last executing test programs:

4m10.533942545s ago: executing program 2 (id=531):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000005000c000100000008001c004802000005000b"], 0x44}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x68, 0x0, 0x0, 0x6, 0x0, @remote, @broadcast}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2, 0x0, 0x0, 0xffff}}}}}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x2, 0x100, 0x5})
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000040)={'binder1\x00'})
writev(r0, &(0x7f0000000440)=[{&(0x7f00000001c0)='\x00\x00\x00\x00\x00\x00', 0xffffffffffffffc1}, {0x0, 0x5d}], 0x10000332)

4m10.028459135s ago: executing program 2 (id=534):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000000000)={0xfc, {"a2e3ad0e090d07f91b5e1a1887f70706d038e7ff7fc6e5539b0d3c0a8b089b3f32356c030890e0209b0a4cc6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ff056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde7d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffffe20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b7794035f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x34c)

4m9.660795805s ago: executing program 2 (id=535):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
unshare(0x22020600)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80080)
r3 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = accept4$inet6(0xffffffffffffffff, &(0x7f0000001c00)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000001c40)=0x1c, 0x800)
getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000700)={{{@in=@private, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000340)=0xe8)
sendmsg$netlink(r5, &(0x7f0000000400)={&(0x7f0000000280)=@kern={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001b00)=[{&(0x7f0000000480)={0x74, 0x39, 0x2, 0x70bd26, 0x25dfdbfb, "", [@generic="daafb10074da391b205352106d6db06e900fb720fa63512072af974289529a444fd8e8dc84897a678995c768", @generic="075980bb7d7df6f117a6c5cd2fa0da532fd27e9c0baaabd89a16c01c86b6339fd7235b2c308d534dcca71abf4b086752e59c85c26546"]}, 0x74}, {&(0x7f0000000500)={0x114, 0x10, 0x18, 0x70bd2d, 0x7e70, "", [@generic="c50c1ed0e30953489e2b1b6d50d9d2b659d6bc941d0c167fe1642e32682e508b986b17825861a14a911ace7aaf1eee151b8f938e950b567355ac72d47df887d3b5758a1f2bd75a52c0f6ced182bc391e370ab1812f8c2f06552fe829e8ee441f28dbdcb4aaa7e0edeed3b2acef42589257a07c8c6f0da1aa687440587b84ad6438da023d2cad78de0ec6cb500b238eecde404c3ed69ea6f423591514807ceef5429eed12108326786e98b813926980045eda823ba94be5f3072dcf1cffba69797c4f779fb305cf4785e078f682e458592d3aef1a61a113c3336bce4bcc14fd6b785e1d8f31f954f6b984d2b58cb5f075af04c837f752", @typed={0xc, 0x112, 0x0, 0x0, @u64=0x7}]}, 0x114}, {&(0x7f0000000800)={0x103c, 0x2c, 0x601, 0x70bd2b, 0x25dfdbfe, "", [@nested={0x1018, 0x137, 0x0, 0x1, [@nested={0x4, 0x66}, @nested={0x4, 0x8a}, @typed={0x1004, 0x100, 0x0, 0x0, @binary="180c69f92e16dd517b326f413d568a52fa6361077abb94948afbaf4d0397c8681c7c5ba885feff0ea660c943d3c3075ce0209183c7c99da390ce51b55442b1d7c705f9d39ff97e395732defb30b50cbd3469ea31c1e87c771d076f845d1eefe154aba29982e5ee421b817938149d5bfc9df56075de3dac0e728974dfa09712639d12d1d77abc455acc34deb7b556a3f7697c394fa2d6a44dcf7be96f503436f6c6849794d702870b52fc1f5bdc634eb76f9b4ad89670f0276bc9afb820af0b08d3b5ecf2cd1f7f4e97dbae2f38af167b976ab74ab0e87bdddd5a5d51fe9e13921dcc6b6602ccb407e484f57dbe997342bf91b489d6e1e1d8dadbeaba9f36c15012aa8cb6b1692141e650d9db1a2c3a6551b73884677ff0b007d5092bd55b62a0d1dcc7903ae2e9e41f2367c7cf5cf86ab3ad972a23341dee24c2ef5dd168cf5ed036cc045745c225764644dbd47f190b2988fbc7a521b5b7578f3d8f7c5f413bc38999d25aaad6c09646e34c3808c6cfcf427f5545712747d57221f5c583abfca7066aa1cd59c25a72aa64761dcd458a41abd99c2786e0d446ab752af68cf549eb8dd64f64235293421219d78160b85d6f351d4fa76a6b0810b0d6a19686ae33ab76c819f4952b5aa0e7192658d3b5da50599565e95003d7a7c5159d4999512a3fcad586957cfd794856b97ae130986888d7503e1b8f82a57c9389bdb4b6eb87d664884d56a1207bfa3faecd1e8d4b2b349e25c6997a3e97a9a807968e8e4c64d73fb275a35b7686aab17a2cd31c84cdd55e9a9293402c1cfb61b566ec46d2388ca7b69a32420a584a9690a86b3e91318eb89b29feda354df233908c0ce689321792812ade827331eac7d07be606b13c9f2490138def3e61bc4694e6e30170e24c2beb04534580cda79eb5f5b8cce08c1c3889316b6bfd5228c35fb8b9cea40c903a7f7896a6bf380725a6a5e0024929b3d6be9837e09a709ab29677f570420c0811ce9f3496ad868989e9eb3ff1824c280beca657a0a49de315c7babe6b3752ec213010212faacf0c857dcbf4ed91baa77819785c39c9ccf432c509af17265fec1f6b2740a39ad4a29cee6620026d5a22203d1ebe47c98b44aaf7ce7c2a951fe12191f3e519c8d67358d84046a50ae3ce8f89625e1f3854e1070379cbe7aea29940c59d5f484810a1f0de74ff5f8991c940318c7c141ae53434512fdf2c8ea3db1b6f4d921f1c1b9ecb0eabb8474cdbe95017e8a9ce337a06f3f3a5d649a7831866b5cbf576d45e84230e6443db6b2390e3560e397034a59097fb875e872ab0c2e83ce1762d9073996c9f3438d2d9ce958b02249a4b5e17c745b42205213e0cb34da819420ea031b77efecf7fbc3f124f876714115cdd82f9aa7fae6eeaed295292adb90019fa1747488be48703f678fec6be58960103f17b82b07457ea377c477dc77d9bafcc0cde0e09466a677595940a6e1391acabab85793d84eccf3618d1eb3a31b4e9a26a725ed150a23204e67877867a43e9f1709b88f622d997cf49ada4151edf5b9981aa9a82e4a963503679e97fe12ce1edc5a32aae932aebe75ff6528e882e9c8f1524e20270bd2a58c34101e108c8d1b7c5c4a5629c3a04ab231b9bc6bb442054dd2c8120c6c15a167de2b3f9480c2193cfbf3989faaa1514f7cb477d895044c97e3b203f66c5efb9b9685d123abbac7a83a62af9ac1ac204f16116b5e0a60d7c49de97c09a29b75edd3143603608816f5d784b65e2d0f09f8b3e3a8cba5a912a8520aea0377b4f760a62dbc41824fd6c23dba70045b22c1086b37d3e54ff56390b1621279077a013eb530515ff5e361f67be7486ffb7ad747ea763a9a3a93f3334356e647d756f1b5e24be9192d25987857f3a188fbbda84f107a988a8a9eeb9fdf61954ea0f6a5277c2c71c7258a8288eb36fa431fcd0c33c55e411bf84c7b690619290ce9698460a8033714dcff728d4c01cb17f9a524a3ae4d3f4c72190a72a1d9ce5a84244e77ab3a4fe25db7c7435e42ffaecae6ffcb0bda7505990543234c09ead895a34a7de38fcd4fa9e6b29fdb38d501f93549394d5d7aba45ad7c7194eb5d5b1f3669eed4179ff5faeda88833dd13d96e3d13a7744e60f56addddff48187afa8be3c142f6f9449c52b8e36ba1d1b36febfa6ff38f39fbc3b46b57106907adb38178cfba511b6a1d9a05d6d0150cb442db2b5acc638fb1f580eff68d7e6bd4306bbf7bfc3050e77baff87c12cdfb41dd36863996ef1d27792accd70cece0b1ea092b15382b7c6021faaade0347fa68dabd447e79af48a45b72125b5079cbdb60e9871665747c4f8a26c2f723b099f167c9eccb018f5bb65263771619b32916d54b19e39c2b16b4d38b0130143b313bfbf40128e951ec9c3dd8174fe1fd06714a450fea676993c897c3a7e19d55e6e31d77542939e30c78403972e814ee0b5fd0d4aeb17d595b6e07375119c8cbeb05210b69f8ab9890834447f03b7b4045e98fef1fa4e1d2a3e2e1b7840ac9f2d0a825abdd234df77ed1d9a0af40d72da5d82fced7860689605d978e7c13818308927f5fb1c7d5dbbc79648e61da64b9810666de41093de0a983227d97d5ce0224b9f14f65a83fdfd92c9d14c290de2db7fec9922de6efb4ab5eb9c9019f04b75ce50d1cda23706fff61b0175e3b8f655a736054be8323aa00a89a3ee418d747c23bc6ebc0def0ebbf067a2e2a064a8aa6d1c8cebba2bd5d6874e377fbef7e1d54a21282e3690416c3a13f7276910f75c07fecf2a9289505c3b3b1c86a902b28f74981074133bfc5baafc0d44f00e7a67ef3dc86fbb4c14d1a11554fabf02426b923497609426fca88a7d02031d3cba28a45994559e1a3d5e882d0fc0f4399ce3ff4a476eeeaa0cc47a97bf6faa746d3ddb94dc8e65b06ddc4be7bb0633f2c0ff2b7c1550810d354041aa344faeda86cd063a1b5c990abfd6bb2645226ea0e31dd5a74a3f1e87d8c41aefdf04b972dd68d2f45d500b8af2924758f56083e32afe127dab402217619a07f03151011f80c65107675dc84749bda1cfbb5ee2e509c299d4e8baf8af6b36bf6397a256187331bf2978657bd0f51d32ab6729a3cd435cc84184f084281ca74e1afa04f08dc5ecf3ebb3da81b848076e59bda4079d909deab2d316122c7edaa1f35c423bb19f6f45833182db6b82c0534d693db72c17197e6bdb9420d442d037c84cc65c5a35d3d8e6e5369a57d768f5c32e150460efcee76499a6e33339062265ae84bf130903f7a49b45156444494df7d23d8980d2db6fb3091e2203e134604e7ee98782d276fc39c6016856a3ec21b42046ec3a99371f16f1bbe75294c70bffa649da23a541b5d498448e3bb217f335671fb1589fe8ea2cb23084ea01dfafe162e96df5be87800e6b24a18bae66747fd7f389195009ee460284db26031053e9b6d8052e7d192807b9f84ed6ba0369e63d15fe373bbfd0d420d2e879ce88e604f8903685a9c2486163635e8072d192eaaa13f53c03943cc4b8561188b83f226fcea15dfef238d3effebc494dcc896345e19ecfaf2dc22cb43f3e72e9267328f52f09a15fd685360b5795c0f6aaca1e6e470bbe3d2f80f400151cc7dbc3127bedea9726fcbdf7cdb78e2b30339074423eeb578671a37e9b0819ae8111bfef465b3bc34b03e7c2193723c56b36d5834ab5493eecc9ed64ab949a5a2864fe2d6a24b83d82a6633d91b36c8fd524b11cf41bc09a827606a58cfc4386ef9a002caeb2a511941e967b7dc6ba17e1f2c74dc76be796dc2ef5ea04965fec31d7ccf010a8ce86cd10e756440aa39c8e9bfcbe37990c2579e94b53c07247d780279bd5f248ebf687dc9f0db42e242b5dda0b16e0db647b746184bb40f4a2867bbf1a79c1c43bab337503549ca422819d5b455a0edeceb18666c08c0dbbaaf66cb4848becfbe737b643e1eceba419bb0f6806591f901fd3d7e4bb9ec6bafbdcbedc9ef9e4187337988429236ba8da97d50fe2326b3991f234b799a8aaa0cda158ae0d32679e81270825e0e802cd8bf41a04d2123daf98f2ef631d662df4cc449aae060c4b967ba699229dc64b91ca34b1ffccf3f1983abd9e72754ba12a5a4fc30e2bd381a39f7fae8c7afe49274258eb33e44e2480ef2f9166fa052e86e5dc1ac226289c46556f19aea5f123ca98c742d4c3eda431eebac06648066d35c58aee236308bedde2e6481e2b002759b7d513323e8e0b5a689d4f27c48a39665ea9165fbabbf743c5d27132e804c9ab19431129268ef898b7c4c5837ff19b9e28fea7a16c9943c5b6d3df0480e894c6b4f9cd27b8ed722911e56ff203b2c10b770235def0ed5d1721555980a704002a1e5a5d30ad31e38e2c68739b1866e823feec208d4e05a13adbeff027ef6c98a85d16ee24377177493d51d635e80c9c420bfddd4178fb086db93a51c5e85371858a8c3a4478257b93a23ae3c9a292c760ad910f751248e0dc2f60b95c69420230568a8253836d126dfa26f1510b160762d6c46aaa232aaa5f443b327928133c514c5113f04671dde684413906135086be25c02b40022d125d6e706124a4d9bad9c59baf9f3f58237f78655d4fc3b7fd6be0a66f145fec41b06bfcbce6a24251f47e3f9bddad8126ded9a101661dec9b28984a1bdd1a3737c71e85d5addac4fb3e3ab799a360a33350ea30bc2b57405bdb9e342068fcab365d2098c20fffb7e0e637d5dc41f4d1c9c29395b7dd3be7f9a3b0991a77aa6ff51e3a5fde76f0b40a0ba49c4766e85de470eb6256b0b4fc28429fc9cb72b0246d5e80f494b722d4b1b6fe1b66e49a978b2740911f0d64af0e6d624868d83e5d3deeca3abe0dec0d3ba1f882a1f2a77d8272ce6417520413e3d0d1ae389085eb0c9394034cd23a0de39256f0c83cbd60da4352339e50df56080896e6ff1afc9207598c1e64d6cd5ee150f2d7c0f834f4c64c1a0ce3d7704603142988a9db72c1fbc3ff26f1d74e0cdf3fc3cbda5363836d30dffd63b6ebd1c836d09902c20549c77c4ef250a65840b733efdb1edecbbe682582dfeb1db348fac1c929dbfcac1f801536334ee82b7f9a12b0b1675ff707059efb70c08799381e3f8f4d3497fceb148f9504c89fe2059312e7c2c34006a308ade300e35e688b5333094b3eb3ff2c239b43cb66d69948c2dd3c6cf18360224d7e44f0e69769e4e029b833f956d1f8aeac7d9a11c61264d92cc7bf79160921ec6a573ed6d673d531398e1810f0f849b75d62bf8b07bf9cbc41e7c0d27001fd3449e46b3934dfd750ef8f34324038c5cd947da4f987a451dc9394d02b783f7725aa936fe7066994bf8fe2024dd24015d0f5add3694d1a7277599eabdc2d48852ef6e9f078fced556fb5032d75fd7e0de3b26b12768cca28231588e4894833e3304cbd87f963f7defeddf41b1c210cdd1cd796e30490f66e22bf5c78c91a54cf9ef97a9383119f29ea7ab920c6c64c38b8709bb75663c9ea2c9c7e2b2ae11923caee31966be58c7d2e2b5d02a0dd783d6b2732b8adbe2264ca8eeba3ef9e57327c0ecb00f6be17f52360115cd4ed2e96806e1706ffe54f4aca17fe9574ed279bbb424234784cad0c088ac6e1372485ff3f26c936b4c78b7ee0d6d6d67ef84ddcb9a3bfb8703f03e8df5b0bb23383946e5bb53e79235c08908d4e0af619cdd8c4ec0e259cb25e36b2be3fdcfda869d57d66efe5527dd414a436b71183f4f450c3889f59c4266d61fe424808d73b62185518c3f935c2b30ad0e7c5a6cc6a325e585135e50a6356e3d331b9fc87ff86da"}, @typed={0x8, 0x131, 0x0, 0x0, @uid=r7}]}, @typed={0x8, 0x47, 0x0, 0x0, @fd=r1}, @typed={0xc, 0x71, 0x0, 0x0, @u64=0x2}]}, 0x103c}, {&(0x7f0000001840)={0x118, 0x2a, 0x300, 0x70bd29, 0x25dfdbfd, "", [@generic="d41278bcccf53334", @generic="8d981e6d895964322c71d93c2a50460ad45b52411fef4c89223dc88dac2227ad941d52deb1ea22158a7e247077fd6e268e0a88c6c51bc7fc3593a5e2eca0a524118d40e9b94682044cebc5877169a93663c5c310df86ff5513b28ac1e7be2dbb28f0a945dec4d02273ec3e0720ea5ee5cce60a1d3f2909db473d5f4c9ffc2e336aa18a5ac077fad90da3f72ceccedadf9107a7c066c58a27003efdffe5d12c5128c75b816811f301875466e6c8d70a4dc7d5e74d5421f724339cc10a467c8d986958268d356cdbbb91f2372d6cd4aae48b386a58a7a9e2", @nested={0x28, 0xec, 0x0, 0x1, [@generic="21a639239ded49b8b7fad10baecccf29dc810c81e1f56b5cd1c345c42b884b282bc1f5d9"]}]}, 0x118}, {&(0x7f0000001980)={0x154, 0x2e, 0x1, 0x70bd2d, 0x25dfdbff, "", [@typed={0x8, 0x1d, 0x0, 0x0, @fd=r4}, @generic="7f42fe65e5a5ffac27d7789ce96329265004a6a40a60d70a00b7dbf7f1748681c9b39d218310d2cb9aa567367a98b2cae8b1f4e282b46e8a1cb59b4f1ac1c9f7abe0a3cf24cfcee9784adc3c5edcacbb01dd765190733218a8cb6d13a6e667e43a126b8d3dc7b966ff42c33391d6bc64efcb23a9263c6b91387a95e8f6d717ef85229c31ba28d329965cf933874cf2d9cd40b2504b73280e53dc3946eef04b89", @typed={0x4, 0x142}, @generic="7ffda1a70dd216d65b4d74b3c073ef9c748c7f84c65174258760bdbc45fff9f12fb0964908b4d67155690389c26d4512cea17870e9a3493f8974bf3f2733bc0bdd247715a58a9e73f9d159047bde20bcfdb03672d3a6b125632eae71bafa53c05ce787225607803a4f3468de975ea12fdb343c29cd606465ea0868cbb0b0d210bd717cd651f1bae72f8a7342265eed0f5e88ffd59320743e"]}, 0x154}], 0x5, 0x0, 0x0, 0x20040000}, 0x4044044)
r8 = io_uring_setup(0x8, &(0x7f0000001b80)={0x0, 0xce59, 0x80, 0x801, 0x14a, 0x0, r3})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)={0x28, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0xc, 0x7d, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x5, 0x3, '\f'}]}]}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r9, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x3b68, 0x5}}}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x12a1}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x890}, 0x40000)
r13 = socket(0x2b, 0x1, 0x1)
connect$inet6(r13, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_team(r13, 0x8933, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
r14 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev_snmp6\x00')
ioctl$EXT4_IOC_GET_ES_CACHE(r14, 0x4020940d, &(0x7f00000002c0)={0x4, 0x0, 0x2, 0x4, 0x49249e9})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000380))
r15 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r15, 0x4090ae82, &(0x7f00000000c0)={[0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x200000000000000, 0x1ffffffffffffe, 0x0, 0x6, 0x9], 0x0, 0x8340})

