usb 3-1: USB disconnect, device number 34
[  583.643559][T11500] netlink: 'syz.3.1577': attribute type 1 has an invalid length.
[  583.687754][ T5287] udevd[5287]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  583.958694][T11508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1577'.
[  584.236379][ T5141] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  584.404964][ T5089] Bluetooth: hci5: SCO packet for unknown connection handle 0
[  584.612465][ T5141] usb 1-1: Using ep0 maxpacket: 8
[  584.670898][ T5141] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  584.680844][ T5141] usb 1-1: config 0 has no interface number 0
[  584.696948][ T5141] usb 1-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  584.924911][T11522] fuse: Bad value for 'fd'
[  584.926820][ T5141] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  585.222434][ T5141] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.244174][ T5141] usb 1-1: config 0 descriptor??
[  585.258611][ T5141] iowarrior 1-1:0.1: no interrupt-in endpoint found
[  585.569325][ T5139] usb 1-1: USB disconnect, device number 43
[  586.068860][T11534] binder: 11533:11534 ioctl c020f509 20000040 returned -22
[  586.272946][ T5139] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  586.362704][    T9] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  586.472443][ T5139] usb 3-1: Using ep0 maxpacket: 32
[  586.497163][ T5139] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  586.548846][ T5139] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  586.581833][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  586.616002][ T5139] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  586.630376][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  586.646307][ T5139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.658794][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  586.680936][ T5139] usb 3-1: config 0 descriptor??
[  586.691516][    T9] usb 5-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  586.705370][ T5139] hub 3-1:0.0: USB hub found
[  586.713575][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.733437][    T9] usb 5-1: config 0 descriptor??
[  586.914774][ T5139] hub 3-1:0.0: 1 port detected
[  587.292297][T11553] hub 6-0:1.0: USB hub found
[  587.297364][T11553] hub 6-0:1.0: 1 port detected
[  587.347414][ T5139] usb 3-1: USB disconnect, device number 35
[  587.701091][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  587.707285][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  587.718725][    T9] usb 5-1: USB disconnect, device number 38
[  589.002388][ T5143] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  590.242377][ T5143] usb 2-1: Using ep0 maxpacket: 32
[  590.266039][ T5143] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 4
[  590.303106][ T5143] usb 2-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6
[  590.314227][ T5143] usb 2-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0
[  590.325356][ T5143] usb 2-1: Product: syz
[  590.362024][ T5143] usb 2-1: config 0 descriptor??
[  590.386027][ T5143] usb 2-1: dvb_usb_v2: found a 'Anysee' in warm state
[  590.406988][ T5143] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  590.436828][ T5143] dvb_usb_anysee 2-1:0.0: probe with driver dvb_usb_anysee failed with error -22
[  590.544299][T11587] usb usb8: usbfs: process 11587 (syz.3.1606) did not claim interface 0 before use
[  590.671094][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  590.681213][T11566] overlayfs: failed to resolve './file0': -2
[  590.686086][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  590.722507][T11566] Process accounting resumed
[  590.732931][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  590.777545][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  590.821557][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  590.867947][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  590.883543][  T786] usb 4-1: new full-speed USB device number 35 using dummy_hcd
[  590.929379][T11589] netlink: 'syz.0.1607': attribute type 29 has an invalid length.
[  591.094888][  T786] usb 4-1: not running at top speed; connect to a high speed hub
[  591.126470][  T786] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 64
[  591.208439][  T786] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  591.251398][  T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.265507][  T786] usb 4-1: Product: и
[  591.278837][T11587] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  592.447808][  T786] cdc_ncm 4-1:1.0: bind() failure
[  592.497750][  T786] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  592.505332][  T786] cdc_ncm 4-1:1.1: bind() failure
[  592.609523][  T786] usb 4-1: USB disconnect, device number 35
[  592.984216][ T5143] usb 2-1: USB disconnect, device number 52
[  593.107994][T11613] binder: 11612:11613 ioctl c020f509 20000040 returned -22
[  593.742308][ T5143] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  593.782312][ T9146] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  593.934263][ T5143] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  593.962604][ T9146] usb 4-1: device descriptor read/64, error -71
[  593.972298][ T5143] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.002887][ T5143] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  594.020759][T11623] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1617'.
[  594.062766][ T5143] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  594.071869][ T5143] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.108010][ T5143] usb 2-1: config 0 descriptor??
[  594.252523][ T9146] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  594.412368][ T9146] usb 4-1: device descriptor read/64, error -71
[  594.550026][ T9146] usb usb4-port1: attempt power cycle
[  594.942305][ T5143] usbhid 2-1:0.0: can't add hid device: -71
[  594.976017][ T5143] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  595.001634][ T9146] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  595.017244][ T5143] usb 2-1: USB disconnect, device number 53
[  595.047787][ T9146] usb 4-1: device descriptor read/8, error -71
[  595.352431][ T9146] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  595.404973][ T9146] usb 4-1: device descriptor read/8, error -71
[  595.523492][ T9146] usb usb4-port1: unable to enumerate USB device
[  595.526723][T11643] usb usb8: usbfs: process 11643 (syz.1.1625) did not claim interface 0 before use
[  595.592517][ T5143] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  595.797036][ T5143] usb 1-1: Using ep0 maxpacket: 32
[  595.815346][ T5143] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 4
[  595.837698][ T5143] usb 1-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6
[  595.849434][ T5143] usb 1-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0
[  595.866039][ T5143] usb 1-1: Product: syz
[  595.877373][ T5143] usb 1-1: config 0 descriptor??
[  595.886099][ T5143] usb 1-1: dvb_usb_v2: found a 'Anysee' in warm state
[  595.897954][ T5143] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  595.904929][ T5143] dvb_usb_anysee 1-1:0.0: probe with driver dvb_usb_anysee failed with error -22
[  595.962383][ T9146] usb 2-1: new full-speed USB device number 54 using dummy_hcd
[  596.165173][ T9146] usb 2-1: not running at top speed; connect to a high speed hub
[  596.188822][ T9146] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 64
[  596.229578][ T9146] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  596.252850][ T9146] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.386818][ T9146] usb 2-1: Product: и
[  596.410774][T11643] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  596.653534][ T9146] cdc_ncm 2-1:1.0: bind() failure
[  596.719202][ T9146] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  596.744199][ T9146] cdc_ncm 2-1:1.1: bind() failure
[  596.774751][ T9146] usb 2-1: USB disconnect, device number 54
[  596.925584][T11641] overlayfs: failed to resolve './file0': -2
[  597.244035][T11641] Process accounting resumed
[  598.069329][  T786] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  598.272701][  T786] usb 3-1: Using ep0 maxpacket: 8
[  598.291988][  T786] usb 3-1: New USB device found, idVendor=337d, idProduct=503c, bcdDevice=22.8c
[  598.325611][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.365840][  T786] usb 3-1: Product: syz
[  598.370117][  T786] usb 3-1: Manufacturer: syz
[  598.390692][  T786] usb 3-1: SerialNumber: syz
[  598.400886][  T786] usb 3-1: config 0 descriptor??
[  599.392121][T11682] FAULT_INJECTION: forcing a failure.
[  599.392121][T11682] name failslab, interval 1, probability 0, space 0, times 0
[  599.410677][  T786] usb 3-1: USB disconnect, device number 36
[  599.459650][T11682] CPU: 1 PID: 11682 Comm: syz.3.1639 Not tainted 6.10.0-rc7-syzkaller #0
[  599.468142][T11682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  599.478321][T11682] Call Trace:
[  599.481643][T11682]  <TASK>
[  599.484621][T11682]  dump_stack_lvl+0x241/0x360
[  599.489356][T11682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  599.494636][T11682]  ? __pfx__printk+0x10/0x10
[  599.499286][T11682]  ? __pfx___might_resched+0x10/0x10
[  599.504637][T11682]  should_fail_ex+0x3b0/0x4e0
[  599.509456][T11682]  ? sctp_association_new+0x8a/0x23f0
[  599.514875][T11682]  should_failslab+0x9/0x20
[  599.519605][T11682]  kmalloc_trace_noprof+0x6c/0x2c0
[  599.524776][T11682]  sctp_association_new+0x8a/0x23f0
[  599.530033][T11682]  ? sctp_has_association+0x1d4/0x1f0
[  599.535450][T11682]  ? sctp_has_association+0x2f/0x1f0
[  599.540790][T11682]  ? __ipv6_addr_type+0x23c/0x2f0
[  599.545859][T11682]  sctp_connect_new_asoc+0x2d8/0x6c0
[  599.551171][T11682]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  599.556995][T11682]  ? sctp_sendmsg+0xbb9/0x3520
[  599.561791][T11682]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  599.567358][T11682]  ? security_sctp_bind_connect+0x90/0xb0
[  599.573100][T11682]  sctp_sendmsg+0x219a/0x3520
[  599.577817][T11682]  ? __pfx_sctp_sendmsg+0x10/0x10
[  599.582889][T11682]  ? inet_sendmsg+0x330/0x390
[  599.587578][T11682]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  599.592885][T11682]  ? security_socket_sendmsg+0x87/0xb0
[  599.598463][T11682]  __sock_sendmsg+0x1a6/0x270
[  599.603155][T11682]  __sys_sendto+0x3a4/0x4f0
[  599.607678][T11682]  ? __pfx___sys_sendto+0x10/0x10
[  599.612741][T11682]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  599.618772][T11682]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  599.625129][T11682]  __x64_sys_sendto+0xde/0x100
[  599.630010][T11682]  do_syscall_64+0xf3/0x230
[  599.634537][T11682]  ? clear_bhb_loop+0x35/0x90
[  599.639265][T11682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.645193][T11682] RIP: 0033:0x7f48cf775bd9
[  599.649629][T11682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.669263][T11682] RSP: 002b:00007f48d053e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  599.677793][T11682] RAX: ffffffffffffffda RBX: 00007f48cf903f60 RCX: 00007f48cf775bd9
[  599.685780][T11682] RDX: 000000000000fee4 RSI: 0000000020847fff RDI: 0000000000000004
[  599.693767][T11682] RBP: 00007f48d053e0a0 R08: 000000002005ffe4 R09: 000000000000001c
[  599.701771][T11682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  599.709759][T11682] R13: 000000000000000b R14: 00007f48cf903f60 R15: 00007ffc158dff18
[  599.717879][T11682]  </TASK>
[  599.729972][    T8] usb 1-1: USB disconnect, device number 44
[  600.171592][T10351] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  600.382320][T10351] usb 4-1: Using ep0 maxpacket: 16
[  600.403656][T10351] usb 4-1: config 0 has an invalid descriptor of length 253, skipping remainder of the config
[  600.436221][T10351] usb 4-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  600.455124][T10351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.481922][T10351] usb 4-1: Product: syz
[  600.487543][T10351] usb 4-1: Manufacturer: syz
[  600.496331][T10351] usb 4-1: SerialNumber: syz
[  600.506454][T10351] usb 4-1: config 0 descriptor??
[  601.059305][T10351] usb 4-1: USB disconnect, device number 40
[  602.450428][T11719] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  602.502551][T11719] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  602.629914][T11721] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  602.736785][T11722] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  602.922814][T11719] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  602.972959][T11719] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  603.009445][T11719] netlink: 'syz.0.1650': attribute type 29 has an invalid length.
[  604.698446][    T8] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  604.844519][ T5086] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  604.858080][ T5086] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  604.874008][ T5086] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  604.884748][ T5086] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  604.896630][ T5086] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  604.904305][ T5086] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  604.922415][    T8] usb 1-1: Using ep0 maxpacket: 8
[  604.964068][T11739] overlayfs: failed to resolve './file1': -2
[  604.967234][    T8] usb 1-1: New USB device found, idVendor=337d, idProduct=503c, bcdDevice=22.8c
[  604.982452][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.996920][    T8] usb 1-1: Product: syz
[  605.001145][    T8] usb 1-1: Manufacturer: syz
[  605.013703][    T8] usb 1-1: SerialNumber: syz
[  605.023984][    T8] usb 1-1: config 0 descriptor??
[  605.270336][ T2396] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.487000][ T2396] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.548394][T11750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1658'.
[  605.669386][    T8] usb 1-1: USB disconnect, device number 45
[  605.873069][ T2396] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.915432][T11758] hub 6-0:1.0: USB hub found
[  605.920383][T11758] hub 6-0:1.0: 1 port detected
[  606.031445][ T2396] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.221018][ T5089] Bluetooth: hci0: unexpected event for opcode 0x0c05
[  606.628821][T11740] chnl_net:caif_netlink_parms(): no params data found
[  606.712470][ T2396] bridge_slave_1: left allmulticast mode
[  606.732624][ T2396] bridge_slave_1: left promiscuous mode
[  606.749422][ T2396] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.800997][ T2396] bridge_slave_0: left allmulticast mode
[  606.978865][ T2396] bridge_slave_0: left promiscuous mode
[  606.985305][ T2396] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.995543][ T5089] Bluetooth: hci4: command tx timeout
[  609.073073][ T5089] Bluetooth: hci4: command tx timeout
[  609.114514][ T2396] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  609.176323][ T2396] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  609.223169][ T2396] bond0 (unregistering): Released all slaves
[  609.960693][T11807] hub 6-0:1.0: USB hub found
[  609.965966][T11807] hub 6-0:1.0: 1 port detected
[  610.271989][T11740] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.327140][T11740] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.454373][T11740] bridge_slave_0: entered allmulticast mode
[  610.573974][T11740] bridge_slave_0: entered promiscuous mode
[  610.628511][T11740] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.665902][T11740] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.677853][T11814] FAULT_INJECTION: forcing a failure.