4m8.489089883s ago: executing program 2 (id=539):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) (async, rerun: 64)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) (async, rerun: 64)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x3, &(0x7f0000000040)=0x2) (async, rerun: 64)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

4m7.943765536s ago: executing program 2 (id=541):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0x0)
r3 = eventfd(0x0)
socket$packet(0x11, 0x2, 0x300)
fsopen(0x0, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f00000002c0)={0x2, &(0x7f0000000040)=[{0x20, 0x2, 0x0, 0xfffff028}, {0x6, 0x0, 0x2, 0x3}]})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000380)={r2, 0xfffffffd, 0x2, r2})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r3, 0x1, 0x2, r2})

4m6.515830604s ago: executing program 2 (id=544):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)

4m6.016674282s ago: executing program 32 (id=544):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)

54.291689314s ago: executing program 5 (id=1238):
memfd_create(0x0, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80000)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
r4 = syz_open_dev$dri(0x0, 0x10ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000700)=[0x0], &(0x7f0000000740), 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r4, 0xc04064aa, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000140)={0x0, 0x20, &(0x7f0000000040)={&(0x7f0000000380)={0x48, 0x2, 0x6, 0x101, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, 0x0, 0x4000084)
syz_open_dev$tty1(0xc, 0x4, 0x3)

53.263527979s ago: executing program 5 (id=1242):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
r1 = socket$alg(0x26, 0x5, 0x0)
ftruncate(0xffffffffffffffff, 0x1f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r3, 0x0)
listen(r3, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x4000000000001a1, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000280)={'syztnl1\x00', &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0, 0x2d, 0x3, 0xf, 0x7, 0x1, @private0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x709, 0x20, 0xb752, 0x15dd}})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)={0x3, 0x4, 0x4, 0xa, 0x0, r3, 0x6, '\x00', r4, 0xffffffffffffffff, 0x3, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x5)
ioctl$TCFLSH(r5, 0x8910, 0xbffffffffffffffb)
bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r6 = fsmount(0xffffffffffffffff, 0x1, 0xf8)
r7 = socket(0x2b, 0x6, 0x5)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r6, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x68, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xbe}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_LOC_ID={0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000010)
r8 = accept4(r7, 0x0, 0x0, 0x80800)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), r8)

52.706770126s ago: executing program 5 (id=1247):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @empty}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xe1, &(0x7f0000000000), &(0x7f0000000080)=0x4)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e00)={0x6, 0x17, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000010000000000000000feffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900e20000000055090100000000009500000000000000181200009dba5d8304a93afd169734f2e538e67adba1ae61", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000184200000100000000000000000000008520000004000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0xa, &(0x7f0000000040)=""/10, 0x41100, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0xffffffff, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x10, 0x211f8, 0xfff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000300)=[0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000380)=[{0x4, 0x1, 0x5, 0x6}, {0x0, 0x4, 0xe, 0x9}, {0x2, 0x5, 0x2, 0x3}, {0x1, 0x4, 0xa, 0xc}, {0x1, 0x2, 0x4, 0xc}, {0x2, 0x4, 0x9}], 0x10, 0xd7, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80729fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a5517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000047e628cd57cde4268f47c9aaec3a3dfe43e032b88ea53656a8740c1a4e0a99be5c97ba451d8b2b0f4e12ba96082e0f6b2dabe716699090058e61a38ce85611945106dd1309087d3a2cf3aaef6216ff3720c3917170544a509071166565eaa3c9285b5227f520cd47"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffdfc, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x28, r5, 0x1, 0x0, 0x0, {{0x38}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xfffffffffffffffe}]}, 0x28}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r8 = getpid()
sched_setscheduler(r8, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000480)="b9ffb2ed6844268cb89e14f0886411e0ff15661aaa50e7369dfbac141416e000004062079f4b", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

51.728691456s ago: executing program 5 (id=1253):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x0, &(0x7f0000000040)={0x0, 0x0, 0xffffffc4}, 0x2)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, 0x0)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)

47.254000253s ago: executing program 5 (id=1259):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001000000000000000900000000060015000200000014001680040008800c00028008000100"/56], 0x38}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0x40049366, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0xd2)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_UNFREEZE(r4, 0x3302)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={0x0, 0x1, 0x90, 0x9, 0xc4, 0x4, 0x157c, 0xd2, {<r5=>0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x43}}}, 0xbae8, 0x1, 0x38ba, 0x5, 0xfffffff1}}, &(0x7f00000000c0)=0xb0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000100)={r5, 0x8}, &(0x7f0000000240)=0x8)

45.532110333s ago: executing program 5 (id=1260):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a31000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a310000000030000000050a01020000000000000000010000000c0002400000000000000001090001"], 0xa4}}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @main=@item_4={0x3, 0x0, 0xa, "1bd516e5"}, @main=@item_4={0x3, 0x0, 0xa, 'L$pb'}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @main=@item_4={0x3, 0x0, 0x9, "84e5821a"}]}}, 0x0}, 0x0)

29.572853166s ago: executing program 33 (id=1260):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a31000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a310000000030000000050a01020000000000000000010000000c0002400000000000000001090001"], 0xa4}}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @main=@item_4={0x3, 0x0, 0xa, "1bd516e5"}, @main=@item_4={0x3, 0x0, 0xa, 'L$pb'}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @main=@item_4={0x3, 0x0, 0x9, "84e5821a"}]}}, 0x0}, 0x0)

10.418907383s ago: executing program 6 (id=1299):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x617, 0x4f565559, 0x0, 0xa, [{0x0, 0x800000}, {0x7}, {}, {0x9}, {}, {}, {0x0, 0x7}, {0x3}], 0x0, 0x0, 0x8, 0x0, 0x6}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0xfffffffffffffdfa)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='tunl0\x00', 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x6000004, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}}, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f00000001c0)='./bus\x00', 0x0)
mkdirat(r4, &(0x7f0000000040)='./file1\x00', 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a1})
r6 = epoll_create(0x651)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000300)={0x20000000})
madvise(&(0x7f00009b7000/0x2000)=nil, 0x2000, 0x4)
read(r5, &(0x7f0000000240)=""/131, 0x83)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
accept4(r7, 0x0, 0x0, 0x0)

9.459154116s ago: executing program 6 (id=1372):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/fib_trie\x00')
lseek(r0, 0x7fffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt(r1, 0x1, 0x10000000000009, &(0x7f0000000180)="00050002", 0x4)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x4, &(0x7f0000000200)=0x417c, 0x4)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x80010, r0, 0x8000000)
r3 = io_uring_setup(0x1b79, &(0x7f0000000000)={0x0, 0x385f, 0x0, 0x0, 0x46})
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0x1a, 0x20000000, r4)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000140)=@IORING_OP_STATX={0x15, 0x2c, 0x0, r0, &(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200, 0x400, 0x0, {0x0, r4}})
socket$nl_route(0x10, 0x3, 0x0)
removexattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="757365722e28dd2d2a2300"])

7.211712611s ago: executing program 4 (id=1378):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000002000000020000000400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000012000000000000000000005fe8010400"/28], 0x48)
r0 = syz_open_procfs(0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x11}}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000300)={0x1, 0x1, @stop_pts=0x1})
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r6, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x300000000000000})

7.10779756s ago: executing program 3 (id=1379):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000400), 0x82, 0x0)
io_setup(0xff, &(0x7f0000000080)=<r1=>0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x2, 0x960010, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2}])

7.107388071s ago: executing program 0 (id=1380):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085000000700000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000280)=[{0x7, 0x2}]}, 0x10)
bind$bt_hci(r5, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1802000071e6000000000000000000008500000027000000180100002020692500000000002020207b1af8ff00000000bfa000000000000007010000f8ffffffb702000008000000b703000000008000850000007b0000009500000000000000bc08e7f7c966a8361e6bdea4d05aa145488447a281a49ef8db3804e0de3d402153a1f5775e77bb130ead1455bcb63c36e2a9d57fdfddd97e36886f13c661b7b6f5d00ed88b6f79b6fcbb5455be551317b9e3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000001000090000070fb0a38c16128bf92720000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x50000}]})
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000000)={0x7, 0xf, 0x9, 0x9, "4ff16929eeefd5ad06861377209e6b8b41abc722cc4380ea68155bfc59e4ead2"})
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000200700000000000000f4000000"])

7.103701946s ago: executing program 6 (id=1381):
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80081270, &(0x7f0000000040))
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000240), 0x4)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f0000000040)="363c8f3fca5d66571e583e7c88a8de0688a8", 0x12, 0x0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)

6.970433386s ago: executing program 1 (id=1382):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x617, 0x4f565559, 0x0, 0xa, [{0x0, 0x800000}, {0x7}, {}, {0x9}, {}, {}, {0x0, 0x7}, {0x3}], 0x0, 0x0, 0x8, 0x0, 0x6}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0xfffffffffffffdfa)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='tunl0\x00', 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x6000004, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}}, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f00000001c0)='./bus\x00', 0x0)
mkdirat(r4, &(0x7f0000000040)='./file1\x00', 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a1})
r6 = epoll_create(0x651)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000300)={0x20000000})
madvise(&(0x7f00009b7000/0x2000)=nil, 0x2000, 0x4)
read(r5, &(0x7f0000000240)=""/131, 0x83)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
accept4(r7, 0x0, 0x0, 0x0)

5.886111708s ago: executing program 1 (id=1383):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x0, &(0x7f0000000040)={0x0, 0x0, 0xffffffc4}, 0x2)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0xd, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded70f64785a5887c31261d4b9e57ee07000000def8f255ca26108f11f02047d47f2d0fec30f7e92182f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988845e9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)

5.885654608s ago: executing program 4 (id=1384):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
fallocate(r1, 0x51, 0x9, 0xe0)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="180800c91b6b2e00000000000000000085000000ba000000a70000000000000018000000000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_FIOSETOWN(r2, 0x8901, 0x0)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x637, 0x30, 0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x363d7965)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000004000000040000000800000040000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000f2ff00"/28], 0x48)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
r4 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f000000bf00)={0x0, 0x0, &(0x7f000000bec0)={&(0x7f00000001c0)=@ipv6_getaddr={0x40, 0x16, 0x1, 0x0, 0x0, {}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}}, 0x0)
read$dsp(r4, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f00000000c0)='lazytime\x00', 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000001580)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e24, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000d80)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000e80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9463218ec45924a99867163e468d36a682fadd749caa325e685d75559887139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba5265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc23151471db38e42b87b7b5ab48f049f679ab3a8beac48d0f0216a95ef5600"/240, 0xf0}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3, 0x0, 0xffffffffffffffb7}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)}], 0x1}}], 0x3, 0x240080e4)
socket(0x11, 0x2, 0x0)

5.807569988s ago: executing program 3 (id=1385):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000004100)='sched_switch\x00', r0, 0x0, 0x96}, 0x18)
r1 = geteuid()
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, r1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="68000000020601000000000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a30000000002000078005000300000000000c0001800800014080ffffff05001400fa00000005000500020000000500010006"], 0x68}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='thread_noise\x00', r0, 0x0, 0x401}, 0x18)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
r8 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
connect$inet(r8, &(0x7f0000000200), 0x10)
sendmmsg$inet(r8, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
bind$inet(r8, &(0x7f0000000400)={0x2, 0x0, @local}, 0x10)
syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000080)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r7, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}})

4.265410791s ago: executing program 3 (id=1386):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x8, 0x2)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)="c4", 0x1}], 0x1)
recvmmsg$unix(r0, &(0x7f0000003100)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000001480)=""/4097, 0x1000}], 0x1, 0x0, 0x28}}], 0x40000000000038c, 0x0, 0x0)

3.959977089s ago: executing program 1 (id=1387):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=@newlink={0x4c, 0x10, 0x403, 0x1, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4, 0x3}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}, 0x1, 0xba01, 0x0, 0x4005}, 0x810)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
ioctl$EVIOCGLED(r2, 0x80404519, &(0x7f00000005c0)=""/4096)

3.831449043s ago: executing program 6 (id=1388):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x12, r1, 0x885c4000)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x103)
mlock(&(0x7f0000146000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3.699887268s ago: executing program 1 (id=1389):
socket$inet6(0xa, 0x3, 0x7)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r2, 0x11, 0x6, 0x0, &(0x7f0000000140))
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x7, 0xf, 0x6, 0x9, 0x4, 0xfffffffffffffff9})
socket(0x15, 0x6, 0xfffff800)
socket$nl_audit(0x10, 0x3, 0x9)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000340), 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x5, &(0x7f0000000180)=0x80)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$SIOCPNENABLEPIPE(r8, 0x89ed, 0x500)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8946, 0x0)
setsockopt$MRT6_FLUSH(r3, 0x29, 0xd4, &(0x7f00000000c0)=0xc, 0xfffffffffffffd0b)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r9, 0x4b66, 0x0)

3.683659989s ago: executing program 3 (id=1390):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd701004000023eac718bb7e1d0005000000080009000200000008000c00a80a000008000b000005001200080000002001000000000000000000"], 0x3c}}, 0x20)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000001800), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r3, &(0x7f0000001040)=[{{&(0x7f0000000480)=@ax25={{0x3, @rose}, [@rose, @default, @rose, @rose, @bcast, @default, @remote, @netrom]}, 0x0, &(0x7f0000000900)=[{&(0x7f0000000080)=""/36}, {&(0x7f00000002c0)=""/30}, {&(0x7f0000000500)=""/137}, {&(0x7f0000000680)=""/169}, {&(0x7f0000001840)=""/4096}, {&(0x7f0000000740)=""/204}, {&(0x7f00000005c0)=""/108}, {&(0x7f0000000840)=""/79}, {&(0x7f0000002d40)=""/4096}], 0x0, &(0x7f00000009c0)=""/76}, 0xffffff33}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000a40)=""/160}, {&(0x7f0000000b00)=""/72}, {&(0x7f0000005d40)=""/4110}, {&(0x7f0000000b80)=""/142}, {&(0x7f0000000c40)=""/142}, {&(0x7f0000000d00)=""/219}, {&(0x7f00000003c0)=""/19}, {&(0x7f0000004d40)=""/4096}, {&(0x7f0000000e00)=""/21}]}}, {{&(0x7f0000000f00)=@rc={0x1f, @fixed}, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)=""/77}]}, 0x45c1}], 0xffffffffffffff10, 0x40000023, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x0, 0x0})
r7 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f00000008c0)="3080", 0x2, r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240100003b0007010000000000000000047c0000040000000c00018006000600800a000000010280f90014"], 0x124}}, 0xc000)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r9, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000240)=0x4)