[  610.677853][T11814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  610.691473][T11740] bridge_slave_1: entered allmulticast mode
[  610.701091][T11740] bridge_slave_1: entered promiscuous mode
[  610.707858][T11814] CPU: 1 PID: 11814 Comm: syz.0.1674 Not tainted 6.10.0-rc7-syzkaller #0
[  610.716323][T11814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  610.726411][T11814] Call Trace:
[  610.729720][T11814]  <TASK>
[  610.732672][T11814]  dump_stack_lvl+0x241/0x360
[  610.737397][T11814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  610.742646][T11814]  ? __pfx__printk+0x10/0x10
[  610.747286][T11814]  ? snprintf+0xda/0x120
[  610.751563][T11814]  should_fail_ex+0x3b0/0x4e0
[  610.756292][T11814]  _copy_to_user+0x2f/0xb0
[  610.760753][T11814]  simple_read_from_buffer+0xca/0x150
[  610.766193][T11814]  proc_fail_nth_read+0x1e9/0x250
[  610.771276][T11814]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  610.776885][T11814]  ? rw_verify_area+0x520/0x6b0
[  610.781788][T11814]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  610.787376][T11814]  vfs_read+0x204/0xbc0
[  610.791582][T11814]  ? __pfx_lock_release+0x10/0x10
[  610.796663][T11814]  ? __pfx_vfs_read+0x10/0x10
[  610.801385][T11814]  ? __fget_files+0x29/0x470
[  610.806015][T11814]  ? __fget_files+0x3f6/0x470
[  610.810745][T11814]  ksys_read+0x1a0/0x2c0
[  610.815037][T11814]  ? __pfx_ksys_read+0x10/0x10
[  610.819850][T11814]  ? do_syscall_64+0x100/0x230
[  610.824667][T11814]  ? do_syscall_64+0xb6/0x230
[  610.829425][T11814]  do_syscall_64+0xf3/0x230
[  610.833973][T11814]  ? clear_bhb_loop+0x35/0x90
[  610.838700][T11814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.844640][T11814] RIP: 0033:0x7f3d0ab746bc
[  610.849086][T11814] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  610.868728][T11814] RSP: 002b:00007f3d0b94f040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  610.877281][T11814] RAX: ffffffffffffffda RBX: 00007f3d0ad03f60 RCX: 00007f3d0ab746bc
[  610.885288][T11814] RDX: 000000000000000f RSI: 00007f3d0b94f0b0 RDI: 0000000000000005
[  610.893288][T11814] RBP: 00007f3d0b94f0a0 R08: 0000000000000000 R09: 0000000000000000
[  610.901285][T11814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  610.909288][T11814] R13: 000000000000000b R14: 00007f3d0ad03f60 R15: 00007fff1d83d538
[  610.917317][T11814]  </TASK>
[  611.162311][ T5089] Bluetooth: hci4: command tx timeout
[  611.216101][ T2396] hsr_slave_0: left promiscuous mode
[  612.037007][ T2396] hsr_slave_1: left promiscuous mode
[  612.070263][ T2396] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  612.108732][ T2396] batman_adv: batadv0: Removing interface: batadv_slave_0
[  612.155242][ T2396] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  612.181984][ T2396] batman_adv: batadv0: Removing interface: batadv_slave_1
[  612.298766][ T2396] veth1_macvtap: left promiscuous mode
[  612.311904][ T2396] veth0_macvtap: left promiscuous mode
[  612.322480][ T2396] veth1_vlan: left promiscuous mode
[  612.327897][ T2396] veth0_vlan: left promiscuous mode
[  612.742385][ T5141] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  612.985021][ T5141] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  613.113514][ T5141] usb 4-1: config 0 has no interface number 0
[  613.250971][ T5089] Bluetooth: hci4: command tx timeout
[  613.287355][ T5141] usb 4-1: New USB device found, idVendor=15ba, idProduct=0003, bcdDevice=9b.0a
[  613.337524][ T5141] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.384410][ T5141] usb 4-1: Product: syz
[  613.482021][ T5141] usb 4-1: Manufacturer: syz
[  613.511710][ T5141] usb 4-1: SerialNumber: syz
[  613.544312][ T5141] usb 4-1: config 0 descriptor??
[  613.584120][ T5141] ftdi_sio 4-1:0.1: FTDI USB Serial Device converter detected
[  613.814237][T11854] hub 6-0:1.0: USB hub found
[  613.819259][T11854] hub 6-0:1.0: 1 port detected
[  613.844032][ T5141] ftdi_sio ttyUSB0: unknown device type: 0x9b0a
[  613.926705][ T5141] usb 4-1: USB disconnect, device number 41
[  613.965593][ T5141] ftdi_sio 4-1:0.1: device disconnected
[  614.571609][T11862] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1687'.
[  614.581147][T11862] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1687'.
[  615.245870][ T2396] team0 (unregistering): Port device team_slave_1 removed
[  615.310122][ T2396] team0 (unregistering): Port device team_slave_0 removed
[  616.002060][T11740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  616.504967][T11740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  616.725062][T11740] team0: Port device team_slave_0 added
[  616.748423][T11740] team0: Port device team_slave_1 added
[  616.966608][T11740] batman_adv: batadv0: Adding interface: batadv_slave_0
[  617.058439][T11740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.199109][T11740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  617.251329][T11740] batman_adv: batadv0: Adding interface: batadv_slave_1
[  617.279258][T11740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.305281][    C0] vkms_vblank_simulate: vblank timer overrun
[  617.420102][T11740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  617.452355][ T5089] Bluetooth: hci2: unexpected event for opcode 0x0c05
[  617.715428][T11740] hsr_slave_0: entered promiscuous mode
[  617.811305][T11740] hsr_slave_1: entered promiscuous mode
[  617.828588][T11883] FAULT_INJECTION: forcing a failure.
[  617.828588][T11883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  617.844628][T11740] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  617.878030][T11883] CPU: 0 PID: 11883 Comm: syz.2.1694 Not tainted 6.10.0-rc7-syzkaller #0
[  617.878352][T11740] Cannot create hsr debugfs directory
[  617.886505][T11883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  617.886523][T11883] Call Trace:
[  617.886534][T11883]  <TASK>
[  617.886544][T11883]  dump_stack_lvl+0x241/0x360
[  617.886587][T11883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  617.886621][T11883]  ? __pfx__printk+0x10/0x10
[  617.886653][T11883]  ? __pfx_lock_release+0x10/0x10
[  617.886688][T11883]  should_fail_ex+0x3b0/0x4e0
[  617.886726][T11883]  _copy_from_user+0x2f/0xe0
[  617.886755][T11883]  copy_msghdr_from_user+0xae/0x680
[  617.886797][T11883]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  617.886852][T11883]  __sys_sendmsg+0x23d/0x3a0
[  617.886886][T11883]  ? __pfx___sys_sendmsg+0x10/0x10
[  617.886914][T11883]  ? vfs_write+0x7c4/0xc90
[  617.887001][T11883]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  617.887030][T11883]  ? do_syscall_64+0x100/0x230
[  617.887067][T11883]  ? do_syscall_64+0xb6/0x230
[  617.887104][T11883]  do_syscall_64+0xf3/0x230
[  617.887137][T11883]  ? clear_bhb_loop+0x35/0x90
[  617.887174][T11883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  617.887206][T11883] RIP: 0033:0x7ff500575bd9
[  617.887228][T11883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  617.887248][T11883] RSP: 002b:00007ff5013b7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  617.887275][T11883] RAX: ffffffffffffffda RBX: 00007ff500703f60 RCX: 00007ff500575bd9
[  617.887293][T11883] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[  617.887308][T11883] RBP: 00007ff5013b70a0 R08: 0000000000000000 R09: 0000000000000000
[  617.887325][T11883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  617.887339][T11883] R13: 000000000000000b R14: 00007ff500703f60 R15: 00007fff289aa808
[  617.887373][T11883]  </TASK>
[  620.765654][T11923] FAULT_INJECTION: forcing a failure.
[  620.765654][T11923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  620.822312][T11923] CPU: 1 PID: 11923 Comm: syz.2.1702 Not tainted 6.10.0-rc7-syzkaller #0
[  620.830892][T11923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  620.841081][T11923] Call Trace:
[  620.844390][T11923]  <TASK>
[  620.847358][T11923]  dump_stack_lvl+0x241/0x360
[  620.852096][T11923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  620.857336][T11923]  ? __pfx__printk+0x10/0x10
[  620.861976][T11923]  ? __pfx_lock_release+0x10/0x10
[  620.867020][T11923]  ? smk_access+0x4ab/0x4e0
[  620.871539][T11923]  should_fail_ex+0x3b0/0x4e0
[  620.876239][T11923]  _copy_from_user+0x2f/0xe0
[  620.880843][T11923]  capi_unlocked_ioctl+0x50e/0x1120
[  620.886063][T11923]  ? __pfx_capi_unlocked_ioctl+0x10/0x10
[  620.891721][T11923]  ? __fget_files+0x3f6/0x470
[  620.896408][T11923]  ? __fget_files+0x29/0x470
[  620.901010][T11923]  ? bpf_lsm_file_ioctl+0x9/0x10
[  620.905976][T11923]  ? security_file_ioctl+0x87/0xb0
[  620.911107][T11923]  ? __pfx_capi_unlocked_ioctl+0x10/0x10
[  620.916774][T11923]  __se_sys_ioctl+0xfc/0x170
[  620.921385][T11923]  do_syscall_64+0xf3/0x230
[  620.925906][T11923]  ? clear_bhb_loop+0x35/0x90
[  620.930606][T11923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  620.936512][T11923] RIP: 0033:0x7ff500575bd9
[  620.940936][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  620.960558][T11923] RSP: 002b:00007ff5013b7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  620.968993][T11923] RAX: ffffffffffffffda RBX: 00007ff500703f60 RCX: 00007ff500575bd9
[  620.977065][T11923] RDX: 00000000200001c0 RSI: 00000000c0044306 RDI: 0000000000000005
[  620.985045][T11923] RBP: 00007ff5013b70a0 R08: 0000000000000000 R09: 0000000000000000
[  620.993136][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  621.001201][T11923] R13: 000000000000000b R14: 00007ff500703f60 R15: 00007fff289aa808
[  621.009198][T11923]  </TASK>
[  621.623921][T11946] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1706'.
[  622.016998][T11957] overlayfs: missing 'lowerdir'
[  623.245359][T11740] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  623.306378][ T5141] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  623.388712][T11740] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  623.444129][T11740] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  623.505746][T11740] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  623.526347][ T5141] usb 2-1: New USB device found, idVendor=0c45, idProduct=6025, bcdDevice=45.12
[  623.563212][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.579431][ T5141] usb 2-1: config 0 descriptor??
[  623.608004][ T5141] hub 2-1:0.0: bad descriptor, ignoring hub
[  623.624897][ T5141] hub 2-1:0.0: probe with driver hub failed with error -5
[  623.638911][ T5141] gspca_main: sonixb-2.14.0 probing 0c45:6025
[  623.930588][T11740] 8021q: adding VLAN 0 to HW filter on device bond0
[  624.079656][T11740] 8021q: adding VLAN 0 to HW filter on device team0
[  624.343736][  T786] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.351004][  T786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  624.563397][  T786] bridge0: port 2(bridge_slave_1) entered blocking state
[  624.570665][  T786] bridge0: port 2(bridge_slave_1) entered forwarding state
[  624.758255][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  624.764989][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  624.773070][ T5139] usb 2-1: USB disconnect, device number 55
[  625.056584][T11996] ɶƣ0GCTw
�: entered promiscuous mode
[  626.545526][T11740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  627.880504][T12028] gretap0: entered promiscuous mode
[  627.906189][T12028] macsec1: entered promiscuous mode
[  627.934329][T12028] macsec1: entered allmulticast mode
[  627.939757][T12028] gretap0: entered allmulticast mode
[  628.027563][T12028] gretap0: left allmulticast mode
[  628.133903][T12028] gretap0: left promiscuous mode
[  629.243026][T12063] FAULT_INJECTION: forcing a failure.
[  629.243026][T12063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  629.313209][T12063] CPU: 0 PID: 12063 Comm: syz.3.1727 Not tainted 6.10.0-rc7-syzkaller #0
[  629.321772][T12063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  629.331869][T12063] Call Trace:
[  629.335184][T12063]  <TASK>
[  629.338149][T12063]  dump_stack_lvl+0x241/0x360
[  629.342882][T12063]  ? __pfx_dump_stack_lvl+0x10/0x10
[  629.348136][T12063]  ? __pfx__printk+0x10/0x10
[  629.352783][T12063]  ? __pfx_lock_release+0x10/0x10
[  629.357862][T12063]  should_fail_ex+0x3b0/0x4e0
[  629.362609][T12063]  _copy_from_user+0x2f/0xe0
[  629.367250][T12063]  copy_msghdr_from_user+0xae/0x680
[  629.372527][T12063]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  629.378409][T12063]  __sys_sendmsg+0x23d/0x3a0
[  629.383073][T12063]  ? __pfx___sys_sendmsg+0x10/0x10
[  629.388326][T12063]  ? vfs_write+0x7c4/0xc90
[  629.392838][T12063]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  629.399208][T12063]  ? do_syscall_64+0x100/0x230
[  629.404013][T12063]  ? do_syscall_64+0xb6/0x230
[  629.408846][T12063]  do_syscall_64+0xf3/0x230
[  629.413374][T12063]  ? clear_bhb_loop+0x35/0x90
[  629.418092][T12063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.424022][T12063] RIP: 0033:0x7f48cf775bd9
[  629.428449][T12063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  629.448085][T12063] RSP: 002b:00007f48d053e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  629.456513][T12063] RAX: ffffffffffffffda RBX: 00007f48cf903f60 RCX: 00007f48cf775bd9
[  629.464506][T12063] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000004
[  629.472531][T12063] RBP: 00007f48d053e0a0 R08: 0000000000000000 R09: 0000000000000000
[  629.480521][T12063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  629.488507][T12063] R13: 000000000000000b R14: 00007f48cf903f60 R15: 00007ffc158dff18
[  629.496506][T12063]  </TASK>
[  630.028865][T11740] veth0_vlan: entered promiscuous mode
[  630.245846][T11740] veth1_vlan: entered promiscuous mode
[  630.360563][T12090] overlay: Unknown parameter 'pcr'
[  630.553928][T11740] veth0_macvtap: entered promiscuous mode
[  630.718374][T11740] veth1_macvtap: entered promiscuous mode
[  630.848200][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  630.886316][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  630.935562][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  630.961388][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  630.975118][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.001322][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.024246][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.040641][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.061563][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.081549][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.124737][T11740] batman_adv: batadv0: Interface activated: batadv_slave_0
[  631.245799][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.433259][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.582520][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.682298][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.722653][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.769997][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.804165][ T5141] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  631.842488][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.894542][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.952538][T11740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  631.973317][T11740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.996286][T11740] batman_adv: batadv0: Interface activated: batadv_slave_1
[  632.052795][T11740] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  632.069212][ T5141] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  632.080180][T11740] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  632.098501][T11740] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  632.102499][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.132108][T11740] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  632.174901][ T5141] usb 2-1: config 0 descriptor??
[  632.497550][  T748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.552333][  T748] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.689616][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.721380][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.197413][ T9146] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  633.393617][ T5089] Bluetooth: hci5: command tx timeout
[  633.433420][ T9146] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  633.692405][ T9146] usb 3-1: config 1 has no interface number 1
[  633.698789][ T9146] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  633.714030][ T9146] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  633.728157][ T9146] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  634.505503][ T9146] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  634.518042][ T9146] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.526463][ T9146] usb 3-1: Product: చ
[  634.922962][ T9146] usb 3-1: USB disconnect, device number 37
[  635.120814][ T5141] usb 2-1: Cannot read MAC address
[  635.127440][ T5141] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  635.226299][ T5141] usb 2-1: USB disconnect, device number 56
[  635.320672][T12136] udevd[12136]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  636.481195][T12184] overlayfs: failed to resolve './file1/file0': -2
[  636.692137][T12192] netlink: 'syz.1.1748': attribute type 16 has an invalid length.
[  636.715609][T12192] netlink: 'syz.1.1748': attribute type 17 has an invalid length.
[  637.848005][   T29] audit: type=1326 audit(1720450347.601:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12206 comm="syz.1.1750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2418375bd9 code=0x0
[  638.327604][T12216] 9pnet_fd: Insufficient options for proto=fd
[  638.504432][T12225] FAULT_INJECTION: forcing a failure.
[  638.504432][T12225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  638.539042][T12225] CPU: 1 PID: 12225 Comm: syz.2.1756 Not tainted 6.10.0-rc7-syzkaller #0
[  638.547531][T12225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  638.557633][T12225] Call Trace:
[  638.560947][T12225]  <TASK>
[  638.563914][T12225]  dump_stack_lvl+0x241/0x360
[  638.568647][T12225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  638.573902][T12225]  ? __pfx__printk+0x10/0x10
[  638.578536][T12225]  ? snprintf+0xda/0x120
[  638.582801][T12225]  should_fail_ex+0x3b0/0x4e0
[  638.587532][T12225]  _copy_to_user+0x2f/0xb0
[  638.591975][T12225]  simple_read_from_buffer+0xca/0x150
[  638.597376][T12225]  proc_fail_nth_read+0x1e9/0x250
[  638.602419][T12225]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  638.607986][T12225]  ? rw_verify_area+0x520/0x6b0
[  638.612859][T12225]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  638.618535][T12225]  vfs_read+0x204/0xbc0
[  638.622720][T12225]  ? __pfx_lock_release+0x10/0x10
[  638.627758][T12225]  ? __pfx_rds_getsockopt+0x10/0x10
[  638.632984][T12225]  ? __pfx_vfs_read+0x10/0x10
[  638.637681][T12225]  ? __fget_files+0x29/0x470
[  638.642286][T12225]  ? __fget_files+0x3f6/0x470
[  638.646984][T12225]  ksys_read+0x1a0/0x2c0
[  638.651266][T12225]  ? __pfx_ksys_read+0x10/0x10
[  638.656051][T12225]  ? do_syscall_64+0x100/0x230
[  638.660837][T12225]  ? do_syscall_64+0xb6/0x230
[  638.665536][T12225]  do_syscall_64+0xf3/0x230
[  638.670058][T12225]  ? clear_bhb_loop+0x35/0x90
[  638.674757][T12225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.680842][T12225] RIP: 0033:0x7ff5005746bc
[  638.685273][T12225] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  638.704893][T12225] RSP: 002b:00007ff5013b7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  638.713320][T12225] RAX: ffffffffffffffda RBX: 00007ff500703f60 RCX: 00007ff5005746bc
[  638.721300][T12225] RDX: 000000000000000f RSI: 00007ff5013b70b0 RDI: 0000000000000004
[  638.729281][T12225] RBP: 00007ff5013b70a0 R08: 0000000000000000 R09: 0000000000000000
[  638.737260][T12225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  638.745281][T12225] R13: 000000000000000b R14: 00007ff500703f60 R15: 00007fff289aa808
[  638.753276][T12225]  </TASK>
[  638.922664][ T5131] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  639.357130][ T5131] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  639.378895][   T29] audit: type=1326 audit(1720450349.101:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12230 comm="syz.2.1759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff500575bd9 code=0x7fc00000
[  639.392785][ T5131] usb 1-1: config 0 has no interface number 0
[  639.725842][ T5131] usb 1-1: New USB device found, idVendor=15ba, idProduct=0003, bcdDevice=9b.0a
[  639.745043][ T5131] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.762380][ T5131] usb 1-1: Product: syz
[  639.766693][ T5131] usb 1-1: Manufacturer: syz
[  639.771707][ T5131] usb 1-1: SerialNumber: syz
[  639.802890][ T5131] usb 1-1: config 0 descriptor??
[  639.823719][ T5131] ftdi_sio 1-1:0.1: FTDI USB Serial Device converter detected
[  639.851945][ T5131] ftdi_sio ttyUSB0: unknown device type: 0x9b0a
[  639.877779][T12243] 9pnet_fd: Insufficient options for proto=fd
[  639.885515][T12244] usb usb8: usbfs: process 12244 (syz.2.1761) did not claim interface 0 before use
[  639.953347][T12246] usb usb8: usbfs: process 12246 (syz.1.1762) did not claim interface 0 before use
[  640.079427][ T5143] usb 1-1: USB disconnect, device number 46
[  640.093516][ T5143] ftdi_sio 1-1:0.1: device disconnected
[  640.190471][T12249] FAULT_INJECTION: forcing a failure.
[  640.190471][T12249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  640.204973][T12249] CPU: 1 PID: 12249 Comm: syz.4.1763 Not tainted 6.10.0-rc7-syzkaller #0
[  640.213426][T12249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  640.223891][T12249] Call Trace:
[  640.227197][T12249]  <TASK>
[  640.230152][T12249]  dump_stack_lvl+0x241/0x360
[  640.234958][T12249]  ? __pfx_dump_stack_lvl+0x10/0x10
[  640.240208][T12249]  ? __pfx__printk+0x10/0x10
[  640.244896][T12249]  ? __pfx_lock_release+0x10/0x10
[  640.249942][T12249]  should_fail_ex+0x3b0/0x4e0
[  640.254642][T12249]  _copy_from_user+0x2f/0xe0
[  640.259247][T12249]  get_itimerspec64+0xaa/0x460
[  640.264030][T12249]  ? __pfx_vfs_write+0x10/0x10
[  640.268842][T12249]  ? __pfx_get_itimerspec64+0x10/0x10
[  640.274248][T12249]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  640.280239][T12249]  ? __fget_files+0x3f6/0x470
[  640.284936][T12249]  __x64_sys_timer_settime+0x13d/0x240
[  640.290409][T12249]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  640.296509][T12249]  ? do_syscall_64+0x100/0x230
[  640.301302][T12249]  ? do_syscall_64+0xb6/0x230
[  640.306086][T12249]  do_syscall_64+0xf3/0x230
[  640.310607][T12249]  ? clear_bhb_loop+0x35/0x90
[  640.315391][T12249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.321298][T12249] RIP: 0033:0x7f8dc6b75bd9
[  640.325729][T12249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.345354][T12249] RSP: 002b:00007f8dc786d048 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  640.353779][T12249] RAX: ffffffffffffffda RBX: 00007f8dc6d03f60 RCX: 00007f8dc6b75bd9
[  640.361758][T12249] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000000
[  640.369825][T12249] RBP: 00007f8dc786d0a0 R08: 0000000000000000 R09: 0000000000000000
[  640.377812][T12249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  640.385787][T12249] R13: 000000000000000b R14: 00007f8dc6d03f60 R15: 00007ffebb941378
[  640.393781][T12249]  </TASK>
[  640.403956][ T9146] usb 3-1: new full-speed USB device number 38 using dummy_hcd
[  640.482884][ T5141] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[  640.604845][ T9146] usb 3-1: not running at top speed; connect to a high speed hub
[  640.643266][ T9146] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 64
[  640.673582][ T9146] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  640.691455][ T5141] usb 2-1: not running at top speed; connect to a high speed hub
[  640.707826][ T9146] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.724256][ T5141] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 64
[  640.747807][ T9146] usb 3-1: Product: и
[  640.761838][ T5141] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  640.791729][ T5141] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.805042][T12244] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  640.813306][ T5141] usb 2-1: Product: и
[  640.838540][T12246] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  641.354721][T12266] 9pnet_fd: Insufficient options for proto=fd
[  642.144287][ T5141] cdc_ncm 2-1:1.0: bind() failure
[  642.149656][ T9146] cdc_ncm 3-1:1.0: bind() failure
[  642.219530][ T5141] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  642.238125][ T9146] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  642.263345][ T5141] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  642.289882][ T9146] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  642.311151][ T5141] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  642.325948][ T9146] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  642.350681][ T5141] usb 2-1: USB disconnect, device number 57
[  642.372343][ T9146] usb 3-1: USB disconnect, device number 38
[  644.035591][ T5141] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  644.264299][ T5141] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  644.355017][ T5141] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  644.386496][ T5141] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  644.406108][ T5141] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  644.444908][ T5141] usb 1-1: Product: syz
[  644.476242][ T5141] usb 1-1: Manufacturer: syz
[  644.500761][ T5141] usb 1-1: SerialNumber: syz
[  644.563913][ T5141] usb 1-1: selecting invalid altsetting 1
[  646.329196][T12309] 9pnet_fd: Insufficient options for proto=fd
[  646.814575][ T5141] cdc_ncm 1-1:1.0: failed GET_NTB_PARAMETERS
[  646.820705][ T5141] cdc_ncm 1-1:1.0: bind() failure
[  647.075824][ T5141] usb 1-1: USB disconnect, device number 47
[  648.280881][T12330] fuse: Unknown parameter '0x0000000000000006'
[  648.608861][T12332] FAULT_INJECTION: forcing a failure.
[  648.608861][T12332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  648.644727][T12332] CPU: 1 PID: 12332 Comm: syz.4.1785 Not tainted 6.10.0-rc7-syzkaller #0
[  648.653230][T12332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  648.663351][T12332] Call Trace:
[  648.666677][T12332]  <TASK>
[  648.669636][T12332]  dump_stack_lvl+0x241/0x360
[  648.674370][T12332]  ? __pfx_dump_stack_lvl+0x10/0x10
[  648.679615][T12332]  ? __pfx__printk+0x10/0x10
[  648.684230][T12332]  ? __pfx_lock_release+0x10/0x10
[  648.689275][T12332]  should_fail_ex+0x3b0/0x4e0
[  648.693995][T12332]  _copy_from_user+0x2f/0xe0
[  648.698620][T12332]  copy_msghdr_from_user+0xae/0x680
[  648.703859][T12332]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  648.709726][T12332]  __sys_sendmsg+0x23d/0x3a0
[  648.714371][T12332]  ? __pfx___sys_sendmsg+0x10/0x10
[  648.719593][T12332]  ? vfs_write+0x7c4/0xc90
[  648.724069][T12332]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  648.730497][T12332]  ? do_syscall_64+0x100/0x230
[  648.735288][T12332]  ? do_syscall_64+0xb6/0x230
[  648.740006][T12332]  do_syscall_64+0xf3/0x230
[  648.744710][T12332]  ? clear_bhb_loop+0x35/0x90
[  648.749407][T12332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  648.755325][T12332] RIP: 0033:0x7f8dc6b75bd9
[  648.759753][T12332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  648.779374][T12332] RSP: 002b:00007f8dc786d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  648.787812][T12332] RAX: ffffffffffffffda RBX: 00007f8dc6d03f60 RCX: 00007f8dc6b75bd9
[  648.795800][T12332] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  648.803785][T12332] RBP: 00007f8dc786d0a0 R08: 0000000000000000 R09: 0000000000000000
[  648.811768][T12332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  648.819765][T12332] R13: 000000000000000b R14: 00007f8dc6d03f60 R15: 00007ffebb941378
[  648.827765][T12332]  </TASK>
[  649.095435][T12345] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  650.659921][T12357] binder: 12348:12357 ioctl 400c620e 20000380 returned -22
[  651.717127][T12378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1795'.
[  652.432412][ T5086] Bluetooth: hci5: command 0x0406 tx timeout
[  652.694551][T12385] bridge0: port 3(gretap0) entered blocking state
[  652.785151][T12385] bridge0: port 3(gretap0) entered disabled state
[  652.813952][T12385] gretap0: entered allmulticast mode
[  652.848888][T12385] gretap0: entered promiscuous mode
[  652.886558][T12385] bridge0: port 3(gretap0) entered blocking state
[  652.888059][T12385] bridge0: port 3(gretap0) entered forwarding state
[  653.113165][ T5141] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  653.313839][ T5141] usb 5-1: Using ep0 maxpacket: 8
[  653.367718][ T5141] usb 5-1: New USB device found, idVendor=337d, idProduct=503c, bcdDevice=22.8c
[  653.383333][ T5141] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.392444][ T5141] usb 5-1: Product: syz
[  653.397047][ T5141] usb 5-1: Manufacturer: syz
[  653.415280][ T5141] usb 5-1: SerialNumber: syz
[  653.468649][ T5141] usb 5-1: config 0 descriptor??
[  653.494064][T12401] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  653.763360][T12405] FAULT_INJECTION: forcing a failure.
[  653.763360][T12405] name failslab, interval 1, probability 0, space 0, times 0
[  653.798245][T12405] CPU: 0 PID: 12405 Comm: syz.1.1805 Not tainted 6.10.0-rc7-syzkaller #0
[  653.806726][T12405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  653.816822][T12405] Call Trace:
[  653.820134][T12405]  <TASK>
[  653.823093][T12405]  dump_stack_lvl+0x241/0x360
[  653.827826][T12405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  653.833081][T12405]  ? __pfx__printk+0x10/0x10
[  653.837731][T12405]  ? netlink_insert+0x10b7/0x14b0
[  653.842845][T12405]  should_fail_ex+0x3b0/0x4e0
[  653.847576][T12405]  ? __alloc_skb+0x1c3/0x440
[  653.852190][T12405]  should_failslab+0x9/0x20
[  653.856727][T12405]  kmem_cache_alloc_node_noprof+0x71/0x320
[  653.862709][T12405]  __alloc_skb+0x1c3/0x440
[  653.867148][T12405]  ? __pfx___alloc_skb+0x10/0x10
[  653.872124][T12405]  ? netlink_autobind+0xd6/0x2f0
[  653.877085][T12405]  ? netlink_autobind+0x2b0/0x2f0
[  653.882135][T12405]  netlink_sendmsg+0x631/0xcb0
[  653.886939][T12405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  653.892337][T12405]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  653.897635][T12405]  ? security_socket_sendmsg+0x87/0xb0
[  653.903123][T12405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  653.908422][T12405]  __sock_sendmsg+0x221/0x270
[  653.913140][T12405]  sock_write_iter+0x2dd/0x400
[  653.917928][T12405]  ? __pfx_sock_write_iter+0x10/0x10
[  653.923274][T12405]  ? bpf_lsm_file_permission+0x9/0x10
[  653.928663][T12405]  ? security_file_permission+0x7f/0xa0
[  653.934242][T12405]  vfs_write+0xa72/0xc90
[  653.938535][T12405]  ? __pfx_sock_write_iter+0x10/0x10
[  653.943940][T12405]  ? __pfx_vfs_write+0x10/0x10
[  653.948745][T12405]  ksys_write+0x1a0/0x2c0
[  653.953107][T12405]  ? __pfx_ksys_write+0x10/0x10
[  653.957986][T12405]  ? do_syscall_64+0x100/0x230
[  653.963479][T12405]  ? do_syscall_64+0xb6/0x230
[  653.968199][T12405]  do_syscall_64+0xf3/0x230
[  653.972734][T12405]  ? clear_bhb_loop+0x35/0x90
[  653.977447][T12405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.983367][T12405] RIP: 0033:0x7f2418375bd9
[  653.987792][T12405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.007424][T12405] RSP: 002b:00007f24191b4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  654.015864][T12405] RAX: ffffffffffffffda RBX: 00007f2418503f60 RCX: 00007f2418375bd9
[  654.023905][T12405] RDX: 0000000000000024 RSI: 0000000020000080 RDI: 0000000000000003
[  654.031900][T12405] RBP: 00007f24191b40a0 R08: 0000000000000000 R09: 0000000000000000
[  654.039896][T12405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  654.047886][T12405] R13: 000000000000000b R14: 00007f2418503f60 R15: 00007ffc82469318
[  654.056145][T12405]  </TASK>
[  654.447026][ T5141] usb 5-1: USB disconnect, device number 39
[  655.741572][T12424] hub 6-0:1.0: USB hub found
[  655.746789][T12424] hub 6-0:1.0: 1 port detected
[  657.715774][T12454] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1815'.