3.253175109s ago: executing program 0 (id=1391):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="5400000010000305000000010000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b000100627269646765000024000280050017000000000005002c000100000005002400000000000500160000000000"], 0x54}}, 0x0)
ioperm(0x0, 0xfffc, 0x8005)
syz_io_uring_setup(0x4a8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, 0x0, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x281, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
syz_emit_ethernet(0x2e, &(0x7f0000000500)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, @remote, @val={@void, {0x8100, 0x0, 0x1, 0x3}}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x9, @remote, @private=0xa010102, @empty, @empty}}}}, &(0x7f0000000540)={0x0, 0x1, [0xf20, 0x5e2, 0xf23, 0x50c]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
getsockopt$ax25_int(r3, 0x101, 0x1, 0x0, 0x0)
prctl$PR_SET_DUMPABLE(0x4, 0x4)
accept$alg(r1, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f00000027c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002780)={&(0x7f0000002740)={0x40, 0x1411, 0x200, 0x70bd29, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_RES_MRN={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000000)="1ea5039a923788c32d0b531ee032af8f929f4762b0e0e76404c622210cebcfa6a7e855d0432e8042063daf2cf2b3714e907ce95deb9085e24d64b2092ef9213e49e49a38ca3a8c770a53a35364b9a049608824dd295a5bb088295aad360f4e94429134bf63d22916c99d5d2c3e5d8ee544a3a56c7404c56a343a3b161e91b54d73c011c98b8210ec5803de41bc5fc74f34a99ce1ed7655106aca495a44a7aae3468fee93dcfd776920c72ca5a97b9a06129ba63a78b15674b3ebb707cbac36ede80f8ea98f2da7da9af4e04109402a09ba608bcb69638e0571b4e48d", 0xdc}, {&(0x7f0000000100)="8ad435f725690200287c264c8b7671a7", 0x10}, {&(0x7f0000000140)="bdb8d7ed0fb23c5ce764d0654d139fb94bb4b95862c41dfea4b71050333a5f7079f6304fe2d1c5127cf4fbb237d66f71d2b98a3470c0b0b641bad37cdb0492c3cedc6dc371816a9c01594c9f40dc96763b5c4899e88d1487739223ef090cc63e7ae646276216b1b369a2d0e9b19684692924dc26bb7a144d2f048061e878d5294d496099df073a7da45297a586", 0xa5}, {&(0x7f0000000200)="9b2ca7bbfcb92e75b858d391ad8b37fd648c5592810c0ae9ae7f8a8942734742f9797cc818ba2fcfeba77a1a161b8f5494f934753f221cda25ef0709f2ee94d95ccf0d83af6474a955e9a4656f2a1f154093af1dac8d8241e52d51e668ef5291ecb04ee707088e4e4bd6e80162f2154550bc7174a8a2a5d8b7bdacfcd6c017072fa56835fcf8e60199052b48baf7d5cd7d536efcc699dd57e37da5012caf81ad6a9740a16cdf1eb26261c7a20bc57189ade1dfced3721fe6310cbfdfad5b381bd14aca048576a1b7d39a324ce0736673", 0xd0}, {&(0x7f0000000400)="15f2dd45d55ad6b721cc27b2c9d90d1ecfea8f2104d249d47f784335cccbda04c48abf40376f3cef50078f602bfa9078e1db2d9e4a1de17ee652f5d0f670d2352fc6e10a8c60ad3d13382ad2a3fb6c2022d4d878a1e4897d22b7c9af58adc413f8cb5e8b09c07a06634c96ee37913a46d0d4d3eee39fb0c0747a59b2", 0x8a}, {&(0x7f0000000340)="decb15bf0a040b6c900736af50979cb2273d33c685126cee33fb6457df1c50059a0ba2df9f1cbf13a74380c64ecd937c", 0x30}, {&(0x7f0000000380)="c46a728594", 0x5}, {&(0x7f00000004c0)="dbed14bf105607d4fef36ba2f2acc625fc5400000000452604743465d06a823061413a1d9b00000000", 0x29}], 0x8, &(0x7f0000000580)=[{0x1010, 0x117, 0xe, "1779eb83af60c96dd5d635c1a53ca2caecd910dcea8c6a27ea5c2c982bc0095d00a1b0a29ef9cdfb0b56e8b50885560f74843a7582f142b8cb549a522e076753ea6246824642f63646e58a8c490b7620a4bab2d19173a2d65c019635eab87c5629f8bc3fc94f0efce9c1570c2590fc498f528dee138efe849f418581fa0d7491aa65c58764cc9e09d228b5082c66ee8cd08c1c595808940628e5eae150bc345e96cc14eebaec1a90792398da952ca3054c81b5e25896ad167b736f71e4fecf80e202bbf7e502af4c72b4e3a6ef4c1679b528e424db7d031499060e29ffa3051771ef0a561fd5db6d04e4c10c75b9c68ced10791dddc120303c918189bfd5a9701a94130337f46d91c5d2f88d7e789a322fb15643662d05ca9a8458e32b3c7c4337cbf7c23e4b540c33afcdb6460da0d83172c096d3aab9ada9668f0386524f5a95eb26f2491c238f983ebb0eb1aa0f2e02112a427b4fcab9cb4e3f1274bb958b128200882b682bc4a383b3600ef8d64b41b919c01112248e752df623d80095c0d34f93c45e4f7e4e8c2fa1b07b8a85556d90aaae31fbd2a7fde9366536b3231b2a1aaafed83f5b89d61e55bc167f831569232cc22ccd2545631c1f04fab8007b7eed653f5f7b4d76c6d3203384dcca2d0cecc235fe484f453ba9461dedc020ea6898c895e44ff85dc77df23f08cbb8c52176fb76e6260c8bbd9c807433b3ec8c11ff7d6850d926771059e18724cb788910375426aa7b7433e092657596747e5ea2a936eba21556e1baae43683a250064bf3f9ff5b6aaee46b8f9d5ca0b5d520eac7698c50a070f89172cf7bf44c170eb87968915349228feb2583fdf3ae81227a7ee95daa245bda090010fe44f16858264235fea15968f1520cf1cdf211755d6ecf15bb7badf0e2fe55de3fea92f0f0a450ec415b5a10849a22682d0b7e2dd6fb7b412f0f12731198c88757f70acd3c8d6dceb3c727a15b78b6d53407592d6ac0e2562f5113aca0f06ba294595f7018fce0cdb79cd5dffedb74b551a41f96e7592d27326029c52216ef0b17284db4cf07784f2209d79562043b15e42fb3c2a4f913664b56301b685af557615a0d7b9380dc7e2d5fffef0a1ea7fcac586f34b5a8bcb2e392959c7e7e8c33954c1adee338787ce1168a629f0e7c8d8430b403d7153ca95bfcb9117f22a7a064a83d1ea3f1e269376862b384c1b99b5b695ee328a809b9ac109a224eed0abe6bd58d41a42d8fe32fc07a7105725e8e43b20cc5abd4e5be59d3669a3c2c5ee8662ecc1f08649ad882f62738cb79674616a51f989a5f66c000e32d930a0885d34347ac711e081e2f68e3fbbe1fd67cb9bea3a0638e64bd76417a49d3eb93b3fcd62394cde176527e6740835c9403cfdde02452ab8d5df61d03ac94bab8c1d59fbd1a4c74edc053c80a522d443500ba455e826a7f7760a2183ca5ff9022c3e996e74c27e529372bdf89083884719a1ce5970cea1533726730641514c75b6750ab34fa2502058464d012c82789f02912ee12714e19756cc501db3616104f16dd907e00fc3055fe74f407ce5d71dd48eabef3afd705efb3f9b8ee44faca248a5fc21da810d7742c1d4c2443c7ed6058135207d31d633bdec0fe9d4115e89ca0569501e6120301afcee519b4724b05bbc9ab891c03ecf9cfce172933672fda4e38d34a62bc1e5113b7f8235a05ad7e2f9c73d6e1c8cefb8cf16bc99d3fc5c71ff77b0eb01c0899c09aac279ae34b35f89571eef7a8e23cb09c1dfa0541665ae9d1ffc88315534fee3a37786dbd1954eb2a029b3b482370690182d71cc53eed0d98124c695fa70ce53f65ef54575b08d9992d9e307992b60b9d5b309cb4e974ed4cb13ef68cf31214301ecd39e503a2d01ca25f44811c6b32aba7403c8d5990df343a1660360d10edbbe70bb2cb78147a2cc1c031d391297954c05a47d9c5dcc2a05c18f11b6a96bc221718ee33f4e8dc86fc2a7cdcd68020df00eeb9e0365bec8bb8ae12a200abb45ba21527b3b4e7093ddac5b5f9e9284e491ad1d2d5f17dbd6c3e53c62aa7deec29057f9be6fbe183e9944ca945d4c65acd6418bd7c549a78ddf85964337cfc8b70212c441e4538159e3b2d0b75c7dd7f8ef47f8e351f7784d0fba0ab16a146c7891f04113e1cefb23ff894d82bbfa2b6ae4b2a95f0b721eace7d5a37bc563b8e887a76c2dad51559c746b5ecdcde0bba5b80e0293842eeccd67f4122fe5b09188a049bb3f948ed34cb3cd581921a41083143cb51f4adc5886fc9ccabc96edcbf0ab6096d80c25a5b2482bc70dfad7db305e89d0b42ee4c0e01041de826fcd84558ddd892cc5b6ff9b84768f3165eecfdec862c2db58f5c3987bbe65f8ee26af500f1d91633e06f6ecaae29ec3c276d60b626d82b37f2dbc4a9bbebb1f64fe7ad3250d92f44b33a686c5fde3acc1a6bd895175a7a661b863145f73c6d70b9f0e3a6e1b7d0aadcacadcad5db76d76f5bbd7a0d72422caae59eaaa0214f1e77779c54a8b8f1d93adb41306a07b488007114deb2527b41085b28958a5b50f67cc36aaec19530436ee6be5e956f2306a7e33cfa4207b69891f50cd4c5f6d1e566aea656732bc3747e3b743eb566fa152b1ba5268409ed2a5432cf3483cffae4e1f88b4fa9a1787b4988ff9b0b0504cf39c7ee41d1c2ceac7dcfe26d60fc0c27ec92ad18e54ce4565bc7d53baf44878add0875a0897a9d7c3138acaae73de5f628732d1cb9c01131586f78ebd700676bea2506ac413e666fd4cf9398e10e5ff94d051957c1d993a35c7cf89669edbf531fc93c6d8c98b2f52185eab48550e9a552c69defae058e6f4ef80d2d7074193400eadff4959b9816f6b9385678f87d777323a75f9f35260713a4137970661b3836c5c0a7267b9ee356e8477f8420326c66fcaa2a5e4e3967229c34ccd2239135bcd790ceb78f0184dde7b4b6b7f992aff323535e269615fbd0b7934801c16ca9c2d62d9ac60150e2ec031c6fef508d9b6be294c42aa547fa1a1662b7d96bebaa879896d66a4fa23fad24476ce532b16b0ab84058c8a4ada3c1c78739235dc8ea2396ee2e091e852745189e548cd232e283e5827a3c4d73d66975f3e98078dff03730a460d81bb4bf06e0df32a872c9c648a92fbca5aecf28ca2ff4265551ee0d67000b01e4cd2c81ef6a8e0ca45214bc2b65121a461f650e551b3e222d7867388240b3241bdbbb1dcb787fc903c0030baef5ebc1cdabcf88766583d680652494d4e3d9de37ca7d28d2d85ddf55325c6b1fd3f8118055c0422dcf54974dceec4cd84f81c174c8a454ed53e23bf93fa45b26a07e72769839ee318bb29a822ed101fba0ad60c068b2b0d17f52337940dfe4115f2ad643b7ea9bbe3d337677a3e88e0c70c1471695e6504532abed132a62587df247686b9a8311165b82ecdc1849694e47b292607f4d4f98ceac4d2ff5432f88c9ed6149cc82f362c94743cb76f75dfe391c16841967c81938aa87a97b5db1f8c2705e125096fe47f67bda47ad42039e26fb018f645b3ce8bc8d55126179ca901428f04ed9237849c4963d413bdcf1b491059b84d39b964701c61550036e9fbbbf5d7cf42d0d038d346456d97b3bfd20a5922cf0241b94581a0e64d4d05e71a9fe3babb7cb6dd995db6ec7bd14856c244c4184ba334ae1c80873d9f837644f13762f3fc70337e34cfa8152a01273a5460695041e1eaf209769d22b930f964425a3004ca5f67fc664f4e8c299847916a9d2065141d2ab318405acc7a6ba005f8aa69b1f95500d08ec8a0f8e10b4502f200eb10ef77d2f60f8db123ae66eb83c9ca1a5d928767b1df72c16ae1e9c9f0605b664b3629abf7ef67f3936a44902534092fd36bbcc1371de7bf073e38515e55a9f98da9db48034229f63510cf9085ccbee8fc3b62d181d047fe5a0a2eb4bad518e32220ec4007880e819131f842e60e7470b41e908aa050c4aeb469e3003a5c050203588a8ec03f45c770cd9934174a6505237dbcf5cd5c44c3053c6c2edc571b4f02068d45d5d3423d81329d1c0a0d1366687a41f41900d062aa1526f7fe69fd69a4b0b7210f36bccc39522b31e12ab21c852bfeda715862b405280b7a47b280f813807131f52aec2c43e04e5ff88eaa1f386a70224c8f0d89cea869306e89f0c681fe839a4fa6cdeb608bdc50f86cf9e813797216b50ecab75a469b770a3ed4a127641eb375c8d496f8ffeee80b055308cb87b4d367dac39f5a0da9cd71ed401ea13cc922c58b47a6903ae45ed83d7a1f8047520c5a68fa57c3f79566256a47e70e032f37cb0eba0bd15a5e61ac4774eef7bfe91b76331d83be49a06e22ca9f35d9f6b40c0c34db6c294b1fbf20c6830ae32861fa733fa6026beba2b96dfab9161e1ac36fc4582419152b5408d8dd99aa53ef99c4c9711da51294f06c38541d6d1fb5b3fb59891c32b8aa4c0ff2b95fd438e6808859e27c0139d005ea04ec84d5ec886cb81ff2f94902532ef395e6963ab390374ecb52e1d8a81428a5213d53c26bdc9e1f3fcc174b29521ead22a5ece4c2f13102cf1e4ee21661b317a558d54a29f463651f2cabed708b3fffba656fd86b86cc1a1ac41761bf91468053a826b81ce9b168eba7358f19c6aeafc51c57f217f63d99b18e2b3f889b80e750d9298a0ff719481ce71a1e052ae2182ff084a47a966ae1163ecf25ecba234fc107aebf24216ae00bde26b0ee02dac6a22bfa72a096b7ec2af3f3e3ab619d7d14c9bf11b4bf71643c9c36dc133b7c27852be2b55181ec443f0b567e2443df0fddf0c1bccb4030a14cd8f3aed70ad7d67aadc5d28baf40544c1d38d19b9bab876cf7bb622dc37541c79fa9edced2041d346af2a853a87d391463b6fe856e820a4ab035984140d50c220e90620a463133b235a4bb3cadd1b71f102ec1614f491d161f0f90947a1340398bea87344193954158755b7528cfd5be82e0b1157c0587b23b5d8358ddb8c14507f15b420ef03f0ffdc85f228d0cfdf8f830033883f71c38b6e3d8f09a918c407e7a8bcb64ec78534ac13c03820dce56e69e7464a1a2ed570392ab099849dfa9ebd4c824dba32f55140f7946d9f5d1bbce7d81be97d04bb3e3499baf6ab87d78729a831d90bf76bb8ee83f5806cbcccd37f3fad3a8a1a191cc13f0b981b8b753f91628d883a48c5651dfb97bb45ca6d4695bb2f87779f9a11ae29ec840bc4c882789611cbb5acb4df0029f8b8fbde8806da115d8718c7117ee8010c216184192397dcb29da765be8e45b8988db059f7e3fb4a3f7fab26987cfa3c370f0a82a413c42e76cad5f3bd776f4487715026d22b68d24573a2b9882c52d62e4e1e0eec8b7cbe205446f9b6e487611138f2c841326df9a706ab3127d62c0333cc0ac4bc90f445a56573019c2259aa5ca219d60aa8e6190ed7f7b91d12995eb3166e72dfb02d40f00a4a15c52c6dbfd32d5b364a4c14d94596b5bf6d77bcc2c62f742e078f05d97486d4795680bd56192ec046a0ba3b2221e9e77104fe419f837724ee8b3e856f925b5c1d19216718e872462cef6231e03e2fcd26693041104dbe6956784fb1a4ab4d23e1b259b8d8334802de6407b0a35c3ba386f940d01b75efcf4fa84b749b5505498129df9a4d291af5b574de9b7a10e09e9544ba9a027cab87c527772ee8baeced12d164da22e73b145f447790dde831834cb3393d8210bec56c90ccca35cf65b576002746d810b621bf5527eb55150874fb94ca4e1b752e99c4e92a488eae0a19e6548221dfde10d78cc5bf8d1a5a99f744739d1b52f"}], 0x1010}}, {{&(0x7f00000015c0)=@ethernet={0x6, @link_local}, 0x80, &(0x7f0000002680)=[{&(0x7f0000001640)="003ca6b0dbb3ea8b052c53b04a34dbea96f800", 0x13}, {&(0x7f0000001680)="8fa34aab6af4a0daefb96ef43ad9a9f4961a3f89804b4be4c6fb237844e8852f7e870a17ca5b11201c7a4541a5ce525dba9bc7a219d424c17a26d1040cb9caec43de862b277ba37e57ddd0b75135027dd8e2841df2ff6e363ceeedfda559daff28c58330f4fe7d4d5abd2ac8c23278b21c5ef2f62adfb1ea5e534967af5163119025b39540a62b631bdc265f51bbd324e60327c87248f9eb6a6f2ffdcd1cd1da2a99dde482bb353263b0c8d5d736aee17bcd83cd6e4e8384309723a3ad2ecf49df2cc7e2379ea72d699357891a8d474780e5930a2635ebe58eee8a38b9089ee03e5209da4bbd2d192c44214a848c7ab96dd0fe18978217a968ecf4ef045d7cbeb82efaa19a9c0ec25ec4076faa1e4b308cf9565d29ccb5d416af66babe4a1d034aed4b594ca5e6f0aee8988423d24a161cfd029ce8f3f0fc528362733ca7a3625d5f3c24f5e0b022f350da35a8cd065f45ae3a7d03a347d0e04e1fb03042939ac545291a86fdd5cfc829f25709490bfd1ec73c9380d8177685cd0c127caa8872d7d21fc38840503f7282b5185dd27067f48df7192945b72f3e02728de44cd61dd8b84142ed0ed57d20ea9c163d4927069de4d24d7990bded9160a4c3598f806332d066956b68f35516dff37bf197e67158e8161b2ee13ecff82210a9018c7cd2f54eb6c12173d71a5840337f8032157c635687d50edf964f24199beb565130d6b0c9285e1b0bf098b4ca08e9418213cd0f407db4ed3e7dc614476055024ea735112d97bca54beab2b524283316b61bc2adea6193921d5a15108b4a6f70b9e8e0e99d13bf852f78fa1052bf0823175a8ded638b90bda62ae5fddee6d2a13ee996029059a471a47d378a4f435a89da3729b505cfa966d1e19bcbeca236408f78898428de07ee91f934f0cb0eb1e1cf07430d9f753898ad02cb664386c2d228beb3467ab91f94cdc30e0d0eb9c3c3e6c9ae005dd633415c45126b0de8416f18484fcc2115c64cf7de18aabb2966f5d2419dc125c690741c5351a96046a2cc54a877960b7e56c159445aab1e816165d4b062d61d1629091a5e4289883d019b510d4016413b0a904311fa00edee72220433aba4339797ad9e90202fd76eb61810ccf2fad622b552956ce7596cd07be34996271aa438bdf2903079a03f5ce13bb4965a15b7c5ad50c037875a32d6cffceb7255b0e7b6aa429cd8e0e70441c465a0d613bbe804252ccb6888aa054d91f1ec6f768f59ed8271267894e7f10901a4a6de8116005e1c4e4cc28f836470c6088aa6958787c5c6fade8d4bb7533e4a58843165a249c36b1849cff51c40782f8fd987046280f7bdc2dc9da45d2dbeea0657818ff429785c31162b0d3c5d64f18b7a15661608b4969f636d64e5b6cea6117e44186fe1e84ed1c55bc6d35f78a4743dbc9c048e25a79b7989835c1dac65ad3bf2891b185f0338df977e2d259f7b4ac258ab24e88eb49b4e30a35ba5b04801a268657c0ac90200a0f4a60022525f4dfe8125db10f25196916464096916d108601c8c76d1665931caaa89b9d3bedc145131fab19d8cd38ce70f5ba1f51e2d202cc1231ed945d1b632348cabf0ee8346796ee553399cf163aa917cd00b5b4fe0992180a3271693cd5cd92eb80f2420b8c0698b6c7893f039a962d21bced4e17ff06a8f339a474af573d99d9e775b6261b3121fc82dd98011432fcdd30213196e796f8a95bc256961401327f3a18748c43d803694c4d2de2d12b2f7fade93a58004049a8ff50fa32798985e2ff468b07619c151b7e51a81fcd391c1095a214acc33f00216beadb9745f88969116e1704c77eaf2e7f14ca15f7df1028c15670e94931224cc3aafdaac7967db5e850ca61a423f2a8a429b3e1e54f19d0647c41fb4f57518305a67b4aadbec0f838bcb7ba6b8c2f3a98cfb6f74900c3412f7d45a2e2192473beca81d179ee10f499068403254d86557b570f36f465364641aa60694136c68bb76eeef87d092ebe9a0863e9877c03c25dce50924fed5796d14f160d44f1a7e433126e4b07131bc05f29dd0ccf2461b76e94489e7ce54c1a2e03bc10238c7ce07cd52064c7acbd9d220940506ddefffe4833e9690d9d4fa18fda32beea2bf9736f2e1212aefa2365c6ba49c2f27998b2154bb0a82b5e44fb16e3ec134a87e639b7b5033cbcbc9ad028189b024543853820e7b70951203e5c35000e7c7cd06df1c5f4e7db88b8b2d60f107f289aaf9292d81d14e3e19de4d922d2b1d245f5baf0b73916c037a1ac4fc7feb395c70927aa65502032d335e492d2ff078b79942dd0b0990344f0c0f3959b1721f1d87ccb62fc9a1436c47413cb5fad86ae29aba547020b8709363ed5387b77af40516384778adc78581eb349c55ff728e9eb503360e8b3616d3ce888e4d2cf005b20549cb1ccf04b3cbc0cdd2b1231fbefc8e1565f4bcbafabc1c5bffb19163823a701d1b07a4beb6b0ddf79be42d70749e285e9326fa160cf369078c0a3d1d5bec572e2b10cae31bcb8cc2be04304d238d9ab6cc25699fb17d5c5382c70cd1a07447c7469074fc6276fa989cb0159bf72993decd0fa777dcb0a93af7874a98c52448039ba4ef3d7b8f6b83850cf39688f68d44891e3d25f8e7d6770d41fadda236e5b0139426f58d40953c231f1dc9b76d4d72a938540f7662b5c9f05f0f9f3df0a18c29cf57abf0b1400f9b4fc1bf06b22fab98f1dfa44dbdd323a0c1c1a1f3ad22c545960b5ed7c48500f39b4cd72eea7b2e69a2df6172616dfbb727207a194761a8adc30afbaaa6e0039a8522871f27444c84b8c4ec1b52acd016631a635112d5f46c1b64af29410f81bf195898f796a6d9d891f693468642c9e03c6b6b09eb5e65846f0c033a0bc8e375a0fb9df2ab06d6715c37ae948cfc49c8b0a1011916d3b62cb569f2877fd11ef66303ced4d83c15ce13e37a48dc41d46abd441ba1d51992c3504e3e08b684a453f52a768667e3df3a8d8510686b32a1dfa63682c6af901866deda48a7aecb26297c80bb124ab5494b8ee559c05809433ea5a8ceee0ca5a0f5b7b4c4a589669b8d4060f6660af780a9881dd4647c3c6e6f8c56b349b0ac59d91ac22de3669b21b6ceeddfc55208d2d0b828786251de49fd728685339f7cf6d4bfa4e38fa5c0b729e7189932b3893fb3b7543e4bb6b61a5c4cf841a4a6f3fb7c4e5907586393e985113b8446ebcc29648dd3d5438d2e630877944d9d0dcfee5186597b1531bbde1edfaffa0abeef957310a523d709945731a291004ff8f4d2f24060ea7a5459cffbebcf5ffea82b38aae96f64aea4dbd1d087c6860844f5571d72d29a2b26d3ddb8972db9b9c934acb9be675a3172bd10ae90138562de960ff00471a0dcf52df0a5103dd41d60655d3dcf7e8bc604024eee364d20305912fbd9c08a47cfbbf1a6f35440a0f881ea73b09c2f90754ec35d22d7d9261bae0e922598c59964cfffc17a6223deaad6f53677173fb5b8f88d01691b3c3ef38111252f29ce1b45446fb01638865589d340b30e0a6344f08bc651691e0bfff4d4528cec5bf3a6c42c8634ab46b22f3168b011c070ecaa99c88e21fe544ec237193c389031e8cbdd832c73063e5ac8416c669d597e0c50cab70c2edc5429b0279345798ab62d7c3c27256f32154f2072d39c98530f9999a5be259aeb291fbe1daf1ecee8130618216defb419240337a4182eb91bc6c2a266fa5633b1a92e053069b5076b27b3052cd83ef6a0471257eaf0179213a7c2060b9822f8b1f10421f96c6fe10fbd3bd323118f5b63386fe2761114aec4fedb3847f9f216534c4e5f8dff8e4820aaa92e049671dfb22bf2e98d3bee5b14515fe76ae0e00824e36cbedbcaf44faa4c506e0ec23bcca711ea2a4a992206dde3ed73a4abe0fcf1772fed608154e93b2bdfc7c02cfa35debfd254afa12d2ba6af89d60d5f4e3c0299267782393a81cae8e84ffc78128b9485da8261b40f11f8351477719d3a555a1ed78c7ccbab1a54adbd570780d1697bd496ce561b8ec1c7e3be86dfd010aa806e99960c3efd012527e5dc26d3212e127f76bdccec9d7055418e1c4adc4c0e93c81e0ef594aea2cac1e999abfa5187d642aa7dfe253ba848cc122d5a85a839e270a710001629c17b830b70aae669f38078780d66eec38c54e25766faf7ee48f391f228acabbdcd6c2c590caa050aa1a766d2b03e240e7f4d914b8523328717f0f0000f4af2982c2b93dd25a5418fa19405f485be442aa87ea3eb6c2fce3e72049d17edc6ce1035932029ff682f20e8b2e2ac350cd2a30d7462c2680903d4ca9d4a9c6f13798101c44397c0ee7598019e7c2ba5d7a542e66b9e90ec08b1edae293b238555a179789ea1478a7a7ba7d1c3cd0373d93e3ac7505abce04e518ee1746160bc7fb925b7f2ade3cdd13b8787d48aa2a9a87b1dbb8a82b26605bcf1329dcafebd50bd7112d27ea5b4f51f826042add608252ea13d0d6c9f7750524dee91607a5c310721d611b350b8292ddc00f3d211439ec65e75484f547ff5da4e319119e39cae7dd1151cb12ed081551ca03695bc84bdac9f5bfb78d4eaab076cf7c89741db64d9932ecebf070038bb4ad56c031af42b79a70197775e6228285e0248eb006185abd3ed99e8bd0e65e1c04393fd0986cfd68c4b08b732b95bcc688fca28f3c0e3d1d07f45bb5cb57f5c4f222a2b4a2bb833242b2fc9da09a0a0a18bea2bb81901ebf6a2cdd57f70f42d955a6c040618d5ffedcae7ac638256218d91fc0e67267ab722283bf5069ddd40c9bdced5e2b4a5bae5047fb3d9dd02affb5adc842bcfd44f2ba69198e200a3085517aa1f03393f1aa65961cef7b74089a45de2a462e6191e63b6b57e09d9cdaa71257b0d2b267685b5df2e18342222a40272ce49eda00566aa1dfc2720652a7649e7c79d58e09dd4a4b6f1438450fe93d5925d02825af412ee2e77455520f83fd08a05be2bef7e2e9a7dc77ab958880ffef5536a28569c7446b92ef1fd069b0a98061348022923002edf5e43cf2701e6593850faeccd1323b8e3b102ae20014f5e5ab877d4b18e4ffd298befc0665626c222d3694f58aa05c56fb053fc61209191a29a351e50462c7fd4c7b842ae3e339f99f784f2cde6e53481ea10acccb176093f73a84373f81ec4968bfd5d0fa0b20a67086b44f62e27bcaa481773c8529ab199d607290374173596452284ebb290b67e53cea559dbb89244fba8587132e75b682be6173b2453e5b411715f582b5b8ce686dbc9aadf9b3da78c11e5055ea92bd6fd70f2951c2221349fae8e25211ba9e7b2c65ba89e0ee6763596f7796f81f41740340ba789964ffb9a16bda673452d61ea801a5cf6a005ab301832e385650ff1c764adc71cfbea8e088370f2e1ea3c2a1ff6e4b1a6f4154a908d13507d1d8690ce0d7ea97ab27eb45c85ed59286d4627f1f953398a227ecbe992f0f922a1fc2f25ed5d7bd251075ce70fb5248a7f94d98e9b96a3fb191a18bd85c7a790fe773397010bc1a373303d381dc907991a05d46867692745c99d0952e7b3dd6befd435935296fc2a5352ec7423201469f4259cc58e212aef6bb9026bc492791848eb23835ae67a58c98279f15f2bae92c0795776920c92f3467c20a9170e3c98f4185bbc69906f65c5a0bd5a66efe8b55903075a2940c7e447c9b3cc82af312d76335307b5009ac2446848442c4e380314ded7bba21a24c5ec4d0479a4f08a51e56ba86e16a691e2ab7f33c3653b548788d7dd3bb505b32dc718e6b628e99a682ad204c777d782854bab0000", 0x1000}], 0x2, &(0x7f0000002b80)=ANY=[@ANYBLOB="88000000000000001501000006000000bb68e0f5fab2a6e598f9f74ce51ce8d168249f4545a3eb790820964f994e43f9f0190b364ee415512f2385a72190c5b9a42af9795c8cadc88ee937c82d83cf1ee45c57e240e63ecb56f874bd4b3c18f87742f329f8124e09032e12a89ee2ab4102efc2033f708540a5fa96c0d1e3df67576e0000000000008800000000000000020100008100000027cd608d4a6d8a9d2bdd249cffec00ba0605b0b7dd071e0726aeeea35b21c6005fbf962270e9d4ce2f428267f3da0f842cb4df19dd0fd5516d62c2e4f58622ac0fdc53558963f19d9d811f5e7c09bdd3de3f78aba15e76d9fc1be6ddccf18438c1862d20530c45a86b99feb35fd44d2e4a21d64ffb000000e0000000000000000100000003000000231f75916cc1e19e868e4d93d96af0189ef8f0090b647b0cb758192bc65ae2cd0078df716dcfd05e788670de17115eb4471560f5daa713b9bed7f73b6c4da49d06416baeba75890670dd2ae6147a06d5ac2c49d06311b3682d4067389d1f65b69f76a31af50eddbce90c70abff5d3795fc5e7e93094ca912f5950fbf3ad4245c6787db817286fd07825503cf24eb79e4b237cb4090ca828b54a4c5f72a7068546ae14bcf4ec12fefd1e4929ec3d8ee735dfd8a12e80ee40cf5e29836a803b86930af1b20991c48d368ca850000000000e0000000000000001e010000400000004b758515940ffe38885b14a7264cceddad72349021f302bbbafd8ef62f689f03c83a44767c81e965183accbde2baf9b5060decbe926171b0259332c2bedd560fde1ffd42a9ff966fc9f873915b8bf1a1933599cc0ef9b5f54d13b9fa43270dc05e3ca3593f220d70151c7588c7b75ac1039fe482c27d97f80d563d1fe8b2b1590b660e13d96030ea05829f70dec7ba3b5480a7621591414ff786d9f64e979e409a8e2846c43244e1f5b421212c057aebe28ab44be3ed07ec19fcb4d11c2897730a69c91ffbbd6be7bca56d0000000000f8000000000000003a00000007000000c1b06b77d11e9e007ad5ec4e5491358892cc69d49c49980789601bd7f54739783e8c91afee08d687f4f0435a17eef96fcc4185b7aca3d0168962fbea529c3304376b1ffe89bbd43e48bcb7b27ba1771388e7dcca3e2a43d54945aed81aa7a73860767088c549a81137445da6a3ab6edef1dd7b6ef971723b697fb486b71b182887cb88f302b9fabf7bdefde73ca033cbc1588a437b5edad19323c555a38aad105133913c383beb1a34783b60892d31159be78811ab4f2e28f3172c66c3bf283ea0ba12b706fb7ee24c978a99cc0618402ca29f033f9c3aeb283eb2fa59651f82307fe97ffcf68dd078000000000000000e010000020000000dc1c529fda17f394bdb38aa305899ddd19e5b1b107d4d9c9f34a34ead86e81ee80173309c310ac67ffe44e9a1f5c267f1c53c242419790f5e225a4b4a099c2905756225d41718bf73ceaebcb3f1993da9da218eee9f654a92eabb372ed2c81059935b8745e6270018395f43f72f35ca2a0bcdb02827bf53e408aae0468d598b701ccdc127cd7d1288d1718d437096ec009a19062ffab74ccb08f61da613e97e494c47c092"], 0x440}}], 0x2, 0x80)

3.159687042s ago: executing program 4 (id=1392):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='contention_end\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setitimer(0x1, &(0x7f0000000580)={{0x77359400}, {0x0, 0xea60}}, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r4 = socket(0x2b, 0x80801, 0x1)
setsockopt$inet6_int(r4, 0x29, 0x21, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r4, 0x0, 0x484, &(0x7f0000000600)=""/198, &(0x7f0000000080)=0xc6)
socket$igmp6(0xa, 0x3, 0x2)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='binder\x00', 0x1000000, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000680)="5c00000014006b0300224ed86e6c1d0002117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0bdd7000000", 0x5b}, {&(0x7f00000003c0)="1cc899f261015a3cb0dcac4804b63dfb3c32d5b076a8a7bc8b1ceb502d6df24cc75763088755b8e6834915d9a902682369b6151db0dbd0476ad73e807f53cef5d6d0cf072f9089e6f6ab410ead04e8cf638d265c40203226b4e3400e9cbc0fe8ca74832552cc92b3f3dc032f0923a166f76c335ef83019e355dc330d5b0ed7d8b19575013f08dc53bc89e4", 0x8b}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

3.060720955s ago: executing program 0 (id=1393):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x617, 0x4f565559, 0x0, 0xa, [{0x0, 0x800000}, {0x7}, {}, {0x9}, {}, {}, {0x0, 0x7}, {0x3}], 0x0, 0x0, 0x8, 0x0, 0x6}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0xfffffffffffffdfa)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='tunl0\x00', 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x6000004, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}}, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f00000001c0)='./bus\x00', 0x0)
mkdirat(r4, &(0x7f0000000040)='./file1\x00', 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a1})
r6 = epoll_create(0x651)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000300)={0x20000000})
madvise(&(0x7f00009b7000/0x2000)=nil, 0x2000, 0x4)
read(r5, &(0x7f0000000240)=""/131, 0x83)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
accept4(r7, 0x0, 0x0, 0x0)

1.733597815s ago: executing program 3 (id=1394):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x0, &(0x7f0000000040)={0x0, 0x0, 0xffffffc4}, 0x2)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0xd, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded70f64785a5887c31261d4b9e57ee07000000def8f255ca26108f11f02047d47f2d0fec30f7e92182f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988845e9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)