[  658.152970][T12467] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  658.232738][T10351] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  658.643225][T10351] usb 2-1: Using ep0 maxpacket: 8
[  658.661530][T10351] usb 2-1: New USB device found, idVendor=337d, idProduct=503c, bcdDevice=22.8c
[  659.439411][T10351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.461645][T10351] usb 2-1: Product: syz
[  659.471181][T10351] usb 2-1: Manufacturer: syz
[  659.482413][T10351] usb 2-1: SerialNumber: syz
[  659.496314][T10351] usb 2-1: config 0 descriptor??
[  660.519039][T12503] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  661.212353][    T9] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  661.271453][T10351] usb 2-1: USB disconnect, device number 58
[  661.446239][T12512] program syz.0.1833 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  661.462913][T12512] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  661.500882][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  661.520811][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  661.549752][    T9] usb 3-1: config 1 has no interface number 0
[  661.564808][    T9] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  661.630282][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  661.632484][ T5136] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  661.657129][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.679547][    T9] usb 3-1: Product: syz
[  661.689411][    T9] usb 3-1: Manufacturer: syz
[  661.695989][    T9] usb 3-1: SerialNumber: syz
[  661.718382][    T9] usb 3-1: selecting invalid altsetting 1
[  661.845193][ T5136] usb 5-1: Using ep0 maxpacket: 8
[  661.857768][ T5136] usb 5-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice=e9.41
[  661.882364][ T5136] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.933299][ T5136] usb 5-1: config 0 descriptor??
[  662.175668][T12511] FAULT_INJECTION: forcing a failure.
[  662.175668][T12511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  662.218968][T12511] CPU: 1 PID: 12511 Comm: syz.4.1834 Not tainted 6.10.0-rc7-syzkaller #0
[  662.227467][T12511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  662.237570][T12511] Call Trace:
[  662.240969][T12511]  <TASK>
[  662.243936][T12511]  dump_stack_lvl+0x241/0x360
[  662.248712][T12511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  662.254006][T12511]  ? __pfx__printk+0x10/0x10
[  662.258649][T12511]  ? __mutex_unlock_slowpath+0x21d/0x750
[  662.264386][T12511]  should_fail_ex+0x3b0/0x4e0
[  662.269127][T12511]  strncpy_from_user+0x36/0x2f0
[  662.274128][T12511]  __se_sys_request_key+0xa3/0x3b0
[  662.279303][T12511]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  662.285320][T12511]  ? __pfx___se_sys_request_key+0x10/0x10
[  662.291142][T12511]  ? do_syscall_64+0x100/0x230
[  662.295992][T12511]  ? do_syscall_64+0xb6/0x230
[  662.300810][T12511]  do_syscall_64+0xf3/0x230
[  662.305360][T12511]  ? clear_bhb_loop+0x35/0x90
[  662.310085][T12511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.316030][T12511] RIP: 0033:0x7f8dc6b75bd9
[  662.320477][T12511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  662.342034][T12511] RSP: 002b:00007f8dc786d048 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  662.350510][T12511] RAX: ffffffffffffffda RBX: 00007f8dc6d03f60 RCX: 00007f8dc6b75bd9
[  662.358602][T12511] RDX: 0000000020000cc0 RSI: 0000000020000c80 RDI: 0000000020000c40
[  662.366603][T12511] RBP: 00007f8dc786d0a0 R08: 0000000000000000 R09: 0000000000000000
[  662.374612][T12511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  662.382623][T12511] R13: 000000000000000b R14: 00007f8dc6d03f60 R15: 00007ffebb941378
[  662.390654][T12511]  </TASK>
[  662.496772][    T8] usb 5-1: USB disconnect, device number 40
[  666.076415][T12541] usb usb8: usbfs: process 12541 (syz.0.1840) did not claim interface 0 before use
[  666.812617][    T9] cdc_ncm 3-1:1.1: bind() failure
[  666.872295][    T8] usb 1-1: new full-speed USB device number 48 using dummy_hcd
[  667.085026][    T8] usb 1-1: not running at top speed; connect to a high speed hub
[  667.107766][    T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 64
[  667.152365][    T8] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  667.171792][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  667.181929][    T8] usb 1-1: Product: и
[  667.195933][T12541] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  667.211822][   T29] audit: type=1804 audit(1720450376.971:83): pid=12550 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.1843" name="/newroot/24/bus/file0" dev="overlay" ino=168 res=1 errno=0
[  667.241665][T10351] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  667.524809][T10351] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  667.544381][T10351] usb 4-1: config 1 has no interface number 1
[  667.568671][T10351] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  667.611745][T10351] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  667.635634][T10351] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  667.638824][    T8] cdc_ncm 1-1:1.0: bind() failure
[  667.675900][    T8] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  667.694928][T10351] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  667.712329][    T8] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  667.727356][T10351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  667.738167][T10351] usb 4-1: Product: చ
[  667.742390][    T8] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  667.757933][    T8] usb 1-1: USB disconnect, device number 48
[  668.073200][T10351] usb 4-1: USB disconnect, device number 42
[  668.360189][T11917] udevd[11917]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  670.768529][T12607] x_tables: duplicate underflow at hook 3
[  671.554510][ T5086] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  671.565987][ T5086] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  671.617473][ T5086] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  671.644397][ T5086] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  671.655544][ T5086] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  671.663694][ T5086] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  672.744221][T12621] FAULT_INJECTION: forcing a failure.
[  672.744221][T12621] name failslab, interval 1, probability 0, space 0, times 0
[  672.757632][T12621] CPU: 0 PID: 12621 Comm: syz.4.1861 Not tainted 6.10.0-rc7-syzkaller #0
[  672.766165][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  672.776231][T12621] Call Trace:
[  672.779512][T12621]  <TASK>
[  672.782444][T12621]  dump_stack_lvl+0x241/0x360
[  672.787142][T12621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  672.792349][T12621]  ? __pfx__printk+0x10/0x10
[  672.796962][T12621]  should_fail_ex+0x3b0/0x4e0
[  672.801689][T12621]  ? big_key_preparse+0x200/0x4e0
[  672.807026][T12621]  should_failslab+0x9/0x20
[  672.811548][T12621]  kmalloc_trace_noprof+0x6c/0x2c0
[  672.816682][T12621]  big_key_preparse+0x200/0x4e0
[  672.821561][T12621]  ? __pfx_big_key_preparse+0x10/0x10
[  672.826954][T12621]  key_update+0x265/0x6b0
[  672.831297][T12621]  ? __pfx_key_update+0x10/0x10
[  672.836156][T12621]  ? __pfx_keyring_search_iterator+0x10/0x10
[  672.842153][T12621]  ? rep_movs_alternative+0x4a/0x70
[  672.847380][T12621]  keyctl_update_key+0xf4/0x120
[  672.852273][T12621]  __se_sys_keyctl+0x5c2/0xa50
[  672.857062][T12621]  ? __pfx___se_sys_keyctl+0x10/0x10
[  672.862534][T12621]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  672.868535][T12621]  ? __fget_files+0x3f6/0x470
[  672.873231][T12621]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  672.879283][T12621]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  672.885625][T12621]  ? do_syscall_64+0x100/0x230
[  672.890405][T12621]  ? __x64_sys_keyctl+0x20/0xc0
[  672.895288][T12621]  do_syscall_64+0xf3/0x230
[  672.899819][T12621]  ? clear_bhb_loop+0x35/0x90
[  672.904514][T12621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.910425][T12621] RIP: 0033:0x7f8dc6b75bd9
[  672.914849][T12621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  672.934467][T12621] RSP: 002b:00007f8dc786d048 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  672.942979][T12621] RAX: ffffffffffffffda RBX: 00007f8dc6d03f60 RCX: 00007f8dc6b75bd9
[  672.950959][T12621] RDX: 0000000020003780 RSI: 000000003974ff27 RDI: 0000000000000002
[  672.958948][T12621] RBP: 00007f8dc786d0a0 R08: 0000000000000000 R09: 0000000000000000
[  672.966936][T12621] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001
[  672.974919][T12621] R13: 000000000000000b R14: 00007f8dc6d03f60 R15: 00007ffebb941378
[  672.982919][T12621]  </TASK>
[  673.191344][T12608] chnl_net:caif_netlink_parms(): no params data found
[  673.972414][ T5086] Bluetooth: hci6: command tx timeout
[  674.320399][T12608] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.363696][T12608] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.371016][T12608] bridge_slave_0: entered allmulticast mode
[  674.426473][T12608] bridge_slave_0: entered promiscuous mode
[  674.453834][T12608] bridge0: port 2(bridge_slave_1) entered blocking state
[  674.472397][T12608] bridge0: port 2(bridge_slave_1) entered disabled state
[  674.479733][T12608] bridge_slave_1: entered allmulticast mode
[  674.516828][T12608] bridge_slave_1: entered promiscuous mode
[  675.456163][T12608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.540961][T12608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.692694][ T5139] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  676.032548][ T5086] Bluetooth: hci6: command tx timeout
[  678.209684][ T5086] Bluetooth: hci6: command tx timeout
[  678.368234][T12608] team0: Port device team_slave_0 added
[  678.440683][T12608] team0: Port device team_slave_1 added
[  678.501035][ T5139] usb 1-1: device descriptor read/all, error -71
[  678.736530][T12608] batman_adv: batadv0: Adding interface: batadv_slave_0
[  678.755757][T12608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  678.816720][T12608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  678.850875][T12608] batman_adv: batadv0: Adding interface: batadv_slave_1
[  678.858208][   T29] audit: type=1326 audit(1720450388.601:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3d0ab6cc27 code=0x7ffc0000
[  678.905918][T12608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  678.946447][   T29] audit: type=1326 audit(1720450388.631:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3d0ab115c9 code=0x7ffc0000
[  678.988791][T12608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  680.680127][ T5086] Bluetooth: hci6: command tx timeout
[  681.346539][   T29] audit: type=1326 audit(1720450388.631:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0ab75bd9 code=0x7ffc0000
[  681.418309][T12673] FAULT_INJECTION: forcing a failure.
[  681.418309][T12673] name failslab, interval 1, probability 0, space 0, times 0
[  681.458962][   T29] audit: type=1326 audit(1720450388.641:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3d0ab6cc27 code=0x7ffc0000
[  681.539724][   T29] audit: type=1326 audit(1720450388.641:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3d0ab115c9 code=0x7ffc0000
[  681.562484][T12673] CPU: 1 PID: 12673 Comm: syz.0.1874 Not tainted 6.10.0-rc7-syzkaller #0
[  681.570964][T12673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  681.581057][T12673] Call Trace:
[  681.584374][T12673]  <TASK>
[  681.587333][T12673]  dump_stack_lvl+0x241/0x360
[  681.592062][T12673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  681.597303][T12673]  ? __pfx__printk+0x10/0x10
[  681.601939][T12673]  ? __pfx___might_resched+0x10/0x10
[  681.607299][T12673]  ? audit_log_format+0xdb/0x130
[  681.612297][T12673]  should_fail_ex+0x3b0/0x4e0
[  681.617021][T12673]  ? audit_log_d_path+0xbb/0x310
[  681.622016][T12673]  should_failslab+0x9/0x20
[  681.626570][T12673]  kmalloc_trace_noprof+0x6c/0x2c0
[  681.631736][T12673]  audit_log_d_path+0xbb/0x310
[  681.636558][T12673]  ? get_mm_exe_file+0x1c/0x170
[  681.641461][T12673]  audit_log_d_path_exe+0x45/0x70
[  681.646539][T12673]  audit_log_task+0x219/0x2f0
[  681.651271][T12673]  ? __pfx_audit_log_task+0x10/0x10
[  681.656516][T12673]  ? __pfx___cant_migrate+0x10/0x10
[  681.661819][T12673]  audit_seccomp+0x7b/0x1f0
[  681.666381][T12673]  ? migrate_disable+0xce/0x180
[  681.671285][T12673]  __seccomp_filter+0xb38/0x1fe0
[  681.676301][T12673]  ? vfs_write+0x7c4/0xc90
[  681.680781][T12673]  ? __pfx___seccomp_filter+0x10/0x10
[  681.686305][T12673]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  681.692348][T12673]  ? __fget_files+0x3f6/0x470
[  681.697096][T12673]  ? __secure_computing+0x125/0x370
[  681.702347][T12673]  syscall_trace_enter+0xa8/0x150
[  681.707430][T12673]  do_syscall_64+0xcc/0x230
[  681.711977][T12673]  ? clear_bhb_loop+0x35/0x90
[  681.716706][T12673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.722660][T12673] RIP: 0033:0x7f3d0ab75bd9
[  681.727110][T12673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.746760][T12673] RSP: 002b:00007f3d0b94f048 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[  681.755315][T12673] RAX: ffffffffffffffda RBX: 00007f3d0ad03f60 RCX: 00007f3d0ab75bd9
[  681.763339][T12673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  681.771371][T12673] RBP: 00007f3d0b94f0a0 R08: 0000000000000000 R09: 0000000000000000
[  681.771713][   T29] audit: type=1326 audit(1720450388.641:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3d0ab6cc27 code=0x7ffc0000
[  681.779358][T12673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.779379][T12673] R13: 000000000000000b R14: 00007f3d0ad03f60 R15: 00007fff1d83d538
[  681.779413][T12673]  </TASK>
[  681.829257][   T29] audit: type=1326 audit(1720450388.641:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3d0ab115c9 code=0x7ffc0000
[  681.885210][   T29] audit: type=1326 audit(1720450388.641:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3d0ab6cc27 code=0x7ffc0000
[  682.543779][T12608] hsr_slave_0: entered promiscuous mode
[  682.553325][   T29] audit: type=1326 audit(1720450388.641:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3d0ab115c9 code=0x7ffc0000
[  682.584095][T12608] hsr_slave_1: entered promiscuous mode
[  682.607891][   T29] audit: type=1326 audit(1720450388.641:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12663 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3d0ab6cc27 code=0x7ffc0000
[  682.629828][T12608] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  682.666022][T12608] Cannot create hsr debugfs directory
[  683.162760][ T5089] Bluetooth: hci1: command 0x0406 tx timeout
[  683.382395][    T8] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  683.625687][    T8] usb 5-1: config index 0 descriptor too short (expected 65191, got 72)
[  683.668930][    T8] usb 5-1: config index 1 descriptor too short (expected 65191, got 72)
[  683.745641][    T8] usb 5-1: config index 2 descriptor too short (expected 65191, got 72)
[  683.778795][    T8] usb 5-1: config index 3 descriptor too short (expected 65191, got 72)
[  683.819653][    T8] usb 5-1: config index 4 descriptor too short (expected 65191, got 72)
[  683.904274][    T8] usb 5-1: config index 5 descriptor too short (expected 65191, got 72)
[  683.939668][    T8] usb 5-1: config index 6 descriptor too short (expected 65191, got 72)
[  683.993321][    T8] usb 5-1: config index 7 descriptor too short (expected 65191, got 72)
[  684.028693][T12608] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.065974][    T8] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  684.107070][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.122407][ T9146] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  684.127639][    T8] usb 5-1: Product: syz
[  684.141350][    T8] usb 5-1: Manufacturer: syz
[  684.149862][    T8] usb 5-1: SerialNumber: syz
[  684.225014][    T8] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  684.293536][ T5139] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  684.334783][ T9146] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  684.369861][ T9146] usb 1-1: config 1 has no interface number 1
[  684.385863][T12709] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  684.385863][T12709]    program syz.3.1883 not setting count and/or reply_len properly
[  684.414058][ T9146] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  684.425126][T12608] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.438807][ T9146] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  684.438849][ T9146] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  684.451019][ T9146] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  684.451059][ T9146] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.451084][ T9146] usb 1-1: Product: చ
[  684.742811][ T9146] usb 1-1: USB disconnect, device number 51
[  684.862704][    T9] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  685.058837][T12608] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.062832][    T9] usb 4-1: Using ep0 maxpacket: 32
[  685.105301][    T9] usb 4-1: config 0 has no interfaces?