1.61201189s ago: executing program 6 (id=1395):
bind$rds(0xffffffffffffffff, 0x0, 0x0) (async)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10) (async)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x10) (async)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) (async)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r2)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x60, r3, 0x917, 0x70bd2a, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0xfeffffff}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @rand_addr=0x64010100}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast2}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x2}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x5}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x1}]}, 0x60}}, 0x0) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x60, r3, 0x917, 0x70bd2a, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0xfeffffff}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @rand_addr=0x64010100}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast2}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x2}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x5}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x1}]}, 0x60}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETTXFILTER(r4, 0x400454d1, &(0x7f00000000c0)={0x0, 0x3, [@remote, @dev, @local]})
socket$nl_netfilter(0x10, 0x3, 0xc)

1.611251289s ago: executing program 4 (id=1396):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x0, &(0x7f0000000040)={0x0, 0x0, 0xffffffc4}, 0x2)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, 0x0)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)

1.539607847s ago: executing program 1 (id=1397):
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
fstat(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300096ac2f49d5ee931221000010000100000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x11, 0x3, &(0x7f0000001500)=ANY=[@ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x8248, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xffffffffffffff05)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f00000c0000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
openat2(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x591003, 0x0, 0x9}, 0x18)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa6a2ddcf6177a0800450000280000000000069078ac1414bbac1414aa00004e22", @ANYRES64, @ANYRES32=0x41424344, @ANYBLOB="54000004007800015bf503f467e3f09ad1238e6e58d855acba382e1fa67b1411d2322c860110f549b14a11007a188322149d55ef34f692d591d059cfec6dbe1660bebd23d52b9c9a0222c0915e479b77c12e0ab985a20292024de84a92120fc20dbecd0bd930fe05042982fdce308d99d53508606d6c34450792", @ANYRES32=r1, @ANYRES32=r1], 0x0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000480)=ANY=[@ANYRESDEC, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c02000090780000"], 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00')
write$cgroup_int(r5, &(0x7f00000008c0)=0x80000001, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0xffffffffffffff90, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000"], 0x18}, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x11, r6)
ptrace$setregs(0xd, r6, 0x2, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
io_uring_enter(r5, 0x33ab, 0x26c3, 0x8, &(0x7f0000000240)={[0x4000000000000006]}, 0x8)

1.520508006s ago: executing program 0 (id=1398):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000010000104000000000008000008794ee0", @ANYRES32=r2, @ANYBLOB="03800000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x4c}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000300)=ANY=[], 0x0)

283.119666ms ago: executing program 0 (id=1399):
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, &(0x7f0000000340)='/dev/aud\x03\x00#\x00\x17\xb5\xf1\xccA\x97D\x9ay\xe6\x83~\t\x17\x0f\x82\x04\xf4\x89Jr\xb5\x04\xb2\x1al\x05\x87\xee\xc7\x86!\xd8ae\x87\xbf+\xb4\xb45\xb0\'B\x1d\xd0\xf2\"\\\xdb\x18\xc4\x82D\x13\xccX\xb2\xcf\x94y\xb0\x9f\xe2\xd9q\xa7l\xc7\x06Z\xb7\xdd\xdb\x9d\xd8\xf5\xac\xed\x1c\x13\x19\xa6\x8b\xe9s\x7f\xb5d\x01\xbb\x7f\x1f\xc7Q\x8d\xd2E\x8f=\x15Y\xbe;\xc6\xe2\xc8Y\x8f\xb4\x12^D\xa6\xf3\x1a\x8aK]\xdc\xed\tG\xfe\xfds\x86>^')
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x20000008}) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x20000008})
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r3, &(0x7f0000000100)={0x20000001})
ppoll(&(0x7f00000000c0)=[{r4, 0x2d8}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05000000000300000000", @ANYRES16=0x0, @ANYRES32=r3], 0x24}}, 0x0) (async)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05000000000300000000", @ANYRES16=0x0, @ANYRES32=r3], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000010000000000002e000000080003d4", @ANYRES32=r2, @ANYBLOB="0a00340001010101010100000a00060008021100000000000400cc00"], 0x38}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.stat\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="1a"], 0x118) (async)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="1a"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xd, 0x12, r9, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r6, 0x82d3a, 0x0, 0x0, 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r5, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random="0300002000"}) (async)
ioctl$SIOCSIFHWADDR(r5, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random="0300002000"})
r10 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r10, &(0x7f0000000080)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
connect$unix(r10, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r11 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r11, 0x6b, 0x1, &(0x7f0000000440), 0x0) (async)
setsockopt$SO_J1939_FILTER(r11, 0x6b, 0x1, &(0x7f0000000440), 0x0)
close(r10) (async)
close(r10)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x13)

239.5172ms ago: executing program 4 (id=1400):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r2 = accept$ax25(0xffffffffffffffff, &(0x7f00000004c0)={{}, [@null, @null, @default, @remote, @netrom, @null, @rose]}, &(0x7f0000000540)=0x48)
ioctl$SIOCAX25CTLCON(r2, 0x89e8, &(0x7f0000000580)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, 0xfffffffffffffff8, 0x7, [@default, @default, @bcast, @bcast, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]})
r3 = dup3(r1, r0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x7c, 0x30, 0x1, 0x0, 0x0, {}, [{0x68, 0x1, [@m_mpls={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1a, 0x2, {{0x0, 0x0, 0x6, 0x0, 0x200000}, 0x2}}, @TCA_MPLS_LABEL={0x8}, @TCA_MPLS_TTL={0x5, 0x7, 0x9}, @TCA_MPLS_PROTO={0x6, 0x4, 0x8848}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x7c}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000280)={r4, r6}, 0xc)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r6, &(0x7f00000000c0)='P', &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r6, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r6, &(0x7f0000000100)}, 0x20)
recvfrom$inet6(r3, &(0x7f0000000200)=""/147, 0x93, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00', 0x2}, 0x1c)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x54, 0x0, &(0x7f0000000400)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000002c0)={@flat=@handle, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x5}, @fda={0x66646185, 0x5, 0x2, 0x25}}, &(0x7f0000000380)={0x0, 0x18, 0x40}}, 0x40}], 0x0, 0x0, 0x0})

192.64241ms ago: executing program 3 (id=1401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000001600ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = landlock_create_ruleset(&(0x7f0000000280)={0x0, 0x2}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x10, 0x0)
landlock_restrict_self(r3, 0x0)
landlock_restrict_self(r3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xa334, 0x8081)
syz_genetlink_get_family_id$gtp(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r4, 0x40405515, &(0x7f0000000200)={0x0, 0x3, 0x7f, 0xffff0001, '\x00', 0xe3f})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
landlock_restrict_self(r3, 0x0)
landlock_restrict_self(r3, 0x0)
landlock_restrict_self(r3, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(0xffffffffffffffff, 0x2, &(0x7f0000000000)={0x1}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

39.625836ms ago: executing program 4 (id=1402):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085000000700000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000280)=[{0x7, 0x2}]}, 0x10)
bind$bt_hci(r5, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1802000071e6000000000000000000008500000027000000180100002020692500000000002020207b1af8ff00000000bfa000000000000007010000f8ffffffb702000008000000b703000000008000850000007b0000009500000000000000bc08e7f7c966a8361e6bdea4d05aa145488447a281a49ef8db3804e0de3d402153a1f5775e77bb130ead1455bcb63c36e2a9d57fdfddd97e36886f13c661b7b6f5d00ed88b6f79b6fcbb5455be551317b9e3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000001000090000070fb0a38c16128bf92720000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x50000}]})
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000000)={0x7, 0xf, 0x9, 0x9, "4ff16929eeefd5ad06861377209e6b8b41abc722cc4380ea68155bfc59e4ead2"})
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000200700000000000000f4000000"])

39.16402ms ago: executing program 6 (id=1403):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="18000000780001060000000000000000"], 0x18}], 0x1}, 0x0)
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x12, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@cb_func={0x18, 0xb, 0x4, 0x0, 0x5}, @ldst={0x0, 0x1, 0x0, 0x7, 0x6, 0xffffffffffffffc0, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000440)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x5, 0x6, 0xfffffffd, 0x7f}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540), 0x10, 0x0, @void, @value}, 0x94)
lsetxattr$system_posix_acl(&(0x7f0000000340)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000280)=ANY=[], 0x4, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
setrlimit(0x1, &(0x7f00000000c0)={0x1, 0xd9})
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='v7\x00', 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000003680)=ANY=[@ANYBLOB="ac00000021000101000000000000000000000004000000000000000000000000ac141400"/48, @ANYRES32=0x0, @ANYRES32], 0xac}}, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, 0x0, 0x0)
getpgid(r1)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0xc, 0xb, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645093fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31265aba9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc478a305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="3b27f4501950850000002e000000760000000000000027dbdc054bcb7cbd"], &(0x7f0000000040)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3f, 0x0, 0x1f, [{{0x9, 0x4, 0x0, 0x9, 0x2, 0x7, 0x1, 0x2, 0x81, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x7f, 0xfa, 0x81}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x6, 0x0, 0x3f}}]}}}]}}]}}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0})

19.113058ms ago: executing program 1 (id=1404):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x9, &(0x7f00000005c0)=ANY=[@ANYBLOB="950000000000000600520400fcffffff891297ff01000000000000001000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000000)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd4d, @void, @value}, 0x94)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x8, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05640, &(0x7f0000000340)={0x3, @sliced={0x8, [0x1, 0x4, 0x2, 0xd, 0xff7f, 0x2, 0x5, 0x8001, 0xc, 0x7, 0x6, 0x7, 0x80, 0x9, 0x3, 0x6, 0x5, 0x200, 0xb45, 0x6, 0xfff9, 0x74e, 0x100, 0x4, 0x11, 0xc, 0x2, 0xaa1, 0x8, 0x4, 0x2, 0x7, 0x80, 0x9, 0x2, 0x6, 0x3ff, 0x7, 0x5, 0x1, 0x2, 0x4, 0x1ff, 0x3, 0x7f, 0xfff, 0x3, 0x5], 0x800}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='contention_end\x00', r0}, 0x18)
socket$key(0xf, 0x3, 0x2)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$smackfs_netlabel(0xffffffffffffff9c, &(0x7f0000001640), 0x2, 0x0)
write$smackfs_netlabel(r2, &(0x7f0000000080)=ANY=[@ANYBLOB='-0000000000000062410.00000000000000000003.00000000000800028916.000/010)'], 0x6f)
socket$inet6(0xa, 0x1, 0x8010000000000084)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x410000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$radio(0x0, 0x2, 0x2)
add_key(&(0x7f0000000440)='encrypted\x00', 0x0, &(0x7f0000006500), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, r4, 0x7, 0xffffffffffffffff, &(0x7f0000000040))
sched_setattr(r4, &(0x7f0000000180)={0x38, 0x5, 0x30, 0x3d, 0x9, 0x7fff, 0x6, 0xfffffffffffffff0, 0x3}, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

0s ago: executing program 0 (id=1405):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0a00000002000000020000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000f7ffffff5d0985dbd8dd5f35080347c561f20000000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x20, r2, 0x1, 0x3, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
r8 = timerfd_create(0x0, 0x0)
timerfd_settime(r8, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
r9 = timerfd_create(0x0, 0x0)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000200))
timerfd_settime(r9, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000140)={0xffffffffffffffff, 0x7}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)=@generic={&(0x7f00000000c0)='./file0\x00', r12}, 0x18)
sendmsg$nl_route_sched(r11, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0x78, 0x30, 0x51b, 0x0, 0x0, {}, [{0x64, 0x1, [@m_skbmod={0xffffffffffffff7a, 0x1, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x0, 0x0, 0xffffffffffffffff}}}, @TCA_SKBMOD_DMAC={0xa}]}, {0x4, 0x14}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x20048094}, 0x0)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000000})
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x4, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
r13 = syz_open_dev$tty1(0xc, 0x4, 0x2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$KDFONTOP_SET(r13, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x4, 0x200, 0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xfff2, 0xa}, {0xffe0, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000)

kernel console output (not intermixed with test programs):