[  685.123023][    T9] usb 4-1: New USB device found, idVendor=0403, idProduct=d491, bcdDevice=3a.75
[  685.145515][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.234559][    T9] usb 4-1: config 0 descriptor??
[  685.401652][ T5139] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  686.091209][T12608] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.413041][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  686.419733][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  687.175318][ T9146] usb 4-1: USB disconnect, device number 43
[  687.536044][T12721] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1888'.
[  689.578331][T12743] FAULT_INJECTION: forcing a failure.
[  689.578331][T12743] name failslab, interval 1, probability 0, space 0, times 0
[  689.599193][T12743] CPU: 1 PID: 12743 Comm: syz.3.1893 Not tainted 6.10.0-rc7-syzkaller #0
[  689.607688][T12743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  689.617871][T12743] Call Trace:
[  689.621199][T12743]  <TASK>
[  689.624167][T12743]  dump_stack_lvl+0x241/0x360
[  689.628906][T12743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  689.634181][T12743]  ? __pfx__printk+0x10/0x10
[  689.638831][T12743]  should_fail_ex+0x3b0/0x4e0
[  689.643559][T12743]  ? iovec_from_user+0x87/0x240
[  689.648502][T12743]  should_failslab+0x9/0x20
[  689.653044][T12743]  __kmalloc_noprof+0xd8/0x400
[  689.657860][T12743]  iovec_from_user+0x87/0x240
[  689.662581][T12743]  __import_iovec+0x132/0x820
[  689.667306][T12743]  import_iovec+0xeb/0x120
[  689.671766][T12743]  copy_msghdr_from_user+0x52f/0x680
[  689.677124][T12743]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  689.683105][T12743]  do_recvmmsg+0x40f/0xae0
[  689.687566][T12743]  ? mark_lock+0x9a/0x350
[  689.691956][T12743]  ? __pfx_do_recvmmsg+0x10/0x10
[  689.696967][T12743]  ? __pfx___might_resched+0x10/0x10
[  689.702295][T12743]  ? __might_fault+0xaa/0x120
[  689.707016][T12743]  ? __pfx_lock_release+0x10/0x10
[  689.712090][T12743]  ? vfs_write+0x7c4/0xc90
[  689.716583][T12743]  ? get_timespec64+0x19c/0x280
[  689.721497][T12743]  __x64_sys_recvmmsg+0x1b8/0x250
[  689.726580][T12743]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  689.732170][T12743]  ? do_syscall_64+0x100/0x230
[  689.736992][T12743]  ? do_syscall_64+0xb6/0x230
[  689.741716][T12743]  do_syscall_64+0xf3/0x230
[  689.746265][T12743]  ? clear_bhb_loop+0x35/0x90
[  689.750990][T12743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.756933][T12743] RIP: 0033:0x7f48cf775bd9
[  689.761385][T12743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.781040][T12743] RSP: 002b:00007f48d051d048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  689.789509][T12743] RAX: ffffffffffffffda RBX: 00007f48cf904038 RCX: 00007f48cf775bd9
[  689.797552][T12743] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[  689.805559][T12743] RBP: 00007f48d051d0a0 R08: 0000000020003700 R09: 0000000000000000
[  689.813570][T12743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  689.821574][T12743] R13: 000000000000006e R14: 00007f48cf904038 R15: 00007ffc158dff18
[  689.829625][T12743]  </TASK>
[  689.832765][    C1] vkms_vblank_simulate: vblank timer overrun
[  695.525608][ T5089] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  695.536210][ T5089] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  695.556182][ T5089] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  695.573366][ T5089] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  695.583717][ T5089] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  695.591257][ T5089] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  697.652379][ T5086] Bluetooth: hci1: command tx timeout
[  698.364897][ T5089] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  698.376522][ T5089] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  698.386354][ T5089] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  698.396048][ T5089] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  698.405181][ T5089] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  698.413818][ T5089] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  698.561388][ T5086] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  698.580801][ T5086] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  698.611334][ T5086] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  698.620997][ T5086] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  698.630307][ T5086] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  698.638983][ T5086] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  699.722478][ T5086] Bluetooth: hci1: command tx timeout
[  700.523899][ T5089] Bluetooth: hci7: command tx timeout
[  700.541369][ T5089] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  700.560391][ T5089] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  700.572065][ T5089] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  700.587931][ T5089] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  700.607584][ T5089] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  700.616661][ T5089] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  700.682804][ T5086] Bluetooth: hci8: command tx timeout
[  701.803525][ T5086] Bluetooth: hci1: command tx timeout
[  702.602423][ T5086] Bluetooth: hci7: command tx timeout
[  702.689560][ T5086] Bluetooth: hci9: command tx timeout
[  702.762568][ T5086] Bluetooth: hci8: command tx timeout
[  703.884947][ T5086] Bluetooth: hci1: command tx timeout
[  704.682400][ T5086] Bluetooth: hci7: command tx timeout
[  704.762302][ T5086] Bluetooth: hci9: command tx timeout
[  704.842600][ T5086] Bluetooth: hci8: command tx timeout
[  706.763535][ T5086] Bluetooth: hci7: command tx timeout
[  706.842282][ T5086] Bluetooth: hci9: command tx timeout
[  706.924996][ T5086] Bluetooth: hci8: command tx timeout
[  708.912527][ T5086] Bluetooth: hci9: command tx timeout
[  729.254108][ T5089] Bluetooth: hci4: command 0x0406 tx timeout
[  731.150554][ T5089] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  731.162198][ T5089] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  731.171147][ T5089] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  731.179867][ T5089] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  731.189114][ T5089] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  731.198003][ T5089] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  733.245361][ T5089] Bluetooth: hci10: command tx timeout
[  735.326439][ T5089] Bluetooth: hci10: command tx timeout
[  737.405113][ T5089] Bluetooth: hci10: command tx timeout
[  739.482502][ T5089] Bluetooth: hci10: command tx timeout
[  747.827384][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  747.835102][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  756.121419][ T5086] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  756.135734][ T5086] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  756.145265][ T5086] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  756.154939][ T5086] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  756.163214][ T5086] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  756.170778][ T5086] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  758.291221][ T5086] Bluetooth: hci11: command tx timeout
[  759.296137][ T5089] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  759.308465][ T5089] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  759.317538][ T5089] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  759.365345][T12771] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  759.373684][T12771] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  759.382908][T12771] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  759.433516][T12771] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  759.445615][T12771] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  759.455104][T12771] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  759.465405][T12771] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  759.473608][T12771] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  759.481174][T12771] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  760.362509][ T5089] Bluetooth: hci11: command tx timeout
[  760.615613][T12771] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  760.639351][T12771] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  760.648439][T12771] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  760.659372][T12771] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  760.667613][T12771] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  760.675333][T12771] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  761.482618][T12771] Bluetooth: hci12: command tx timeout
[  761.578547][T12771] Bluetooth: hci13: command tx timeout
[  762.443592][T12771] Bluetooth: hci11: command tx timeout
[  762.767548][T12771] Bluetooth: hci14: command tx timeout
[  763.566076][T12771] Bluetooth: hci12: command tx timeout
[  763.632719][T12771] Bluetooth: hci13: command tx timeout
[  764.522292][ T5089] Bluetooth: hci11: command tx timeout
[  764.832471][ T5089] Bluetooth: hci14: command tx timeout
[  765.642355][ T5089] Bluetooth: hci12: command tx timeout
[  765.725150][ T5089] Bluetooth: hci13: command tx timeout
[  766.922619][ T5089] Bluetooth: hci14: command tx timeout
[  767.722389][ T5089] Bluetooth: hci12: command tx timeout
[  767.812304][ T5089] Bluetooth: hci13: command tx timeout
[  769.002364][ T5089] Bluetooth: hci14: command tx timeout
[  792.889549][T12771] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  792.915642][T12771] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  792.925030][T12771] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  792.934956][T12771] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  792.944287][T12771] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  792.952012][T12771] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  794.992571][ T5089] Bluetooth: hci15: command tx timeout
[  795.893314][ T5089] Bluetooth: hci6: command 0x0406 tx timeout
[  797.082550][T12771] Bluetooth: hci15: command tx timeout
[  798.849331][   T59] kworker/1:2 (59) used greatest stack depth: 18152 bytes left
[  799.170866][T12771] Bluetooth: hci15: command tx timeout
[  801.242490][T12771] Bluetooth: hci15: command tx timeout
[  809.312397][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  809.318888][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  816.840391][ T5089] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  816.874816][ T5089] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  816.884408][ T5089] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  816.902576][ T5089] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  816.910892][ T5089] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  816.938183][ T5089] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  819.012407][ T5089] Bluetooth: hci16: command tx timeout
[  820.360682][T12789] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  820.375042][T12789] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  820.392427][T12789] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  820.402313][T12789] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  820.410299][T12789] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  820.417983][T12789] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  820.557555][T12785] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  820.573706][T12785] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  820.583665][T12785] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  820.592203][T12785] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  820.600201][T12785] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[  820.615291][T12785] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  821.082867][T12793] Bluetooth: hci16: command tx timeout
[  821.264877][T12789] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  821.277020][T12789] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  821.286483][T12789] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  821.295234][T12789] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  821.303304][T12789] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[  821.310847][T12789] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  821.407049][T12793] Bluetooth: hci1: command 0x0406 tx timeout
[  821.414407][   T53] Bluetooth: hci7: command 0x0406 tx timeout
[  821.420563][T12789] Bluetooth: hci8: command 0x0406 tx timeout
[  822.522872][ T5089] Bluetooth: hci17: command tx timeout
[  822.682446][ T5089] Bluetooth: hci18: command tx timeout
[  823.162831][ T5089] Bluetooth: hci16: command tx timeout
[  823.405843][ T5089] Bluetooth: hci19: command tx timeout
[  824.602790][ T5089] Bluetooth: hci17: command tx timeout
[  824.762344][ T5089] Bluetooth: hci18: command tx timeout
[  825.242917][ T5089] Bluetooth: hci16: command tx timeout
[  825.482525][ T5089] Bluetooth: hci19: command tx timeout
[  826.549500][ T5089] Bluetooth: hci9: command 0x0406 tx timeout
[  826.683303][ T5089] Bluetooth: hci17: command tx timeout
[  826.842203][T12771] Bluetooth: hci18: command tx timeout
[  827.562348][T12771] Bluetooth: hci19: command tx timeout
[  828.762691][T12771] Bluetooth: hci17: command tx timeout
[  828.922444][T12771] Bluetooth: hci18: command tx timeout
[  829.642891][T12771] Bluetooth: hci19: command tx timeout
[  832.762647][   T30] INFO: task syz.2.1832:12500 blocked for more than 143 seconds.
[  832.770456][   T30]       Not tainted 6.10.0-rc7-syzkaller #0
[  832.788358][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  832.800818][   T30] task:syz.2.1832      state:D stack:22720 pid:12500 tgid:12499 ppid:11153  flags:0x00004006
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[  832.811386][   T30] Call Trace:
[  832.826214][   T30]  <TASK>
[  832.829226][   T30]  __schedule+0x1796/0x49d0
[  832.856544][   T30]  ? __pfx___schedule+0x10/0x10
[  832.861517][   T30]  ? __pfx_lock_release+0x10/0x10
[  832.899947][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  832.932436][   T30]  ? schedule+0x90/0x320
[  832.936763][   T30]  schedule+0x14b/0x320
[  832.940989][   T30]  schedule_preempt_disabled+0x13/0x30
[  833.030900][   T30]  __mutex_lock+0x6a4/0xd70
[  833.052183][   T30]  ? __mutex_lock+0x527/0xd70
[  833.056946][   T30]  ? tun_chr_close+0x3e/0x1b0
[  833.061666][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  833.077261][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  833.100829][   T30]  tun_chr_close+0x3e/0x1b0
[  833.105699][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  833.110860][   T30]  __fput+0x24a/0x8a0
[  833.119548][   T30]  task_work_run+0x24f/0x310
[  833.127942][   T30]  ? __pfx_task_work_run+0x10/0x10
[  833.135140][   T30]  ? do_exit+0xa22/0x27e0
[  833.139537][   T30]  ? kmem_cache_free+0x145/0x350
[  833.151755][   T30]  do_exit+0xa27/0x27e0
[  833.157336][   T30]  ? __pfx_do_exit+0x10/0x10
[  833.164377][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  833.169997][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  833.182153][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  833.189881][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  833.196357][   T30]  do_group_exit+0x207/0x2c0
[  833.201283][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  833.222196][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  833.227523][   T30]  get_signal+0x16a1/0x1740
[  833.240348][   T30]  ? __pfx_get_signal+0x10/0x10
[  833.250319][   T30]  arch_do_signal_or_restart+0x96/0x860
[  833.256258][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  833.270711][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  833.286108][   T30]  ? syscall_exit_to_user_mode+0xa3/0x360
[  833.291921][   T30]  syscall_exit_to_user_mode+0xc9/0x360
[  833.316825][   T30]  do_syscall_64+0x100/0x230
[  833.321508][   T30]  ? clear_bhb_loop+0x35/0x90
[  833.356019][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.362836][   T30] RIP: 0033:0x7ff500575bd9
[  833.367297][   T30] RSP: 002b:00007ff5013b7048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  833.382139][   T30] RAX: 000000000003fea9 RBX: 00007ff500703f60 RCX: 00007ff500575bd9
[  833.390177][   T30] RDX: 000000000400023c RSI: 00000000200055c0 RDI: 0000000000000006
[  833.407091][   T30] RBP: 00007ff5005e4e60 R08: 0000000000000000 R09: 0000000000000000
[  833.415313][   T30] R10: 0000000000000302 R11: 0000000000000246 R12: 0000000000000000
[  833.428215][   T30] R13: 000000000000000b R14: 00007ff500703f60 R15: 00007fff289aa808
[  833.440023][   T30]  </TASK>
[  833.447362][   T30] INFO: task syz-executor:12608 blocked for more than 144 seconds.
[  833.455783][   T30]       Not tainted 6.10.0-rc7-syzkaller #0
[  833.461707][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  833.479070][   T30] task:syz-executor    state:D stack:20240 pid:12608 tgid:12608 ppid:1      flags:0x00004006
[  833.489734][   T30] Call Trace:
[  833.508053][   T30]  <TASK>
[  833.511061][   T30]  __schedule+0x1796/0x49d0
[  833.527361][   T30]  ? __pfx___schedule+0x10/0x10
[  833.542070][   T30]  ? __pfx_lock_release+0x10/0x10
[  833.550828][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  833.567653][   T30]  ? schedule+0x90/0x320
[  833.571977][   T30]  schedule+0x14b/0x320
[  833.579121][   T30]  schedule_preempt_disabled+0x13/0x30
[  833.590298][   T30]  __mutex_lock+0x6a4/0xd70
[  833.594908][   T30]  ? __mutex_lock+0x527/0xd70
[  833.599638][   T30]  ? nsim_create+0x408/0x890
[  833.612170][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  833.617311][   T30]  ? kmemdup_noprof+0x45/0x60
[  833.622036][   T30]  ? nsim_udp_tunnels_info_create+0x592/0x7c0
[  833.636161][   T30]  nsim_create+0x408/0x890
[  833.640689][   T30]  ? debugfs_create_symlink+0x191/0x1f0
[  833.656441][   T30]  __nsim_dev_port_add+0x6c0/0xae0
[  833.661669][   T30]  ? __pfx___nsim_dev_port_add+0x10/0x10
[  833.674867][   T30]  ? queue_delayed_work_on+0x267/0x390
[  833.680422][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  833.701926][   T30]  ? init_timer_key+0x197/0x310
[  833.710607][   T30]  nsim_dev_port_add_all+0x33/0xf0
[  833.717151][   T30]  nsim_drv_probe+0x85f/0xb80
[  833.721899][   T30]  ? __pfx_nsim_drv_probe+0x10/0x10
[  833.746623][   T30]  ? kernfs_create_link+0x187/0x1f0
[  833.753439][   T30]  ? sysfs_do_create_link_sd+0xdd/0x110
[  833.759053][   T30]  ? driver_sysfs_add+0x1de/0x1f0
[  833.771591][   T30]  ? really_probe+0x147/0xad0
[  833.778700][   T30]  ? __pfx_nsim_bus_probe+0x10/0x10
[  833.783997][   T30]  really_probe+0x2b8/0xad0
[  833.788555][   T30]  __driver_probe_device+0x1a2/0x390
[  833.802156][   T30]  driver_probe_device+0x50/0x430
[  833.807344][   T30]  __device_attach_driver+0x2d6/0x530
[  833.832193][   T30]  bus_for_each_drv+0x24e/0x2e0
[  833.837142][   T30]  ? __pfx___device_attach_driver+0x10/0x10
[  833.849441][   T30]  ? __pfx_bus_for_each_drv+0x10/0x10
[  833.860896][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  833.870989][   T30]  __device_attach+0x333/0x520
[  833.875936][   T30]  ? __pfx___device_attach+0x10/0x10
[  833.881517][   T30]  bus_probe_device+0x189/0x260
[  833.886900][   T30]  device_add+0x856/0xbf0
[  833.891291][   T30]  new_device_store+0x3f3/0x890
[  833.908404][   T30]  ? kernfs_fop_write_iter+0x1eb/0x500
[  833.914032][   T30]  ? __pfx_new_device_store+0x10/0x10
[  833.919457][   T30]  ? sysfs_kf_write+0x182/0x2a0
[  833.928227][   T30]  ? bus_attr_store+0x4f/0xa0
[  833.937968][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  833.944481][   T30]  kernfs_fop_write_iter+0x3a1/0x500
[  833.951698][   T30]  vfs_write+0xa72/0xc90
[  833.958446][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  833.965040][   T30]  ? __pfx_vfs_write+0x10/0x10
[  833.969889][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  833.994923][   T30]  ksys_write+0x1a0/0x2c0
[  833.999457][   T30]  ? __pfx_ksys_write+0x10/0x10
[  834.007419][   T30]  ? do_syscall_64+0x100/0x230
[  834.019306][   T30]  ? do_syscall_64+0xb6/0x230
[  834.024303][   T30]  do_syscall_64+0xf3/0x230
[  834.028862][   T30]  ? clear_bhb_loop+0x35/0x90
[  834.038215][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.059625][   T30] RIP: 0033:0x7fe60cf7475f
[  834.072165][   T30] RSP: 002b:00007fff8429ab10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  834.082038][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fe60cf7475f
[  834.097646][   T30] RDX: 0000000000000003 RSI: 00007fff8429ab60 RDI: 0000000000000005
[  834.107169][   T30] RBP: 00007fe60cfe45c4 R08: 0000000000000000 R09: 00007fff8429a967
[  834.137438][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  834.145642][   T30] R13: 00007fff8429ab60 R14: 00007fe60dc34620 R15: 0000000000000003
[  834.153950][   T30]  </TASK>
[  834.158892][   T30] INFO: task syz.0.1888:12720 blocked for more than 144 seconds.
[  834.175464][   T30]       Not tainted 6.10.0-rc7-syzkaller #0
[  834.181423][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  834.198703][   T30] task:syz.0.1888      state:D stack:23840 pid:12720 tgid:12720 ppid:8942   flags:0x00004006
[  834.209283][   T30] Call Trace:
[  834.212695][   T30]  <TASK>
[  834.215664][   T30]  __schedule+0x1796/0x49d0
[  834.220322][   T30]  ? __pfx___schedule+0x10/0x10
[  834.232146][   T30]  ? __pfx_lock_release+0x10/0x10
[  834.237254][   T30]  ? schedule+0x90/0x320
[  834.241543][   T30]  schedule+0x14b/0x320
[  834.265174][   T30]  schedule_timeout+0xb0/0x310
[  834.270231][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  834.275813][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  834.281853][   T30]  ? wait_for_completion+0x2fe/0x620
[  834.295869][   T30]  ? wait_for_completion+0x2fe/0x620
[  834.301469][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  834.312140][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  834.317399][   T30]  ? wait_for_completion+0x2fe/0x620
[  834.330644][   T30]  wait_for_completion+0x355/0x620
[  834.336089][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  834.341777][   T30]  ? __flush_work+0xe6/0xd00
[  834.355977][   T30]  __flush_work+0xaa9/0xd00
[  834.362249][   T30]  ? __flush_work+0xe6/0xd00
[  834.366900][   T30]  ? __pfx___flush_work+0x10/0x10
[  834.371965][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  834.392159][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  834.398582][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  834.408291][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  834.419555][   T30]  unregister_netdevice_many_notify+0x8a0/0x16b0
[  834.426106][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  834.435278][   T30]  ? __asan_memset+0x23/0x50
[  834.439925][   T30]  ? skb_queue_purge_reason+0x2de/0x500
[  834.451846][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  834.457437][   T30]  unregister_netdevice_queue+0x303/0x370
[  834.468428][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  834.481022][   T30]  __tun_detach+0x6b6/0x1600
[  834.485773][   T30]  tun_chr_close+0x108/0x1b0
[  834.490410][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  834.511385][   T30]  __fput+0x24a/0x8a0
[  834.521160][   T30]  task_work_run+0x24f/0x310
[  834.526099][   T30]  ? __pfx_task_work_run+0x10/0x10
[  834.531279][   T30]  ? syscall_exit_to_user_mode+0xa3/0x360
[  834.545940][   T30]  syscall_exit_to_user_mode+0x168/0x360
[  834.551675][   T30]  do_syscall_64+0x100/0x230
[  834.556601][   T30]  ? clear_bhb_loop+0x35/0x90
[  834.561348][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.568891][   T30] RIP: 0033:0x7f3d0ab75bd9
[  834.582211][   T30] RSP: 002b:00007fff1d83d618 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  834.590702][   T30] RAX: 0000000000000000 RBX: 00007f3d0ad05a60 RCX: 00007f3d0ab75bd9
[  834.608487][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  834.620232][   T30] RBP: 00007f3d0ad05a60 R08: 00007f3d0a201000 R09: 0000001d1d83d93f
[  834.650332][   T30] R10: 00000000005e3ae4 R11: 0000000000000246 R12: 00000000000a80a8
[  834.658724][   T30] R13: 0000000000000032 R14: 00007f3d0ad05a60 R15: 00007f3d0ad04038
[  834.672171][   T30]  </TASK>
[  834.675280][   T30] INFO: task syz.4.1889:12723 blocked for more than 145 seconds.
[  834.711986][   T30]       Not tainted 6.10.0-rc7-syzkaller #0
[  834.738192][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  834.761936][   T30] task:syz.4.1889      state:D stack:26272 pid:12723 tgid:12722 ppid:11740  flags:0x00004004
[  834.802306][   T30] Call Trace:
[  834.805743][   T30]  <TASK>
[  834.808712][   T30]  __schedule+0x1796/0x49d0
[  834.820412][   T30]  ? __pfx___schedule+0x10/0x10
[  834.829183][   T30]  ? __pfx_lock_release+0x10/0x10
[  834.842163][   T30]  ? schedule+0x90/0x320
[  834.851594][   T30]  schedule+0x14b/0x320
[  834.862516][   T30]  schedule_timeout+0xb0/0x310
[  834.867369][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  834.884666][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  834.890743][   T30]  ? wait_for_completion+0x2fe/0x620
[  834.902139][   T30]  ? wait_for_completion+0x2fe/0x620
[  834.907491][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  834.915355][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  834.920606][   T30]  ? wait_for_completion+0x2fe/0x620
[  834.942167][   T30]  wait_for_completion+0x355/0x620
[  834.947389][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  834.958420][   T30]  ? __init_swait_queue_head+0xae/0x150
[  834.971293][   T30]  __synchronize_srcu+0x357/0x400
[  834.977511][   T30]  ? __mutex_unlock_slowpath+0x21d/0x750
[  834.985119][   T30]  ? __pfx___synchronize_srcu+0x10/0x10
[  834.990820][   T30]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  835.006383][   T30]  kvm_swap_active_memslots+0x2ea/0x3d0
[  835.012174][   T30]  kvm_set_memslot+0x6ca/0x1280
[  835.017186][   T30]  ? __kvm_set_memory_region+0x6ff/0xb00
[  835.023149][   T30]  __kvm_set_memory_region+0x903/0xb00
[  835.028678][   T30]  kvm_vm_ioctl_set_memory_region+0x6d/0xa0
[  835.043356][   T30]  kvm_vm_ioctl+0xa45/0xd30
[  835.047957][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  835.053112][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  835.059575][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  835.081136][   T30]  ? tomoyo_path_number_perm+0x71a/0x880
[  835.097725][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  835.112281][   T30]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  835.118389][   T30]  ? smack_file_ioctl+0x356/0x3a0
[  835.128377][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[  835.139931][   T30]  ? __fget_files+0x29/0x470
[  835.144975][   T30]  ? __fget_files+0x3f6/0x470
[  835.149702][   T30]  ? __fget_files+0x29/0x470
[  835.156772][   T30]  ? bpf_lsm_file_ioctl+0x9/0x10
[  835.161768][   T30]  ? security_file_ioctl+0x87/0xb0
[  835.172172][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  835.177291][   T30]  __se_sys_ioctl+0xfc/0x170
[  835.189057][   T30]  do_syscall_64+0xf3/0x230
[  835.198472][   T30]  ? clear_bhb_loop+0x35/0x90
[  835.203562][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.209599][   T30] RIP: 0033:0x7f8dc6b75bd9
[  835.219839][   T30] RSP: 002b:00007f8dc786d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  835.242378][   T30] RAX: ffffffffffffffda RBX: 00007f8dc6d03f60 RCX: 00007f8dc6b75bd9
[  835.250428][   T30] RDX: 0000000020000080 RSI: 000000004020ae46 RDI: 0000000000000004
[  835.274443][   T30] RBP: 00007f8dc6be4e60 R08: 0000000000000000 R09: 0000000000000000
[  835.285328][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  835.298466][   T30] R13: 000000000000000b R14: 00007f8dc6d03f60 R15: 00007ffebb941378
[  835.315204][   T30]  </TASK>
[  835.318365][   T30] INFO: task syz.4.1889:12725 blocked for more than 145 seconds.
[  835.335374][   T30]       Not tainted 6.10.0-rc7-syzkaller #0
[  835.341346][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  835.366677][   T30] task:syz.4.1889      state:D stack:27200 pid:12725 tgid:12722 ppid:11740  flags:0x00000004
[  835.378257][   T30] Call Trace:
[  835.381575][   T30]  <TASK>
[  835.397302][   T30]  __schedule+0x1796/0x49d0
[  835.401921][   T30]  ? __pfx___schedule+0x10/0x10
[  835.412163][   T30]  ? __pfx_lock_release+0x10/0x10
[  835.417266][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  835.428225][   T30]  ? schedule+0x90/0x320
[  835.437321][   T30]  schedule+0x14b/0x320
[  835.441538][   T30]  schedule_preempt_disabled+0x13/0x30
[  835.447307][   T30]  __mutex_lock+0x6a4/0xd70
[  835.451861][   T30]  ? __mutex_lock+0x527/0xd70
[  835.465097][   T30]  ? kvm_vm_ioctl_set_memory_region+0x62/0xa0
[  835.471298][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  835.488867][   T30]  ? tomoyo_path_number_perm+0x68d/0x880
[  835.499850][   T30]  ? __might_fault+0xc6/0x120
[  835.506023][   T30]  kvm_vm_ioctl_set_memory_region+0x62/0xa0
[  835.515932][   T30]  kvm_vm_ioctl+0xa45/0xd30
[  835.520954][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  835.532172][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  835.538585][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  835.549470][   T30]  ? tomoyo_path_number_perm+0x71a/0x880
[  835.562588][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  835.568301][   T30]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  835.575870][   T30]  ? smack_file_ioctl+0x356/0x3a0
[  835.580971][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[  835.589692][   T30]  ? __fget_files+0x29/0x470
[  835.599885][   T30]  ? __fget_files+0x3f6/0x470
[  835.613307][   T30]  ? __fget_files+0x29/0x470
[  835.618085][   T30]  ? bpf_lsm_file_ioctl+0x9/0x10
[  835.631678][   T30]  ? security_file_ioctl+0x87/0xb0
[  835.640943][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  835.651171][   T30]  __se_sys_ioctl+0xfc/0x170
[  835.655873][   T30]  do_syscall_64+0xf3/0x230
[  835.660430][   T30]  ? clear_bhb_loop+0x35/0x90
[  835.672150][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.678155][   T30] RIP: 0033:0x7f8dc6b757db
[  835.687006][   T30] RSP: 002b:00007f8dc65fd4a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  835.699824][   T30] RAX: ffffffffffffffda RBX: 00007f8dc65fdbf0 RCX: 00007f8dc6b757db
[  835.714545][   T30] RDX: 00007f8dc65fdbf0 RSI: 000000004020ae46 RDI: 0000000000000004
[  835.728673][   T30] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000000
[  835.750904][   T30] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  835.767480][   T30] R13: 0000000020001000 R14: 0000000020000000 R15: 00000000fec00000
[  835.782168][   T30]  </TASK>
[  835.785452][   T30] INFO: task syz.4.1889:12728 blocked for more than 146 seconds.