8, bcdDevice= 0.40
[  330.161358][ T7300] sr9700 4-1:0.41: probe with driver sr9700 failed with error -71
[  330.167538][ T1201] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.181602][ T7300] usb 4-1: USB disconnect, device number 31
[  330.202999][ T1201] usb 1-1: Product: syz
[  330.228347][ T1201] usb 1-1: Manufacturer: syz
[  330.232969][ T1201] usb 1-1: SerialNumber: syz
[  330.235266][ T9073] netlink: 104 bytes leftover after parsing attributes in process `syz.3.872'.
[  330.259741][ T9066] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  330.732839][ T5920] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  331.177496][ T5920] usb 4-1: device descriptor read/64, error -71
[  331.417854][ T5920] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  331.558480][ T5920] usb 4-1: device descriptor read/64, error -71
[  331.679682][ T5920] usb usb4-port1: attempt power cycle
[  331.740190][ T9101] netlink: 'syz.5.880': attribute type 1 has an invalid length.
[  331.760508][ T9101] netlink: 224 bytes leftover after parsing attributes in process `syz.5.880'.
[  331.821570][ T9101] team_slave_0: entered promiscuous mode
[  331.827745][ T9101] team_slave_1: entered promiscuous mode
[  331.848594][ T9101] vlan2: entered promiscuous mode
[  331.860008][ T9101] team0: entered promiscuous mode
[  331.872020][ T9101] team0: left promiscuous mode
[  331.883394][ T9101] team_slave_0: left promiscuous mode
[  331.888901][ T9101] team_slave_1: left promiscuous mode
[  332.027293][ T5920] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  332.059812][ T5920] usb 4-1: device descriptor read/8, error -71
[  332.327360][ T5920] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  332.373491][ T5920] usb 4-1: device descriptor read/8, error -71
[  332.587419][ T2147] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  332.728462][ T9124] fuse: Bad value for 'fd'
[  332.867452][ T2147] usb 2-1: Using ep0 maxpacket: 16
[  332.913199][ T2147] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  333.039148][ T2147] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  333.090570][ T2147] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  333.114142][ T9128] misc userio: The device must be registered before sending interrupts
[  333.133611][ T2147] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.146317][ T2147] usb 2-1: Product: syz
[  333.163364][ T2147] usb 2-1: Manufacturer: syz
[  333.176819][ T2147] usb 2-1: SerialNumber: syz
[  333.258323][ T2147] usb 2-1: config 0 descriptor??
[  333.420977][ T5920] usb usb4-port1: unable to enumerate USB device
[  333.430174][ T1201] usblp 1-1:1.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 9 proto 2 vid 0x0525 pid 0xA4A8
[  333.443092][ T1201] usb 1-1: USB disconnect, device number 14
[  333.452375][ T1201] usblp0: removed
[  333.527236][ T2147] usb 2-1: USB disconnect, device number 23
[  334.491103][ T9145] hsr_slave_0: left promiscuous mode
[  334.523169][ T9145] hsr_slave_1: left promiscuous mode
[  334.743373][ T9151] netlink: 24 bytes leftover after parsing attributes in process `syz.1.897'.
[  334.897916][ T5920] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  335.017507][ T9156] netlink: 44 bytes leftover after parsing attributes in process `syz.1.897'.
[  335.110505][ T9151] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[  335.213474][ T5920] usb 1-1: Using ep0 maxpacket: 8
[  335.221982][ T5920] usb 1-1: config index 0 descriptor too short (expected 57362, got 18)
[  335.230679][ T5920] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  335.238938][ T5920] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  335.249636][ T5920] usb 1-1: New USB device found, idVendor=1ed7, idProduct=b72d, bcdDevice=f8.f1
[  335.258781][ T5920] usb 1-1: New USB device strings: Mfr=180, Product=179, SerialNumber=3
[  335.281778][ T5920] usb 1-1: Product: syz
[  335.285973][ T5920] usb 1-1: Manufacturer: syz
[  335.295500][ T9164] misc userio: The device must be registered before sending interrupts
[  335.298080][ T5920] usb 1-1: SerialNumber: syz
[  335.319085][ T5920] usb 1-1: config 0 descriptor??
[  335.486944][   T81] Bluetooth: hci5: Frame reassembly failed (-84)
[  335.657600][ T2147] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  335.807235][ T2147] usb 2-1: device descriptor read/64, error -71
[  335.907256][ T9175] netlink: 16 bytes leftover after parsing attributes in process `syz.5.902'.
[  336.068969][ T9178] netlink: 24 bytes leftover after parsing attributes in process `syz.4.903'.
[  336.087207][ T2147] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  336.217338][ T2147] usb 2-1: device descriptor read/64, error -71
[  336.337533][ T2147] usb usb2-port1: attempt power cycle
[  336.707545][ T2147] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  336.790111][ T2147] usb 2-1: device descriptor read/8, error -71
[  337.107260][ T2147] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  337.166013][ T2147] usb 2-1: device descriptor read/8, error -71
[  337.300889][ T2147] usb usb2-port1: unable to enumerate USB device
[  337.415538][ T9195] tmpfs: Unknown parameter ''
[  337.426433][ T9195] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  337.511944][ T1201] usb 1-1: USB disconnect, device number 15
[  337.537524][ T5155] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  339.771352][ T9217] xt_CT: You must specify a L4 protocol and not use inversions on it
[  342.699205][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  342.963113][    T9] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  342.985204][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.048624][    T9] usb 6-1: config 0 descriptor??
[  343.066039][    T9] cp210x 6-1:0.0: cp210x converter detected
[  343.130537][ T9274] netlink: 'syz.0.929': attribute type 21 has an invalid length.
[  343.146843][ T9274] netlink: 'syz.0.929': attribute type 1 has an invalid length.
[  343.517515][ T7300] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  343.614041][    T9] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32
[  343.660199][    T9] usb 6-1: cp210x converter now attached to ttyUSB0
[  343.681612][ T7300] usb 2-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[  343.681643][ T7300] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.681663][ T7300] usb 2-1: Product: syz
[  343.681679][ T7300] usb 2-1: Manufacturer: syz
[  343.681695][ T7300] usb 2-1: SerialNumber: syz
[  343.683559][ T7300] usb 2-1: config 0 descriptor??
[  343.904298][ T7300] int51x1 2-1:0.0: probe with driver int51x1 failed with error -22
[  345.142202][ T2901] tipc: Subscription rejected, illegal request
[  345.210293][ T7300] usb 6-1: USB disconnect, device number 8
[  345.220774][ T7300] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  345.250966][ T7300] cp210x 6-1:0.0: device disconnected
[  345.521845][ T9310] IPVS: length: 198 != 24
[  346.186679][ T5920] usb 2-1: USB disconnect, device number 28
[  346.312615][ T9317] NILFS (loop3): device size too small
[  346.327238][ T1201] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  346.452287][   T29] audit: type=1800 audit(1732818517.376:85374): pid=9323 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.944" name="/" dev="9p" ino=2 res=0 errno=0
[  346.457253][ T1201] usb 6-1: device descriptor read/64, error -71
[  346.717286][ T1201] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  346.867514][ T1201] usb 6-1: device descriptor read/64, error -71
[  347.090545][ T1201] usb usb6-port1: attempt power cycle
[  347.517815][ T1201] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  347.590543][ T1201] usb 6-1: device descriptor read/8, error -71
[  348.196963][ T9347] IPVS: length: 198 != 24
[  348.278659][ T1201] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  348.740816][ T9354] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  348.749121][ T1201] usb 6-1: device descriptor read/8, error -71
[  349.747048][ T1201] usb usb6-port1: unable to enumerate USB device
[  350.005654][ T9367] FAULT_INJECTION: forcing a failure.
[  350.005654][ T9367] name failslab, interval 1, probability 0, space 0, times 0
[  350.027518][ T9367] CPU: 1 UID: 0 PID: 9367 Comm: syz.3.959 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  350.037793][ T9367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  350.047865][ T9367] Call Trace:
[  350.051154][ T9367]  <TASK>
[  350.054110][ T9367]  dump_stack_lvl+0x241/0x360
[  350.058820][ T9367]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.064044][ T9367]  ? __pfx__printk+0x10/0x10
[  350.068660][ T9367]  ? kmem_cache_alloc_noprof+0x48/0x380
[  350.074227][ T9367]  ? __pfx___might_resched+0x10/0x10
[  350.079542][ T9367]  ? __fget_files+0x2a/0x410
[  350.084161][ T9367]  should_fail_ex+0x3b0/0x4e0
[  350.088870][ T9367]  should_failslab+0xac/0x100
[  350.093568][ T9367]  ? getname_flags+0xb7/0x540
[  350.098264][ T9367]  kmem_cache_alloc_noprof+0x70/0x380
[  350.103658][ T9367]  getname_flags+0xb7/0x540
[  350.108193][ T9367]  __x64_sys_mkdirat+0x7a/0xa0
[  350.112979][ T9367]  do_syscall_64+0xf3/0x230
[  350.117499][ T9367]  ? clear_bhb_loop+0x35/0x90
[  350.122192][ T9367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.128084][ T9367] RIP: 0033:0x7f24ef780809
[  350.132493][ T9367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.152090][ T9367] RSP: 002b:00007f24f0553058 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  350.160498][ T9367] RAX: ffffffffffffffda RBX: 00007f24ef945fa0 RCX: 00007f24ef780809
[  350.168462][ T9367] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 0000000000000003
[  350.176426][ T9367] RBP: 00007f24f05530a0 R08: 0000000000000000 R09: 0000000000000000
[  350.184389][ T9367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.192352][ T9367] R13: 0000000000000000 R14: 00007f24ef945fa0 R15: 00007ffc1046f128
[  350.200324][ T9367]  </TASK>
[  350.267359][ T1201] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  350.419329][ T1201] usb 6-1: config 0 has an invalid interface number: 133 but max is 0
[  350.431920][ T1201] usb 6-1: config 0 has no interface number 0
[  350.442043][ T1201] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  350.460419][ T1201] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0xF has invalid maxpacket 528, setting to 64
[  350.475403][ T1201] usb 6-1: config 0 interface 133 altsetting 0 has an endpoint descriptor with address 0x78, changing to 0x8
[  350.488403][    T8] usb 4-1: new full-speed USB device number 36 using dummy_hcd
[  350.532136][ T1201] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0x8 has invalid maxpacket 2049, setting to 64
[  350.550308][ T1201] usb 6-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[  350.560373][ T1201] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.569420][ T1201] usb 6-1: Product: syz
[  350.573842][ T1201] usb 6-1: Manufacturer: syz
[  350.580922][ T1201] usb 6-1: SerialNumber: syz
[  350.586871][ T1201] usb 6-1: config 0 descriptor??
[  350.592765][ T9365] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  350.600331][ T9365] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  350.614145][ T9365] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  351.381359][    T8] usb 4-1: config 0 has an invalid interface number: 74 but max is 0
[  351.401914][ T1201] usb 6-1: probing VID:PID(0424:012C)   
[  351.434466][ T1201] usb 6-1: vub300 testing BULK OUT EndPoint(0) 0B
[  351.434551][    T8] usb 4-1: config 0 has no interface number 0
[  351.517531][ T1201] usb 6-1: vub300 testing BULK OUT EndPoint(1) 0F
[  351.530964][ T1201] usb 6-1: vub300 testing BULK OUT EndPoint(2) 08
[  351.538658][    T8] usb 4-1: config 0 interface 74 has no altsetting 0
[  351.549780][ T1201] usb 6-1: ignoring unexpected bulk_out endpoint
[  351.558279][ T1201] usb 6-1: Could not find two sets of bulk-in/out endpoint pairs
[  351.618025][ T1201] vub300 6-1:0.133: probe with driver vub300 failed with error -22
[  351.734937][ T1201] usb 6-1: USB disconnect, device number 13
[  351.772244][    T8] usb 4-1: New USB device found, idVendor=0fe9, idProduct=db71, bcdDevice=f6.7d
[  351.814845][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.837534][    T8] usb 4-1: Product: syz
[  351.841712][    T8] usb 4-1: Manufacturer: syz
[  351.846311][    T8] usb 4-1: SerialNumber: syz
[  351.854451][    T8] usb 4-1: config 0 descriptor??
[  351.937831][    T8] dvb-usb: found a 'DViCO FusionHDTV DVB-T NANO2 w/o firmware' in warm state.
[  352.058980][    T8] usb 4-1: setting power ON
[  352.082093][    T8] dvb-usb: bulk message failed: -22 (2/0)
[  352.160171][    T8] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  352.172365][    T8] dvb-usb: DViCO FusionHDTV DVB-T NANO2 w/o firmware error while loading driver (-19)
[  352.217626][    T8] dvb_usb_cxusb 4-1:0.74: probe with driver dvb_usb_cxusb failed with error -22
[  352.274614][    T8] usb 4-1: USB disconnect, device number 36
[  353.319091][   T29] audit: type=1804 audit(1732818524.056:85375): pid=9415 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.968" name="/newroot/188/bus/bus" dev="overlay" ino=1064 res=1 errno=0
[  354.500969][ T9429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.970'.
[  354.510405][ T9429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.970'.
[  354.519956][ T9429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.970'.
[  355.754017][ T9425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.971'.
[  355.763650][ T9425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.971'.
[  355.772560][ T9425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.971'.
[  356.565169][ T9451] team_slave_0: entered promiscuous mode
[  356.570940][ T9451] team_slave_1: entered promiscuous mode
[  358.047427][ T5852] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  358.056812][   T11] tipc: Subscription rejected, illegal request
[  358.069726][ T9468] netlink: 'syz.3.984': attribute type 10 has an invalid length.
[  358.096947][ T9468] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  358.705914][ T5852] usb 6-1: Using ep0 maxpacket: 32
[  358.713064][ T5852] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  358.737603][ T5852] usb 6-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01
[  358.767926][ T5852] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.798894][ T5852] usb 6-1: Product: syz
[  358.812282][ T5852] usb 6-1: Manufacturer: syz
[  358.832970][ T5852] usb 6-1: SerialNumber: syz
[  358.938052][ T9480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.987'.
[  358.946965][ T9480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.987'.
[  358.956078][ T9480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.987'.
[  358.979294][ T5852] usb 6-1: config 0 descriptor??
[  359.303677][   T29] audit: type=1326 audit(1732818530.226:85376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.334682][ T2969] Bluetooth: hci5: Frame reassembly failed (-84)
[  359.351988][   T29] audit: type=1326 audit(1732818530.226:85377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.368033][ T5852] cxacru 6-1:0.0: usbatm_usb_probe: bind failed: -19!
[  359.424719][   T29] audit: type=1326 audit(1732818530.226:85378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.447331][   T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  359.460397][   T29] audit: type=1326 audit(1732818530.226:85379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.482363][   T29] audit: type=1326 audit(1732818530.226:85380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.503820][   T29] audit: type=1326 audit(1732818530.226:85381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.525270][   T29] audit: type=1326 audit(1732818530.226:85382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.548576][   T29] audit: type=1326 audit(1732818530.226:85383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.570394][   T29] audit: type=1326 audit(1732818530.226:85384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  359.592789][   T29] audit: type=1326 audit(1732818530.226:85385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9488 comm="syz.1.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  360.838261][ T5920] usb 6-1: USB disconnect, device number 14
[  361.770361][ T5155] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  361.797464][   T53] Bluetooth: hci5: command 0x1003 tx timeout
[  361.797979][   T25] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  361.813336][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.344413][ T9498] team_slave_0: entered promiscuous mode
[  362.350127][ T9498] team_slave_1: entered promiscuous mode
[  362.445512][   T25] usb 5-1: string descriptor 0 read error: -71
[  362.451878][   T25] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  362.461139][   T25] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  362.472304][   T25] usb 5-1: config 0 descriptor??
[  362.533405][   T25] usb 5-1: can't set config #0, error -71
[  362.558616][   T25] usb 5-1: USB disconnect, device number 16
[  363.074633][ T9505] netlink: 4 bytes leftover after parsing attributes in process `syz.4.993'.
[  363.685544][ T9521] netlink: 'syz.4.999': attribute type 1 has an invalid length.
[  363.774676][ T9521] netlink: 224 bytes leftover after parsing attributes in process `syz.4.999'.
[  363.802843][ T9521] vlan2: entered promiscuous mode
[  363.808055][ T9521] team0: entered promiscuous mode
[  363.816578][ T9521] team0: left promiscuous mode
[  363.903401][ T9523] IPVS: length: 198 != 24
[  364.030065][   T25] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  364.727354][   T25] usb 4-1: Using ep0 maxpacket: 32
[  364.734141][   T25] usb 4-1: config 0 has an invalid interface number: 151 but max is 0
[  364.748042][   T25] usb 4-1: config 0 has no interface number 0
[  364.754665][   T25] usb 4-1: config 0 interface 151 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  364.776395][   T25] usb 4-1: config 0 interface 151 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  364.978607][   T25] usb 4-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[  365.242044][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.255783][   T25] usb 4-1: Product: syz
[  365.260177][   T25] usb 4-1: Manufacturer: syz
[  365.265220][   T25] usb 4-1: SerialNumber: syz
[  365.288222][   T25] usb 4-1: config 0 descriptor??
[  366.584716][ T5845] Bluetooth: hci1: command 0x0406 tx timeout
[  367.180523][ T9549] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1005'.
[  367.775461][ T9562] FAULT_INJECTION: forcing a failure.
[  367.775461][ T9562] name failslab, interval 1, probability 0, space 0, times 0
[  367.790034][ T9562] CPU: 0 UID: 0 PID: 9562 Comm: syz.4.1008 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  367.800391][ T9562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  367.810453][ T9562] Call Trace:
[  367.813732][ T9562]  <TASK>
[  367.816661][ T9562]  dump_stack_lvl+0x241/0x360
[  367.821339][ T9562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.826531][ T9562]  ? __pfx__printk+0x10/0x10
[  367.831125][ T9562]  ? kmem_cache_alloc_noprof+0x48/0x380
[  367.836668][ T9562]  ? __pfx___might_resched+0x10/0x10
[  367.841955][ T9562]  should_fail_ex+0x3b0/0x4e0
[  367.846633][ T9562]  should_failslab+0xac/0x100
[  367.851308][ T9562]  ? vm_area_dup+0x61/0x290
[  367.855808][ T9562]  kmem_cache_alloc_noprof+0x70/0x380
[  367.861179][ T9562]  vm_area_dup+0x61/0x290
[  367.865504][ T9562]  __split_vma+0x1cb/0xc50
[  367.869929][ T9562]  ? __pfx___split_vma+0x10/0x10
[  367.874866][ T9562]  ? mas_find+0x950/0xbb0
[  367.879198][ T9562]  vms_gather_munmap_vmas+0x4c1/0x1600
[  367.884673][ T9562]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  367.890567][ T9562]  ? mark_lock+0x9a/0x360
[  367.894899][ T9562]  ? __pfx_validate_chain+0x10/0x10
[  367.900102][ T9562]  do_vmi_align_munmap+0x3ff/0x6f0
[  367.905212][ T9562]  ? __lock_acquire+0x1397/0x2100
[  367.910232][ T9562]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  367.915892][ T9562]  ? mas_find+0x8c0/0xbb0
[  367.920222][ T9562]  do_vmi_munmap+0x24e/0x2d0
[  367.924809][ T9562]  do_munmap+0x18a/0x240
[  367.929051][ T9562]  ? __pfx_do_munmap+0x10/0x10
[  367.933820][ T9562]  ? __pfx_down_write_killable+0x10/0x10
[  367.939449][ T9562]  ? __se_sys_mremap+0xd6/0x1ac0
[  367.944385][ T9562]  __se_sys_mremap+0xff7/0x1ac0
[  367.949241][ T9562]  ? __pfx___se_sys_mremap+0x10/0x10
[  367.954530][ T9562]  ? __fget_files+0x2a/0x410
[  367.959145][ T9562]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  367.965133][ T9562]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  367.971464][ T9562]  ? do_syscall_64+0x100/0x230
[  367.976231][ T9562]  ? __x64_sys_mremap+0x20/0xc0
[  367.981082][ T9562]  do_syscall_64+0xf3/0x230
[  367.985586][ T9562]  ? clear_bhb_loop+0x35/0x90
[  367.990268][ T9562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.996153][ T9562] RIP: 0033:0x7fcb27380809
[  368.000570][ T9562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.020170][ T9562] RSP: 002b:00007fcb2812a058 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  368.028590][ T9562] RAX: ffffffffffffffda RBX: 00007fcb27546080 RCX: 00007fcb27380809
[  368.036556][ T9562] RDX: 0000000000400000 RSI: 0000000000001000 RDI: 0000000020a96000
[  368.044519][ T9562] RBP: 00007fcb2812a0a0 R08: 0000000020000000 R09: 0000000000000000
[  368.052491][ T9562] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  368.060457][ T9562] R13: 0000000000000000 R14: 00007fcb27546080 R15: 00007ffd4e35b888
[  368.068436][ T9562]  </TASK>
[  368.103059][ T9563] netlink: 'syz.0.1010': attribute type 1 has an invalid length.
[  368.116001][ T9563] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1010'.
[  368.624731][   T25] usb 4-1: USB disconnect, device number 37
[  368.777729][ T9565] vlan2: entered promiscuous mode
[  368.796645][ T9565] team0: entered promiscuous mode
[  368.830094][ T9571] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1012'.
[  368.864363][ T9565] team0: left promiscuous mode
[  369.390668][ T9571] xfrm1: entered promiscuous mode
[  369.395757][ T9571] xfrm1: entered allmulticast mode
[  369.459617][ T9584] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  369.833250][ T9586] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.845309][ T9586] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.012449][ T9587] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.019620][ T9587] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.032181][ T9587] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.039315][ T9587] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.364090][    T8] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  370.392311][ T1201] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  370.513800][ T1201] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  370.667418][    T8] usb 4-1: Using ep0 maxpacket: 16
[  370.673984][    T8] usb 4-1: config 0 has an invalid descriptor of length 34, skipping remainder of the config
[  370.704458][    T8] usb 4-1: too many endpoints for config 0 interface 0 altsetting 48: 37, using maximum allowed: 30
[  370.759610][    T8] usb 4-1: config 0 interface 0 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  370.814427][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  370.837189][    T8] usb 4-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  370.869331][ T5155] Bluetooth: hci4: Unknown advertising packet type: 0x71
[  370.869419][ T5155] Bluetooth: hci4: Malformed LE Event: 0x0d
[  370.884714][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.932811][    T8] usb 4-1: config 0 descriptor??
[  370.964516][    T8] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  371.052316][ T9613] IPv6: NLM_F_CREATE should be specified when creating new route
[  372.027170][ T1201] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  372.259079][ T1201] usb 6-1: Using ep0 maxpacket: 8
[  372.330735][ T1201] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  372.353563][ T1201] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.376989][ T1201] usb 6-1: Product: syz
[  372.381381][ T1201] usb 6-1: Manufacturer: syz
[  372.386096][ T1201] usb 6-1: SerialNumber: syz
[  372.393821][ T1201] usb 6-1: config 0 descriptor??
[  372.620772][ T1201] gspca_main: se401-2.14.0 probing 047d:5003
[  372.712583][ T9620] IPVS: length: 198 != 24
[  373.371999][   T29] kauditd_printk_skb: 775 callbacks suppressed
[  373.372018][   T29] audit: type=1326 audit(1732818544.296:86161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.454922][   T25] usb 4-1: USB disconnect, device number 38
[  373.491303][   T29] audit: type=1326 audit(1732818544.346:86162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.513008][    C1] vkms_vblank_simulate: vblank timer overrun
[  373.570140][   T29] audit: type=1326 audit(1732818544.346:86163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.615508][   T29] audit: type=1326 audit(1732818544.346:86164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.639228][ T1201] gspca_se401: Too many frame sizes
[  373.645923][   T29] audit: type=1326 audit(1732818544.346:86165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.669605][   T29] audit: type=1326 audit(1732818544.356:86166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.693287][   T29] audit: type=1326 audit(1732818544.356:86167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.765634][   T29] audit: type=1326 audit(1732818544.356:86168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.784747][ T9630] netlink: 'syz.1.1028': attribute type 1 has an invalid length.
[  373.795432][ T9630] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1028'.
[  373.814096][   T29] audit: type=1326 audit(1732818544.356:86169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.818138][ T9630] vlan2: entered promiscuous mode
[  373.875564][   T29] audit: type=1326 audit(1732818544.356:86170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9621 comm="syz.1.1024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x7ffc0000
[  373.877718][ T9630] bond0: entered promiscuous mode
[  373.906782][ T9635] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1027'.
[  373.925056][ T9630] bond_slave_0: entered promiscuous mode
[  373.932114][ T9630] bond_slave_1: entered promiscuous mode
[  373.945684][ T9630] bond0: left promiscuous mode
[  373.950793][ T9630] bond_slave_0: left promiscuous mode
[  373.956573][ T9630] bond_slave_1: left promiscuous mode
[  373.968525][ T1201] usb 6-1: USB disconnect, device number 15
[  374.137199][ T5920] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  374.290802][ T5920] usb 1-1: Using ep0 maxpacket: 8
[  374.319298][ T5920] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  374.328152][ T5920] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  374.337980][ T5920] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  374.347775][ T5920] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  374.357745][ T5920] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  374.370820][ T5920] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  374.379923][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.448626][ T5155] Bluetooth: hci4: Unable to find connection for big 0x00
[  374.491239][ T9651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1034'.
[  374.643694][ T5920] usb 1-1: usb_control_msg returned -32
[  374.649565][ T5920] usbtmc 1-1:16.0: can't read capabilities
[  376.002781][ T9668] FAULT_INJECTION: forcing a failure.
[  376.002781][ T9668] name failslab, interval 1, probability 0, space 0, times 0
[  376.259631][ T9665] IPVS: length: 198 != 24
[  376.271842][ T9666] IPVS: length: 198 != 24
[  376.623413][ T9668] CPU: 0 UID: 0 PID: 9668 Comm: syz.3.1038 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  376.633784][ T9668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  376.643827][ T9668] Call Trace:
[  376.647097][ T9668]  <TASK>
[  376.650027][ T9668]  dump_stack_lvl+0x241/0x360
[  376.654689][ T9668]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.659872][ T9668]  ? __pfx__printk+0x10/0x10
[  376.664451][ T9668]  ? __kmalloc_noprof+0xb5/0x4c0
[  376.669375][ T9668]  ? __pfx___might_resched+0x10/0x10
[  376.674650][ T9668]  should_fail_ex+0x3b0/0x4e0
[  376.679320][ T9668]  should_failslab+0xac/0x100
[  376.683986][ T9668]  __kmalloc_noprof+0xdd/0x4c0
[  376.688735][ T9668]  ? nla_strdup+0x9c/0x140
[  376.693138][ T9668]  ? __kasan_kmalloc+0x98/0xb0
[  376.697889][ T9668]  nla_strdup+0x9c/0x140
[  376.702114][ T9668]  nf_tables_newtable+0x59b/0x1e40
[  376.707210][ T9668]  ? nfnl_pernet+0x23/0x240
[  376.711702][ T9668]  ? __pfx_nf_tables_newtable+0x10/0x10
[  376.717234][ T9668]  ? __nla_parse+0x40/0x60
[  376.721635][ T9668]  nfnetlink_rcv+0x14e3/0x2ab0
[  376.726437][ T9668]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  376.731617][ T9668]  ? netlink_deliver_tap+0x2e/0x1b0
[  376.736824][ T9668]  ? skb_clone+0x240/0x390
[  376.741234][ T9668]  ? __pfx_lock_release+0x10/0x10
[  376.746253][ T9668]  ? netlink_deliver_tap+0x2e/0x1b0
[  376.751441][ T9668]  netlink_unicast+0x7f6/0x990
[  376.756198][ T9668]  ? __pfx_netlink_unicast+0x10/0x10
[  376.761497][ T9668]  ? __virt_addr_valid+0x183/0x530
[  376.766612][ T9668]  ? __check_object_size+0x48e/0x900
[  376.771884][ T9668]  netlink_sendmsg+0x8e4/0xcb0
[  376.776640][ T9668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  376.781924][ T9668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  376.787197][ T9668]  __sock_sendmsg+0x221/0x270
[  376.791868][ T9668]  ____sys_sendmsg+0x52a/0x7e0
[  376.796621][ T9668]  ? __pfx_____sys_sendmsg+0x10/0x10
[  376.801891][ T9668]  ? __fget_files+0x2a/0x410
[  376.806469][ T9668]  ? __fget_files+0x2a/0x410
[  376.811055][ T9668]  __sys_sendmsg+0x269/0x350
[  376.815632][ T9668]  ? __pfx_lock_release+0x10/0x10
[  376.820644][ T9668]  ? __pfx___sys_sendmsg+0x10/0x10
[  376.825749][ T9668]  ? __pfx_vfs_write+0x10/0x10
[  376.830519][ T9668]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  376.836851][ T9668]  ? do_syscall_64+0x100/0x230
[  376.841640][ T9668]  ? do_syscall_64+0xb6/0x230
[  376.846340][ T9668]  do_syscall_64+0xf3/0x230
[  376.850867][ T9668]  ? clear_bhb_loop+0x35/0x90
[  376.855570][ T9668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.861487][ T9668] RIP: 0033:0x7f24ef780809
[  376.865922][ T9668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.885522][ T9668] RSP: 002b:00007f24f0553058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  376.893921][ T9668] RAX: ffffffffffffffda RBX: 00007f24ef945fa0 RCX: 00007f24ef780809
[  376.901876][ T9668] RDX: 00000000000000d0 RSI: 00000000200000c0 RDI: 0000000000000003
[  376.909859][ T9668] RBP: 00007f24f05530a0 R08: 0000000000000000 R09: 0000000000000000
[  376.917827][ T9668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  376.925797][ T9668] R13: 0000000000000000 R14: 00007f24ef945fa0 R15: 00007ffc1046f128
[  376.933780][ T9668]  </TASK>
[  377.183931][ T2147] usb 1-1: USB disconnect, device number 16
[  377.229592][ T9678] af_packet: tpacket_rcv: packet too big, clamped from 632 to 4294967272. macoff=96
[  377.280556][ T9681] netlink: 'syz.0.1043': attribute type 1 has an invalid length.
[  377.317262][ T9681] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1043'.
[  377.884292][ T9681] bond_slave_0: entered promiscuous mode
[  377.890279][ T9681] bond_slave_1: entered promiscuous mode
[  377.904219][ T9697] netlink: 'syz.4.1046': attribute type 10 has an invalid length.
[  377.909184][ T9681] vlan2: entered promiscuous mode
[  377.918079][ T9681] bond0: entered promiscuous mode
[  377.962652][ T9681] bond0: left promiscuous mode
[  377.970406][ T9681] bond_slave_0: left promiscuous mode
[  377.975889][ T9681] bond_slave_1: left promiscuous mode
[  378.059428][ T9697] batman_adv: batadv0: Adding interface: team0
[  378.065592][ T9697] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.200566][ T9697] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  378.767685][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  378.779991][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  378.930956][ T9714] netlink: 'syz.4.1050': attribute type 10 has an invalid length.
[  379.061224][ T9714] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  379.537788][ T9730] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1055'.
[  379.967805][ T9736] ebt_among: dst integrity fail: 200
[  381.470309][   T25] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  381.707738][   T25] usb 4-1: Using ep0 maxpacket: 16
[  381.734817][   T25] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  381.743310][   T25] usb 4-1: config 0 has no interface number 0
[  381.752808][   T25] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  381.766252][   T11] tipc: Subscription rejected, illegal request
[  381.783033][   T25] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  381.807328][   T25] usb 4-1: config 0 interface 41 has no altsetting 0
[  381.838131][   T25] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  381.847346][ T2147] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  381.875282][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.907302][   T25] usb 4-1: Product: syz
[  381.911533][   T25] usb 4-1: Manufacturer: syz
[  381.916154][   T25] usb 4-1: SerialNumber: syz
[  381.940074][   T25] usb 4-1: config 0 descriptor??
[  381.946781][ T9751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  381.965310][ T9751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  382.007226][ T2147] usb 1-1: Using ep0 maxpacket: 8
[  382.025358][ T2147] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  382.039656][ T2147] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.058259][ T2147] usb 1-1: Product: syz
[  382.062511][ T2147] usb 1-1: Manufacturer: syz
[  382.087161][ T2147] usb 1-1: SerialNumber: syz
[  382.094295][ T2147] usb 1-1: config 0 descriptor??
[  382.110470][ T2147] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  382.176375][ T9751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  382.183941][ T9751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  382.204105][ T9783] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1064'.
[  382.633506][   T25] Error reading MAC address
[  382.726926][ T9751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  382.779267][ T9751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  382.833216][ T2147] gspca_sonixj: reg_r err -32
[  382.880851][ T2147] sonixj 1-1:0.0: probe with driver sonixj failed with error -32
[  383.267501][   T25] sr9700 4-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  384.272116][ T3002] tipc: Subscription rejected, illegal request
[  384.585931][ T5920] usb 4-1: USB disconnect, device number 39
[  384.819346][    T8] usb 1-1: USB disconnect, device number 17
[  385.347196][ T7300] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  385.507313][ T7300] usb 5-1: Using ep0 maxpacket: 16
[  385.514207][ T7300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  385.538525][ T7300] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  385.599948][ T7300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.650016][ T7300] usb 5-1: config 0 descriptor??
[  386.120673][ T5920] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  386.234330][ T7300] lenovo 0003:17EF:6047.000A: unknown main item tag 0x0
[  386.316905][ T7300] lenovo 0003:17EF:6047.000A: unknown main item tag 0x0
[  386.333510][ T7300] lenovo 0003:17EF:6047.000A: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[  386.437225][ T5920] usb 2-1: device descriptor read/64, error -71
[  386.458939][ T9828] netlink: 'syz.4.1080': attribute type 1 has an invalid length.
[  386.466853][ T9828] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1080'.
[  386.480020][    T8] usb 5-1: USB disconnect, device number 17
[  386.677399][ T5920] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  386.807267][ T5920] usb 2-1: device descriptor read/64, error -71
[  386.917485][ T5920] usb usb2-port1: attempt power cycle
[  387.258171][ T5920] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  387.338383][ T5920] usb 2-1: device descriptor read/8, error -71
[  387.382935][ T9886] netlink: 'syz.4.1096': attribute type 1 has an invalid length.
[  387.391166][ T9886] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1096'.
[  387.414128][ T9886] vlan2: entered promiscuous mode
[  387.419577][ T9886] team0: entered promiscuous mode
[  387.431730][ T9886] team0: left promiscuous mode
[  387.609539][ T5920] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  387.637986][ T5920] usb 2-1: device descriptor read/8, error -71
[  387.758540][ T5920] usb usb2-port1: unable to enumerate USB device
[  388.510000][ T9890] IPVS: length: 198 != 24
[  389.268458][ T2901] tipc: Subscription rejected, illegal request
[  389.394351][ T9927] netlink: 'syz.0.1109': attribute type 1 has an invalid length.
[  389.402665][ T9927] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1109'.
[  389.447311][ T9910] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1102'.
[  389.493051][ T9932] vlan2: entered promiscuous mode
[  389.537412][ T9932] team0: entered promiscuous mode
[  389.582918][ T9932] team0: left promiscuous mode
[  389.941946][ T9945] overlayfs: conflicting lowerdir path
[  390.235761][ T9955] IPVS: length: 198 != 24
[  391.147193][ T5920] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  391.413454][ T9964] IPVS: length: 198 != 24
[  391.437387][ T5920] usb 1-1: Using ep0 maxpacket: 32
[  391.449115][ T5920] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  391.509924][ T5920] usb 1-1: config 0 has no interface number 0
[  392.027437][ T5920] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  392.037035][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.045414][ T5920] usb 1-1: Product: syz
[  392.087146][ T5920] usb 1-1: Manufacturer: syz
[  392.109679][ T5920] usb 1-1: SerialNumber: syz
[  392.142253][ T5920] usb 1-1: config 0 descriptor??
[  392.159119][ T5920] smsc95xx v2.0.0
[  392.177539][ T5155] Bluetooth: hci5: sending frame failed (-49)
[  392.186197][ T5845] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  392.229938][   T29] audit: type=1326 audit(1732818563.146:86171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  392.292748][ T9978] Process accounting resumed
[  392.308550][ T9969] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1114'.
[  392.318543][ T9969] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1114'.
[  392.476399][   T29] audit: type=1326 audit(1732818563.146:86172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  392.863222][   T29] audit: type=1326 audit(1732818563.146:86173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.147438][ T5920] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  393.172260][ T5920] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  393.181557][   T29] audit: type=1326 audit(1732818563.146:86174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.203269][   T29] audit: type=1326 audit(1732818563.146:86175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.224868][   T29] audit: type=1326 audit(1732818563.146:86176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.246222][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.252604][   T29] audit: type=1326 audit(1732818563.146:86177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.274196][   T29] audit: type=1326 audit(1732818563.146:86178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.295546][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.301742][   T29] audit: type=1326 audit(1732818563.146:86179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.323247][   T29] audit: type=1326 audit(1732818563.146:86180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9961 comm="syz.5.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff154580809 code=0x50000
[  393.344603][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.449473][ T9986] FAULT_INJECTION: forcing a failure.
[  393.449473][ T9986] name failslab, interval 1, probability 0, space 0, times 0
[  393.499113][ T9986] CPU: 1 UID: 0 PID: 9986 Comm: syz.3.1123 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  393.509486][ T9986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  393.519561][ T9986] Call Trace:
[  393.522853][ T9986]  <TASK>
[  393.525794][ T9986]  dump_stack_lvl+0x241/0x360
[  393.530491][ T9986]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.535707][ T9986]  ? __pfx__printk+0x10/0x10
[  393.540319][ T9986]  ? fs_reclaim_acquire+0x93/0x130
[  393.545452][ T9986]  ? __pfx___might_resched+0x10/0x10
[  393.550755][ T9986]  ? dynamic_dname+0x141/0x1b0
[  393.555540][ T9986]  should_fail_ex+0x3b0/0x4e0
[  393.558383][ T5920] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  393.560226][ T9986]  should_failslab+0xac/0x100
[  393.560254][ T9986]  __kmalloc_noprof+0xdd/0x4c0
[  393.571454][ T5920] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  393.575641][ T9986]  ? tomoyo_encode+0x26f/0x540
[  393.575673][ T9986]  tomoyo_encode+0x26f/0x540
[  393.575694][ T9986]  ? __pfx_sockfs_dname+0x10/0x10
[  393.575721][ T9986]  tomoyo_realpath_from_path+0x59e/0x5e0
[  393.575753][ T9986]  tomoyo_path_number_perm+0x236/0x860