[  835.800706][   T30]       Not tainted 6.10.0-rc7-syzkaller #0
[  835.819998][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  835.837232][   T30] task:syz.4.1889      state:D stack:25632 pid:12728 tgid:12722 ppid:11740  flags:0x00000004
[  835.847739][   T30] Call Trace:
[  835.851054][   T30]  <TASK>
[  835.862162][   T30]  __schedule+0x1796/0x49d0
[  835.866778][   T30]  ? __pfx___schedule+0x10/0x10
[  835.871673][   T30]  ? __pfx_lock_release+0x10/0x10
[  835.877799][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  835.907580][   T30]  ? schedule+0x90/0x320
[  835.912031][   T30]  schedule+0x14b/0x320
[  835.927079][   T30]  schedule_preempt_disabled+0x13/0x30
[  835.936402][   T30]  __mutex_lock+0x6a4/0xd70
[  835.941336][   T30]  ? __mutex_lock+0x527/0xd70
[  835.946636][   T30]  ? kvm_vm_ioctl_register_coalesced_mmio+0x11d/0x330
[  835.961925][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  835.968363][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  835.973268][   T30]  ? kvm_vm_ioctl_register_coalesced_mmio+0x8d/0x330
[  835.980084][   T30]  ? kvm_vm_ioctl_register_coalesced_mmio+0x10d/0x330
[  835.992150][   T30]  kvm_vm_ioctl_register_coalesced_mmio+0x11d/0x330
[  836.006088][   T30]  kvm_vm_ioctl+0x988/0xd30
[  836.010704][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  836.022151][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  836.028556][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  836.051646][   T30]  ? __pfx_lock_release+0x10/0x10
[  836.056808][   T30]  ? kfree+0x149/0x360
[  836.060934][   T30]  ? tomoyo_path_number_perm+0x71a/0x880
[  836.075490][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  836.081330][   T30]  ? smack_file_ioctl+0x356/0x3a0
[  836.086592][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[  836.099552][   T30]  ? __fget_files+0x29/0x470
[  836.110727][   T30]  ? __fget_files+0x3f6/0x470
[  836.122162][   T30]  ? __fget_files+0x29/0x470
[  836.126838][   T30]  ? bpf_lsm_file_ioctl+0x9/0x10
[  836.131817][   T30]  ? security_file_ioctl+0x87/0xb0
[  836.146934][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  836.152189][   T30]  __se_sys_ioctl+0xfc/0x170
[  836.156837][   T30]  do_syscall_64+0xf3/0x230
[  836.161479][   T30]  ? clear_bhb_loop+0x35/0x90
[  836.182179][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.194319][   T30] RIP: 0033:0x7f8dc6b75bd9
[  836.199330][   T30] RSP: 002b:00007f8dc65de048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  836.220257][   T30] RAX: ffffffffffffffda RBX: 00007f8dc6d04110 RCX: 00007f8dc6b75bd9
[  836.229697][   T30] RDX: 00000000200001c0 RSI: 000000004010ae67 RDI: 0000000000000004
[  836.245095][   T30] RBP: 00007f8dc6be4e60 R08: 0000000000000000 R09: 0000000000000000
[  836.262171][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  836.272982][   T30] R13: 000000000000006e R14: 00007f8dc6d04110 R15: 00007ffebb941378
[  836.281780][   T30]  </TASK>
[  836.291024][   T30] 
[  836.291024][   T30] Showing all locks held in the system:
[  836.298909][   T30] 2 locks held by kworker/0:1/9:
[  836.306514][   T30] 1 lock held by khungtaskd/30:
[  836.311412][   T30]  #0: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  836.328573][   T30] 3 locks held by kworker/u8:11/3849:
[  836.352063][   T30]  #0: ffff88802a55f148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  836.366745][   T30]  #1: ffffc9000b807d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  836.388963][   T30]  #2: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  836.398998][   T30] 2 locks held by getty/4840:
[  836.408812][   T30]  #0: ffff88802b17f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  836.425148][   T30]  #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  836.442759][   T30] 2 locks held by kworker/0:5/5139:
[  836.448120][   T30] 3 locks held by kworker/1:6/5143:
[  836.455772][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  836.473858][   T30]  #1: ffffc90004227d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  836.505499][   T30]  #2: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  836.528256][   T30] 1 lock held by syz.2.1832/12500:
[  836.534948][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  836.552151][   T30] 7 locks held by syz-executor/12608:
[  836.557583][   T30]  #0: ffff88802fffa420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  836.574318][   T30]  #1: ffff888050426088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  836.584238][   T30]  #2: ffff8880230123c8 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  836.602198][   T30]  #3: ffffffff8eee1f28 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890
[  836.617135][   T30]  #4: ffff88802cffd0e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520
[  836.651005][   T30]  #5: ffff88802cffe250 (&devlink->lock_key#16){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80
[  836.668668][   T30]  #6: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: nsim_create+0x408/0x890
[  836.680170][   T30] 1 lock held by syz.1.1885/12713:
[  836.691351][   T30] 2 locks held by syz.0.1888/12720:
[  836.696665][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  836.706029][   T30]  #1: ffffffff8e1ce5b0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x607/0x16b0
[  836.729349][   T30] 1 lock held by syz.4.1889/12723:
[  836.734717][   T30]  #0: ffffc9000f13b0a8 (&kvm->slots_lock){+.+.}-{3:3}, at: kvm_vm_ioctl_set_memory_region+0x62/0xa0
[  836.752145][   T30] 1 lock held by syz.4.1889/12725:
[  836.757320][   T30]  #0: ffffc9000f13b0a8 (&kvm->slots_lock){+.+.}-{3:3}, at: kvm_vm_ioctl_set_memory_region+0x62/0xa0
[  836.790740][   T30] 1 lock held by syz.4.1889/12728:
[  836.796032][   T30]  #0: ffffc9000f13b0a8 (&kvm->slots_lock){+.+.}-{3:3}, at: kvm_vm_ioctl_register_coalesced_mmio+0x11d/0x330
[  836.816657][   T30] 2 locks held by syz.3.1893/12742:
[  836.823530][   T30]  #0: ffff88801cee4678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x780
[  836.852267][   T30]  #1: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0x5d3/0xe50
[  836.862035][   T30] 1 lock held by syz-executor/12745:
[  836.874283][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  836.887791][   T30] 1 lock held by syz-executor/12749:
[  836.896730][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  836.912970][   T30] 1 lock held by syz-executor/12751:
[  836.918306][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  836.944467][   T30] 1 lock held by syz-executor/12754:
[  836.949835][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  836.962130][   T30] 1 lock held by syz-executor/12757:
[  836.967466][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  836.985167][   T30] 1 lock held by syz-executor/12763:
[  836.990806][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.012020][   T30] 1 lock held by syz-executor/12768:
[  837.019262][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.030208][   T30] 1 lock held by syz-executor/12769:
[  837.042229][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.069405][   T30] 1 lock held by syz-executor/12775:
[  837.074905][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.085761][   T30] 1 lock held by syz-executor/12779:
[  837.091081][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.109728][   T30] 1 lock held by syz-executor/12782:
[  837.122409][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.133269][   T30] 1 lock held by syz-executor/12788:
[  837.138886][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.157541][   T30] 1 lock held by syz-executor/12791:
[  837.172151][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.181780][   T30] 1 lock held by syz-executor/12794:
[  837.210395][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  837.226203][   T30] 
[  837.230111][   T30] =============================================
[  837.230111][   T30] 
[  837.251620][   T30] NMI backtrace for cpu 1
[  837.256009][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller #0
[  837.264274][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  837.274368][   T30] Call Trace:
[  837.277672][   T30]  <TASK>
[  837.280628][   T30]  dump_stack_lvl+0x241/0x360
[  837.285355][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  837.290595][   T30]  ? __pfx__printk+0x10/0x10
[  837.295216][   T30]  ? vprintk_emit+0x631/0x770
[  837.299940][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  837.305011][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  837.309990][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  837.315566][   T30]  ? _printk+0xd5/0x120
[  837.319766][   T30]  ? __pfx__printk+0x10/0x10
[  837.324495][   T30]  ? __wake_up_klogd+0xcc/0x110
[  837.329387][   T30]  ? __pfx__printk+0x10/0x10
[  837.334017][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  837.339106][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  837.345139][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  837.351165][   T30]  watchdog+0xfde/0x1020
[  837.355445][   T30]  ? watchdog+0x1ea/0x1020
[  837.359898][   T30]  ? __pfx_watchdog+0x10/0x10
[  837.364610][   T30]  kthread+0x2f0/0x390
[  837.368721][   T30]  ? __pfx_watchdog+0x10/0x10
[  837.373431][   T30]  ? __pfx_kthread+0x10/0x10
[  837.378065][   T30]  ret_from_fork+0x4b/0x80
[  837.382526][   T30]  ? __pfx_kthread+0x10/0x10
[  837.387157][   T30]  ret_from_fork_asm+0x1a/0x30
[  837.391978][   T30]  </TASK>
[  837.396133][   T30] Sending NMI from CPU 1 to CPUs 0:
[  837.401392][    C0] NMI backtrace for cpu 0
[  837.401408][    C0] CPU: 0 PID: 12713 Comm: syz.1.1885 Not tainted 6.10.0-rc7-syzkaller #0
[  837.401427][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  837.401440][    C0] RIP: 0010:unwind_get_return_address+0x80/0xc0
[  837.401473][    C0] Code: 8b 3b e8 73 44 21 00 89 c5 31 ff 89 c6 e8 68 3c 55 00 85 ed 74 20 e8 1f 38 55 00 43 80 3c 37 00 74 08 48 89 df e8 c0 a3 b7 00 <48> 8b 03 eb 0e e8 06 38 55 00 eb 05 e8 ff 37 55 00 31 c0 5b 41 5e
[  837.401490][    C0] RSP: 0018:ffffc90000005f18 EFLAGS: 00000046
[  837.401507][    C0] RAX: ffffffff8140eea1 RBX: ffffc90000005f88 RCX: ffff888027c4bc00
[  837.401522][    C0] RDX: 0000000080010304 RSI: 0000000000000001 RDI: 0000000000000000
[  837.401534][    C0] RBP: 0000000000000001 R08: ffffffff8140ee98 R09: ffffffff8141095f
[  837.401548][    C0] R10: 0000000000000003 R11: ffff888027c4bc00 R12: ffff888027c4bc00
[  837.401562][    C0] R13: ffffffff8181dca0 R14: dffffc0000000000 R15: 1ffff92000000bf1
[  837.401577][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  837.401593][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  837.401606][    C0] CR2: 0000001b30cf8ff8 CR3: 000000000e132000 CR4: 00000000003526f0
[  837.401623][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  837.401634][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  837.401646][    C0] Call Trace:
[  837.401654][    C0]  <NMI>
[  837.401661][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  837.401682][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  837.401705][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  837.401725][    C0]  ? nmi_handle+0x2a/0x5a0
[  837.401762][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  837.401783][    C0]  ? nmi_handle+0x14f/0x5a0
[  837.401810][    C0]  ? nmi_handle+0x2a/0x5a0
[  837.401839][    C0]  ? unwind_get_return_address+0x80/0xc0
[  837.401864][    C0]  ? default_do_nmi+0x63/0x160
[  837.401886][    C0]  ? exc_nmi+0x123/0x1f0
[  837.401906][    C0]  ? end_repeat_nmi+0xf/0x53
[  837.401934][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  837.401967][    C0]  ? unwind_next_frame+0x196f/0x2a00
[  837.401991][    C0]  ? unwind_get_return_address+0x68/0xc0
[  837.402015][    C0]  ? unwind_get_return_address+0x71/0xc0
[  837.402047][    C0]  ? unwind_get_return_address+0x80/0xc0
[  837.402074][    C0]  ? unwind_get_return_address+0x80/0xc0
[  837.402103][    C0]  ? unwind_get_return_address+0x80/0xc0
[  837.402132][    C0]  </NMI>
[  837.402139][    C0]  <IRQ>
[  837.402146][    C0]  ? ieee80211_rx_napi+0x18a/0x3c0
[  837.402175][    C0]  arch_stack_walk+0x125/0x1b0
[  837.402211][    C0]  ? ieee80211_handle_queued_frames+0xe7/0x1e0
[  837.402246][    C0]  stack_trace_save+0x118/0x1d0
[  837.402278][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  837.402316][    C0]  ? debug_check_no_obj_freed+0x561/0x580
[  837.402348][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  837.402379][    C0]  ? __pfx_lock_release+0x10/0x10
[  837.402404][    C0]  kasan_save_track+0x3f/0x80
[  837.402435][    C0]  ? kasan_save_track+0x3f/0x80
[  837.402465][    C0]  ? kasan_save_free_info+0x40/0x50
[  837.402491][    C0]  ? poison_slab_object+0xe0/0x150
[  837.402522][    C0]  ? __kasan_slab_free+0x37/0x60
[  837.402549][    C0]  ? kfree+0x149/0x360
[  837.402569][    C0]  ? dummy_timer+0x7ce/0x45d0
[  837.402588][    C0]  ? __hrtimer_run_queues+0x59b/0xd50
[  837.402613][    C0]  ? hrtimer_interrupt+0x396/0x990
[  837.402637][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x3f0
[  837.402664][    C0]  ? sysvec_apic_timer_interrupt+0x52/0xc0
[  837.402688][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  837.402714][    C0]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  837.402733][    C0]  ? unwind_next_frame+0x6ef/0x2a00
[  837.402758][    C0]  ? arch_stack_walk+0x151/0x1b0
[  837.402784][    C0]  ? stack_trace_save+0x118/0x1d0
[  837.402811][    C0]  ? kasan_save_track+0x3f/0x80
[  837.402837][    C0]  ? kasan_save_free_info+0x40/0x50
[  837.402859][    C0]  ? poison_slab_object+0xe0/0x150
[  837.402886][    C0]  ? __kasan_slab_free+0x37/0x60
[  837.402912][    C0]  ? kfree+0x149/0x360
[  837.402931][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[  837.402956][    C0]  ? cfg80211_inform_single_bss_data+0x1121/0x2360
[  837.402979][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  837.403001][    C0]  ? cfg80211_inform_bss_frame_data+0x3bc/0x720
[  837.403029][    C0]  ? ieee80211_bss_info_update+0x8a7/0xbc0
[  837.403056][    C0]  ? ieee80211_scan_rx+0x526/0x9c0
[  837.403081][    C0]  ? ieee80211_rx_list+0x2b00/0x3780
[  837.403107][    C0]  ? ieee80211_rx_napi+0x18a/0x3c0
[  837.403151][    C0]  ? dummy_timer+0x7ce/0x45d0
[  837.403169][    C0]  kasan_save_free_info+0x40/0x50
[  837.403193][    C0]  poison_slab_object+0xe0/0x150
[  837.403222][    C0]  __kasan_slab_free+0x37/0x60
[  837.403250][    C0]  ? dummy_timer+0x7ce/0x45d0
[  837.403269][    C0]  kfree+0x149/0x360
[  837.403292][    C0]  dummy_timer+0x7ce/0x45d0
[  837.403318][    C0]  ? __pfx_lock_release+0x10/0x10
[  837.403349][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  837.403380][    C0]  ? __hrtimer_run_queues+0x477/0xd50
[  837.403413][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  837.403446][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  837.403470][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  837.403490][    C0]  __hrtimer_run_queues+0x59b/0xd50
[  837.403517][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  837.403548][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  837.403580][    C0]  hrtimer_interrupt+0x396/0x990
[  837.403620][    C0]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  837.403649][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  837.403674][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  837.403702][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70
[  837.403722][    C0] Code: 8b 3d 0c 3c 44 0c 48 89 de 5b e9 c3 f6 56 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 80 d4 03 00 65 8b 15 b0 ad 6d 7e f7 c2 00 01 ff 00
[  837.403737][    C0] RSP: 0018:ffffc90000006a00 EFLAGS: 00000202
[  837.403753][    C0] RAX: ffffffff8140f6df RBX: 0000000000000003 RCX: ffff888027c4bc00
[  837.403767][    C0] RDX: 0000000000000002 RSI: ffffffff8e1a1360 RDI: 0000000000000003
[  837.403779][    C0] RBP: ffffffff90cf1776 R08: 0000000000000003 R09: ffffffff8140f6b2
[  837.403793][    C0] R10: 0000000000000002 R11: ffff888027c4bc00 R12: ffffffff90274a00
[  837.403806][    C0] R13: dffffc0000000000 R14: 1ffff92000000d5c R15: ffffffff90cf1772
[  837.403824][    C0]  ? unwind_next_frame+0x6c2/0x2a00
[  837.403850][    C0]  ? unwind_next_frame+0x6ef/0x2a00
[  837.403879][    C0]  unwind_next_frame+0x6ef/0x2a00
[  837.403907][    C0]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7f
[  837.403935][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.403961][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.403988][    C0]  ? __kernel_text_address+0xd/0x40
[  837.404013][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.404043][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  837.404073][    C0]  arch_stack_walk+0x151/0x1b0
[  837.404105][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.404134][    C0]  stack_trace_save+0x118/0x1d0
[  837.404164][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  837.404194][    C0]  ? mark_lock+0x9a/0x350
[  837.404219][    C0]  kasan_save_track+0x3f/0x80
[  837.404245][    C0]  ? kasan_save_track+0x3f/0x80
[  837.404269][    C0]  ? kasan_save_free_info+0x40/0x50
[  837.404292][    C0]  ? poison_slab_object+0xe0/0x150
[  837.404319][    C0]  ? __kasan_slab_free+0x37/0x60
[  837.404345][    C0]  ? kfree+0x149/0x360
[  837.404364][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[  837.404390][    C0]  ? cfg80211_inform_single_bss_data+0x1121/0x2360
[  837.404413][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  837.404435][    C0]  ? cfg80211_inform_bss_frame_data+0x3bc/0x720
[  837.404457][    C0]  ? ieee80211_bss_info_update+0x8a7/0xbc0
[  837.404483][    C0]  ? ieee80211_scan_rx+0x526/0x9c0
[  837.404508][    C0]  ? ieee80211_rx_list+0x2b00/0x3780
[  837.404533][    C0]  ? ieee80211_rx_napi+0x18a/0x3c0
[  837.404557][    C0]  ? ieee80211_handle_queued_frames+0xe7/0x1e0
[  837.404583][    C0]  ? tasklet_action_common+0x321/0x4d0
[  837.404603][    C0]  ? handle_softirqs+0x2c4/0x970
[  837.404619][    C0]  ? __irq_exit_rcu+0xf4/0x1c0
[  837.404636][    C0]  ? irq_exit_rcu+0x9/0x30
[  837.404652][    C0]  ? sysvec_apic_timer_interrupt+0xa6/0xc0
[  837.404676][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  837.404703][    C0]  ? rcu_is_watching+0x5a/0xb0
[  837.404723][    C0]  ? lock_acquire+0xe3/0x550
[  837.404740][    C0]  ? mod_memcg_page_state+0xb7/0x770
[  837.404763][    C0]  ? vfree+0x17c/0x2e0
[  837.404784][    C0]  ? kcov_close+0x2b/0x50
[  837.404802][    C0]  ? __fput+0x24a/0x8a0
[  837.404823][    C0]  ? task_work_run+0x24f/0x310
[  837.404846][    C0]  ? do_exit+0xa27/0x27e0
[  837.404868][    C0]  ? do_group_exit+0x207/0x2c0
[  837.404889][    C0]  ? get_signal+0x16a1/0x1740
[  837.404915][    C0]  ? arch_do_signal_or_restart+0x96/0x860
[  837.404937][    C0]  ? syscall_exit_to_user_mode+0xc9/0x360
[  837.404962][    C0]  ? do_syscall_64+0x100/0x230
[  837.404989][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.405035][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[  837.405060][    C0]  kasan_save_free_info+0x40/0x50
[  837.405083][    C0]  poison_slab_object+0xe0/0x150
[  837.405113][    C0]  __kasan_slab_free+0x37/0x60
[  837.405141][    C0]  ? ieee80211_inform_bss+0xbb2/0x1080
[  837.405166][    C0]  kfree+0x149/0x360
[  837.405189][    C0]  ieee80211_inform_bss+0xbb2/0x1080
[  837.405221][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  837.405252][    C0]  ? cfg80211_inform_single_bss_data+0xd78/0x2360
[  837.405275][    C0]  ? cfg80211_inform_single_bss_data+0xfc2/0x2360
[  837.405300][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  837.405328][    C0]  cfg80211_inform_single_bss_data+0x1121/0x2360
[  837.405360][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  837.405396][    C0]  ? timekeeping_get_ns+0x2c0/0x420
[  837.405426][    C0]  ? cfg80211_inform_bss_data+0x3c5/0x5a70
[  837.405452][    C0]  cfg80211_inform_bss_data+0x3dd/0x5a70
[  837.405474][    C0]  ? lapic_next_event+0x11/0x20
[  837.405501][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  837.405535][    C0]  ? mark_lock+0x9a/0x350
[  837.405560][    C0]  ? __pfx_validate_chain+0x10/0x10
[  837.405586][    C0]  ? validate_chain+0x11e/0x5900
[  837.405621][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  837.405645][    C0]  ? __pfx_validate_chain+0x10/0x10
[  837.405668][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  837.405688][    C0]  ? mark_lock+0x9a/0x350
[  837.405708][    C0]  ? __pfx_lock_release+0x10/0x10
[  837.405729][    C0]  ? __lock_acquire+0x1346/0x1fd0
[  837.405767][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  837.405786][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  837.405817][    C0]  cfg80211_inform_bss_frame_data+0x3bc/0x720
[  837.405847][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  837.405873][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[  837.405905][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  837.405938][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  837.405957][    C0]  ? kcov_remote_start+0x9e/0x7e0
[  837.405977][    C0]  ? ieee80211_get_channel_khz+0x173/0x920
[  837.406002][    C0]  ieee80211_scan_rx+0x526/0x9c0
[  837.406079][    C0]  ieee80211_rx_list+0x2b00/0x3780
[  837.406106][    C0]  ? __lock_acquire+0x1346/0x1fd0
[  837.406133][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  837.406167][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  837.406188][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  837.406210][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  837.406235][    C0]  ? ieee80211_rx_napi+0xd6/0x3c0
[  837.406260][    C0]  ieee80211_rx_napi+0x18a/0x3c0
[  837.406287][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  837.406319][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  837.406349][    C0]  ? skb_dequeue+0x113/0x150
[  837.406369][    C0]  ieee80211_handle_queued_frames+0xe7/0x1e0
[  837.406399][    C0]  tasklet_action_common+0x321/0x4d0
[  837.406424][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[  837.406450][    C0]  ? workqueue_softirq_action+0xca/0x140
[  837.406475][    C0]  handle_softirqs+0x2c4/0x970
[  837.406496][    C0]  ? __irq_exit_rcu+0xf4/0x1c0
[  837.406517][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  837.406538][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  837.406566][    C0]  __irq_exit_rcu+0xf4/0x1c0
[  837.406585][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  837.406609][    C0]  irq_exit_rcu+0x9/0x30
[  837.406625][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  837.406651][    C0]  </IRQ>
[  837.406658][    C0]  <TASK>
[  837.406665][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  837.406693][    C0] RIP: 0010:rcu_is_watching+0x5a/0xb0
[  837.406714][    C0] Code: f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 bc 3e 7c 00 48 c7 c3 c8 7c 03 00 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 22 8b 03 65 ff 0d b1 80 87 7e 74 10 83 e0 04 c1 e8 02 5b
[  837.406729][    C0] RSP: 0018:ffffc9000ade76a0 EFLAGS: 00000a06
[  837.406744][    C0] RAX: 0000000000000000 RBX: ffff8880b9437cc8 RCX: ffffffff81726744
[  837.406757][    C0] RDX: 0000000000000000 RSI: ffffffff8c1f1520 RDI: ffffffff8c1f14e0
[  837.406771][    C0] RBP: ffffc9000ade7808 R08: ffffffff8fac1d2f R09: 1ffffffff1f583a5
[  837.406785][    C0] R10: dffffc0000000000 R11: fffffbfff1f583a6 R12: 1ffff920015bcee0
[  837.406799][    C0] R13: dffffc0000000000 R14: ffffffff8dda59e0 R15: dffffc0000000000
[  837.406819][    C0]  ? lock_acquire+0xd4/0x550
[  837.406842][    C0]  lock_acquire+0xe3/0x550
[  837.406865][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  837.406897][    C0]  mod_memcg_page_state+0xb7/0x770
[  837.406921][    C0]  ? mod_memcg_page_state+0x96/0x770
[  837.406945][    C0]  ? __pfx___might_resched+0x10/0x10
[  837.406967][    C0]  ? mod_memcg_page_state+0x96/0x770
[  837.406992][    C0]  ? __pfx_mod_memcg_page_state+0x10/0x10
[  837.407017][    C0]  ? free_unref_page+0x634/0xea0
[  837.407048][    C0]  vfree+0x17c/0x2e0
[  837.407073][    C0]  kcov_close+0x2b/0x50
[  837.407092][    C0]  ? __pfx_kcov_close+0x10/0x10
[  837.407111][    C0]  __fput+0x24a/0x8a0
[  837.407142][    C0]  task_work_run+0x24f/0x310
[  837.407170][    C0]  ? __pfx_task_work_run+0x10/0x10
[  837.407197][    C0]  ? do_exit+0xa22/0x27e0
[  837.407218][    C0]  ? kmem_cache_free+0x145/0x350
[  837.407243][    C0]  do_exit+0xa27/0x27e0
[  837.407271][    C0]  ? __pfx_do_exit+0x10/0x10
[  837.407295][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  837.407325][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  837.407347][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  837.407366][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  837.407397][    C0]  do_group_exit+0x207/0x2c0
[  837.407421][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  837.407448][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  837.407475][    C0]  get_signal+0x16a1/0x1740
[  837.407513][    C0]  ? __pfx_get_signal+0x10/0x10
[  837.407540][    C0]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  837.407565][    C0]  arch_do_signal_or_restart+0x96/0x860
[  837.407590][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  837.407612][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  837.407639][    C0]  ? syscall_exit_to_user_mode+0xa3/0x360
[  837.407667][    C0]  syscall_exit_to_user_mode+0xc9/0x360
[  837.407695][    C0]  do_syscall_64+0x100/0x230
[  837.407723][    C0]  ? clear_bhb_loop+0x35/0x90
[  837.407750][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.407775][    C0] RIP: 0033:0x7f2418375c97
[  837.407791][    C0] Code: Unable to access opcode bytes at 0x7f2418375c6d.
[  837.407800][    C0] RSP: 002b:00007ffc824692b8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  837.407817][    C0] RAX: 0000000000000000 RBX: 00007f24191726c0 RCX: 00007f2418375c97
[  837.407830][    C0] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f2419153000
[  837.407843][    C0] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  837.407854][    C0] R10: 0000000000021000 R11: 0000000000000206 R12: 00007ffc82469510
[  837.407867][    C0] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  837.407889][    C0]  </TASK>
[  839.006200][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  839.013111][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller #0
[  839.021307][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  839.031397][   T30] Call Trace:
[  839.034712][   T30]  <TASK>
[  839.037674][   T30]  dump_stack_lvl+0x241/0x360
[  839.042399][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  839.047637][   T30]  ? __pfx__printk+0x10/0x10
[  839.052282][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  839.058392][   T30]  ? vscnprintf+0x5d/0x90
[  839.062760][   T30]  panic+0x349/0x860
[  839.066696][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  839.072882][   T30]  ? __pfx_panic+0x10/0x10
[  839.077335][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  839.082744][   T30]  ? __irq_work_queue_local+0x137/0x410
[  839.088324][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  839.093730][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  839.099925][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  839.106125][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  839.112321][   T30]  watchdog+0x101d/0x1020
[  839.116689][   T30]  ? watchdog+0x1ea/0x1020
[  839.121156][   T30]  ? __pfx_watchdog+0x10/0x10
[  839.125870][   T30]  kthread+0x2f0/0x390
[  839.129979][   T30]  ? __pfx_watchdog+0x10/0x10
[  839.134690][   T30]  ? __pfx_kthread+0x10/0x10
[  839.139320][   T30]  ret_from_fork+0x4b/0x80
[  839.144385][   T30]  ? __pfx_kthread+0x10/0x10
[  839.149016][   T30]  ret_from_fork_asm+0x1a/0x30
[  839.154011][   T30]  </TASK>
[  839.159398][   T30] Kernel Offset: disabled
[  839.163747][   T30] Rebooting in 86400 seconds..