[  393.575771][ T9986]  ? __lock_acquire+0x1397/0x2100
[  393.583582][ T5920] usb 1-1: USB disconnect, device number 18
[  393.588676][ T9986]  ? tomoyo_path_number_perm+0x206/0x860
[  393.588705][ T9986]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  393.636692][ T9986]  ? __fget_files+0x2a/0x410
[  393.641308][ T9986]  ? __fget_files+0x2a/0x410
[  393.645918][ T9986]  security_file_ioctl+0xc6/0x2a0
[  393.650957][ T9986]  __se_sys_ioctl+0x46/0x170
[  393.655569][ T9986]  do_syscall_64+0xf3/0x230
[  393.660088][ T9986]  ? clear_bhb_loop+0x35/0x90
[  393.664779][ T9986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.670689][ T9986] RIP: 0033:0x7f24ef780809
[  393.675113][ T9986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.694729][ T9986] RSP: 002b:00007f24f0553058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  393.703159][ T9986] RAX: ffffffffffffffda RBX: 00007f24ef945fa0 RCX: 00007f24ef780809
[  393.711142][ T9986] RDX: 0000000020000800 RSI: 00000000000089f2 RDI: 0000000000000003
[  393.719130][ T9986] RBP: 00007f24f05530a0 R08: 0000000000000000 R09: 0000000000000000
[  393.727114][ T9986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.735100][ T9986] R13: 0000000000000000 R14: 00007f24ef945fa0 R15: 00007ffc1046f128
[  393.743105][ T9986]  </TASK>
[  393.807350][ T9986] ERROR: Out of memory at tomoyo_realpath_from_path.
[  394.299641][ T9994] loop2: detected capacity change from 0 to 7
[  395.328433][T10004] IPVS: length: 198 != 24
[  395.330107][ T9994] Dev loop2: unable to read RDB block 7
[  395.330159][ T9994]  loop2: unable to read partition table
[  395.330300][ T9994] loop2: partition table beyond EOD, truncated
[  395.330319][ T9994] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  396.424859][T10003] tty tty2: ldisc open failed (-12), clearing slot 1
[  396.767847][T10017] VFS: could not find a valid V7 on nullb0.
[  397.365668][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1134'.
[  397.402142][T10025] bond_slave_0: entered promiscuous mode
[  397.407935][T10025] bond_slave_1: entered promiscuous mode
[  397.447318][ T1201] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  397.475640][T10025] macvtap1: entered promiscuous mode
[  397.557182][T10025] bond0: entered promiscuous mode
[  397.572652][T10025] macvtap1: entered allmulticast mode
[  397.600096][ T1201] usb 4-1: unable to get BOS descriptor or descriptor too short
[  397.613818][T10025] bond0: entered allmulticast mode
[  397.632320][T10025] bond_slave_0: entered allmulticast mode
[  397.651014][ T1201] usb 4-1: config 1 interface 0 altsetting 9 bulk endpoint 0x82 has invalid maxpacket 1023
[  397.683577][ T1201] usb 4-1: config 1 interface 0 has no altsetting 0
[  397.697635][T10025] bond_slave_1: entered allmulticast mode
[  397.729665][T10025] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  397.738630][ T1201] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  397.758337][ T1201] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.801640][T10026] bond0: left allmulticast mode
[  397.806716][ T1201] usb 4-1: Product: syz
[  397.813797][ T1201] usb 4-1: Manufacturer: syz
[  397.819784][T10026] bond_slave_0: left allmulticast mode
[  397.825695][ T1201] usb 4-1: SerialNumber: syz
[  397.847798][T10026] bond_slave_1: left allmulticast mode
[  397.856957][T10026] bond0: left promiscuous mode
[  397.862908][T10017] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  397.881488][T10026] bond_slave_0: left promiscuous mode
[  397.887287][T10026] bond_slave_1: left promiscuous mode
[  399.057302][    T8] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  399.207307][    T8] usb 6-1: Using ep0 maxpacket: 16
[  399.230591][    T8] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  399.245959][    T8] usb 6-1: config 0 has no interface number 0
[  399.254269][    T8] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  399.271281][    T8] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  399.286116][    T8] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  399.295124][    T8] usb 6-1: Product: syz
[  399.299759][    T8] usb 6-1: SerialNumber: syz
[  399.308275][    T8] usb 6-1: config 0 descriptor??
[  399.320701][    T8] cm109 6-1:0.8: invalid payload size 239, expected 4
[  399.333098][    T8] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input20
[  399.517413][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  399.650377][T10048] IPVS: length: 198 != 24
[  400.270051][T10040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  400.316509][T10040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  400.366792][    T9] usb 1-1: Using ep0 maxpacket: 32
[  400.376042][ T1201] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 40 if 0 alt 9 proto 2 vid 0x0525 pid 0xA4A8
[  400.390771][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  400.402140][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.412305][    T9] usb 1-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.00
[  400.421712][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.431108][ T1201] usb 4-1: USB disconnect, device number 40
[  400.441123][    T9] usb 1-1: config 0 descriptor??
[  400.447041][ T1201] usblp0: removed
[  400.453481][    C0] cm109 6-1:0.8: cm109_urb_irq_callback: urb status -71
[  400.453491][   T25] usb 6-1: USB disconnect, device number 16
[  400.453515][    C0] cm109 6-1:0.8: cm109_submit_ctl: usb_submit_urb (urb_ctl) failed -19
[  400.514784][   T25] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  400.663412][T10044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  400.692952][T10044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  400.773839][T10058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1148'.
[  400.783223][T10058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1148'.
[  400.793693][T10058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1148'.
[  400.895303][ T7070] Bluetooth: hci5: Frame reassembly failed (-84)
[  400.920670][   T29] kauditd_printk_skb: 954 callbacks suppressed
[  400.920688][   T29] audit: type=1326 audit(1732818571.846:87135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  400.961344][    T9] hid_mf 0003:0079:1801.000B: hidraw0: USB HID v0.00 Device [HID 0079:1801] on usb-dummy_hcd.0-1/input0
[  400.972747][    T9] hid_mf 0003:0079:1801.000B: Force feedback for HJZ Mayflash game controller adapters by Marcel Hasler <mahasler@gmail.com>
[  400.987214][ T1201] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  400.993580][   T29] audit: type=1326 audit(1732818571.876:87136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.107243][   T29] audit: type=1326 audit(1732818571.886:87137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.149729][ T1201] usb 5-1: Using ep0 maxpacket: 16
[  401.165920][   T29] audit: type=1326 audit(1732818571.886:87138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.187851][   T29] audit: type=1326 audit(1732818571.886:87139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.209659][   T29] audit: type=1326 audit(1732818571.886:87140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.261719][ T2147] usb 1-1: USB disconnect, device number 19
[  401.332197][   T29] audit: type=1326 audit(1732818571.886:87141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.371069][   T29] audit: type=1326 audit(1732818571.886:87142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.392666][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.399603][   T29] audit: type=1326 audit(1732818571.886:87143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.521634][   T29] audit: type=1326 audit(1732818571.886:87144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10055 comm="syz.1.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  401.543146][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.551276][ T1201] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  401.560941][ T1201] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.570113][ T1201] usb 5-1: Product: syz
[  401.575670][ T1201] usb 5-1: Manufacturer: syz
[  401.584770][ T1201] usb 5-1: SerialNumber: syz
[  401.597271][ T1201] r8152-cfgselector 5-1: Unknown version 0x0000
[  401.608864][ T1201] r8152-cfgselector 5-1: config 0 descriptor??
[  401.864044][T10060] vivid-003: disconnect
[  401.958929][ T1201] r8152-cfgselector 5-1: Unknown version 0x0000
[  402.205585][ T1201] r8152-cfgselector 5-1: bad CDC descriptors
[  402.226881][ T1201] r8152-cfgselector 5-1: USB disconnect, device number 18
[  402.237695][T10059] vivid-003: reconnect
[  402.462222][T10080] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  402.901647][ T5155] Bluetooth: hci5: command 0x1003 tx timeout
[  402.909670][ T5845] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  403.496872][T10098] vlan2: entered promiscuous mode
[  403.502165][T10098] hsr_slave_1: entered promiscuous mode
[  403.509535][T10098] vlan2: entered allmulticast mode
[  403.514738][T10098] hsr_slave_1: entered allmulticast mode
[  403.565321][T10098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1159'.
[  404.230095][T10100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'.
[  404.239523][T10100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'.
[  404.256971][T10100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'.
[  404.292643][T10098] hsr_slave_1 (unregistering): left allmulticast mode
[  404.299519][T10098] hsr_slave_1 (unregistering): left promiscuous mode
[  404.747714][ T5920] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  406.096303][ T5920] usb 5-1: unable to get BOS descriptor or descriptor too short
[  406.178103][ T5920] usb 5-1: unable to read config index 0 descriptor/start: -71
[  406.450145][ T5920] usb 5-1: can't read configurations, error -71
[  406.496142][T10124] netlink: 'syz.4.1168': attribute type 1 has an invalid length.
[  406.613657][T10130] vlan2: entered promiscuous mode
[  406.622356][T10130] team0: entered promiscuous mode
[  406.636078][T10124] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1168'.
[  406.651037][T10130] team0: left promiscuous mode
[  406.658633][   T29] kauditd_printk_skb: 1916 callbacks suppressed
[  406.658644][   T29] audit: type=1804 audit(1732818577.586:89061): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.1170" name="/newroot/119/file1" dev="fuse" ino=1 res=1 errno=0
[  406.717273][   T29] audit: type=1800 audit(1732818577.606:89062): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1170" name="/" dev="fuse" ino=1 res=0 errno=0
[  406.756678][   T29] audit: type=1804 audit(1732818577.606:89063): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.1170" name="/newroot/119/file1" dev="fuse" ino=1 res=1 errno=0
[  406.778588][   T29] audit: type=1804 audit(1732818577.606:89064): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.1170" name="/newroot/119/file1" dev="fuse" ino=1 res=1 errno=0
[  406.800595][   T29] audit: type=1800 audit(1732818577.606:89065): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1170" name="/" dev="fuse" ino=1 res=0 errno=0
[  407.688610][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  407.712169][T10144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1177'.
[  407.721356][T10144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1177'.
[  408.297500][    T8] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  408.447587][    T8] usb 2-1: device descriptor read/64, error -71
[  409.047255][    T8] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  409.187228][    T8] usb 2-1: device descriptor read/64, error -71
[  409.357307][    T8] usb usb2-port1: attempt power cycle
[  409.941828][    T8] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  409.988371][    T8] usb 2-1: device descriptor read/8, error -71
[  410.120598][T10168] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1183'.
[  410.131124][T10168] veth1_vlan: entered allmulticast mode
[  410.457238][    T8] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  410.477942][    T8] usb 2-1: device descriptor read/8, error -71
[  410.591105][    T8] usb usb2-port1: unable to enumerate USB device
[  410.841832][T10177] FAULT_INJECTION: forcing a failure.
[  410.841832][T10177] name failslab, interval 1, probability 0, space 0, times 0
[  410.886452][T10177] CPU: 0 UID: 0 PID: 10177 Comm: syz.1.1185 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  410.896930][T10177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  410.907011][T10177] Call Trace:
[  410.910288][T10177]  <TASK>
[  410.913211][T10177]  dump_stack_lvl+0x241/0x360
[  410.918228][T10177]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.923434][T10177]  ? __pfx__printk+0x10/0x10
[  410.928020][T10177]  ? __kmalloc_noprof+0xb5/0x4c0
[  410.932945][T10177]  ? __pfx___might_resched+0x10/0x10
[  410.938225][T10177]  should_fail_ex+0x3b0/0x4e0
[  410.942892][T10177]  should_failslab+0xac/0x100
[  410.947557][T10177]  __kmalloc_noprof+0xdd/0x4c0
[  410.952321][T10177]  ? snd_pcm_hw_refine+0x965/0x1b40
[  410.957513][T10177]  snd_pcm_hw_refine+0x965/0x1b40
[  410.962529][T10177]  ? kfree+0x196/0x420
[  410.966585][T10177]  ? snd_pcm_hw_refine+0x1659/0x1b40
[  410.971869][T10177]  ? __kmalloc_cache_noprof+0x243/0x390
[  410.977406][T10177]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  410.983038][T10177]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  410.988508][T10177]  snd_pcm_hw_param_first+0x406/0x6f0
[  410.993870][T10177]  snd_pcm_hw_param_near+0x62d/0x740
[  410.999154][T10177]  ? __pfx_snd_pcm_hw_param_near+0x10/0x10
[  411.004955][T10177]  snd_pcm_oss_change_params_locked+0x1ff5/0x3d60
[  411.011360][T10177]  ? __pfx___mutex_trylock_common+0x10/0x10
[  411.017290][T10177]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  411.024043][T10177]  ? smk_access+0x4ab/0x4e0
[  411.028575][T10177]  snd_pcm_oss_get_active_substream+0x201/0x280
[  411.034831][T10177]  snd_pcm_oss_ioctl+0x4e4/0xff0
[  411.039769][T10177]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  411.045229][T10177]  ? __fget_files+0x2a/0x410
[  411.049811][T10177]  ? __fget_files+0x2a/0x410
[  411.054394][T10177]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  411.059842][T10177]  __se_sys_ioctl+0xf5/0x170
[  411.064434][T10177]  do_syscall_64+0xf3/0x230
[  411.068924][T10177]  ? clear_bhb_loop+0x35/0x90
[  411.073586][T10177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.079485][T10177] RIP: 0033:0x7f788ef80809
[  411.083899][T10177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.103500][T10177] RSP: 002b:00007f788fdf7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  411.111904][T10177] RAX: ffffffffffffffda RBX: 00007f788f145fa0 RCX: 00007f788ef80809
[  411.119862][T10177] RDX: 0000000020000040 RSI: 0000000080045006 RDI: 0000000000000003
[  411.127838][T10177] RBP: 00007f788fdf70a0 R08: 0000000000000000 R09: 0000000000000000
[  411.135803][T10177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  411.143764][T10177] R13: 0000000000000000 R14: 00007f788f145fa0 R15: 00007ffe148ff328
[  411.151744][T10177]  </TASK>
[  411.346054][T10181] netlink: 'syz.4.1186': attribute type 1 has an invalid length.
[  411.354279][T10181] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1186'.
[  411.427901][T10181] batadv_slave_0: entered promiscuous mode
[  411.433858][T10181] vlan2: entered promiscuous mode
[  411.459410][T10181] bond0: entered promiscuous mode
[  411.497595][T10181] bond0: left promiscuous mode
[  411.502788][T10181] batadv_slave_0: left promiscuous mode
[  411.777595][   T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  411.940426][   T25] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  411.984526][   T25] usb 6-1: config 0 has no interfaces?
[  412.007037][   T25] usb 6-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4
[  412.037314][   T25] usb 6-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0
[  412.045538][   T25] usb 6-1: Manufacturer: syz
[  412.109145][   T25] usb 6-1: config 0 descriptor??
[  412.207902][    T8] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  412.372130][T10193] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  412.403828][T10193] FAULT_INJECTION: forcing a failure.
[  412.403828][T10193] name failslab, interval 1, probability 0, space 0, times 0
[  412.442737][T10193] CPU: 0 UID: 0 PID: 10193 Comm: syz.4.1191 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  412.453201][T10193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  412.463269][T10193] Call Trace:
[  412.466556][T10193]  <TASK>
[  412.469494][T10193]  dump_stack_lvl+0x241/0x360
[  412.474215][T10193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  412.479440][T10193]  ? __pfx__printk+0x10/0x10
[  412.484060][T10193]  ? __kmalloc_cache_noprof+0x48/0x390
[  412.489543][T10193]  ? __pfx___might_resched+0x10/0x10
[  412.494858][T10193]  should_fail_ex+0x3b0/0x4e0
[  412.499565][T10193]  should_failslab+0xac/0x100
[  412.504259][T10193]  __kmalloc_cache_noprof+0x70/0x390
[  412.509563][T10193]  ? iopt_alloc_pages+0x87/0x4b0
[  412.514701][T10193]  iopt_alloc_pages+0x87/0x4b0
[  412.519482][T10193]  ? _raw_spin_unlock+0x28/0x50
[  412.524328][T10193]  iopt_alloc_user_pages+0x44/0xe0
[  412.529431][T10193]  iopt_map_user_pages+0x4d/0xe0
[  412.534355][T10193]  iommufd_ioas_map+0x3eb/0x5f0
[  412.539203][T10193]  ? __pfx_iommufd_ioas_map+0x10/0x10
[  412.544564][T10193]  ? __might_fault+0xc6/0x120
[  412.549244][T10193]  iommufd_fops_ioctl+0x4d6/0x5a0
[  412.554258][T10193]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  412.559794][T10193]  ? __fget_files+0x2a/0x410
[  412.564374][T10193]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  412.569904][T10193]  __se_sys_ioctl+0xf5/0x170
[  412.574482][T10193]  do_syscall_64+0xf3/0x230
[  412.578972][T10193]  ? clear_bhb_loop+0x35/0x90
[  412.583635][T10193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.589514][T10193] RIP: 0033:0x7fcb27380809
[  412.593918][T10193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.613510][T10193] RSP: 002b:00007fcb2814b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  412.621915][T10193] RAX: ffffffffffffffda RBX: 00007fcb27545fa0 RCX: 00007fcb27380809
[  412.629878][T10193] RDX: 0000000020000080 RSI: 0000000000003b85 RDI: 0000000000000003
[  412.637835][T10193] RBP: 00007fcb2814b0a0 R08: 0000000000000000 R09: 0000000000000000
[  412.645789][T10193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.653743][T10193] R13: 0000000000000000 R14: 00007fcb27545fa0 R15: 00007ffd4e35b888
[  412.661707][T10193]  </TASK>
[  412.784207][T10209] netlink: 'syz.1.1195': attribute type 10 has an invalid length.
[  412.786891][    T8] usb 1-1: unable to read config index 0 descriptor/start: -61
[  412.799875][    T8] usb 1-1: can't read configurations, error -61
[  412.807467][T10209] bridge0: left allmulticast mode
[  412.816720][T10209] bridge0: entered allmulticast mode
[  412.930231][    T8] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  413.048304][T10215] FAULT_INJECTION: forcing a failure.
[  413.048304][T10215] name failslab, interval 1, probability 0, space 0, times 0
[  413.088941][T10215] CPU: 1 UID: 0 PID: 10215 Comm: syz.1.1197 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  413.099419][T10215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.109502][T10215] Call Trace:
[  413.112804][T10215]  <TASK>
[  413.115746][T10215]  dump_stack_lvl+0x241/0x360
[  413.120427][T10215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.125622][T10215]  ? __pfx__printk+0x10/0x10
[  413.130217][T10215]  ? __kmalloc_cache_noprof+0x48/0x390
[  413.135712][T10215]  ? __pfx___might_resched+0x10/0x10
[  413.141031][T10215]  should_fail_ex+0x3b0/0x4e0
[  413.145722][T10215]  should_failslab+0xac/0x100
[  413.150410][T10215]  __kmalloc_cache_noprof+0x70/0x390
[  413.155697][T10215]  ? __se_sys_mount+0x15a/0x3c0
[  413.160549][T10215]  ? memdup_user+0x9f/0xc0
[  413.164980][T10215]  __se_sys_mount+0x15a/0x3c0
[  413.169662][T10215]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  413.175644][T10215]  ? __pfx___se_sys_mount+0x10/0x10
[  413.180844][T10215]  ? do_syscall_64+0x100/0x230
[  413.185609][T10215]  ? __x64_sys_mount+0x20/0xc0
[  413.190369][T10215]  do_syscall_64+0xf3/0x230
[  413.194871][T10215]  ? clear_bhb_loop+0x35/0x90
[  413.199547][T10215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.205435][T10215] RIP: 0033:0x7f788ef80809
[  413.209844][T10215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.229453][T10215] RSP: 002b:00007f788fdf7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  413.237871][T10215] RAX: ffffffffffffffda RBX: 00007f788f145fa0 RCX: 00007f788ef80809
[  413.245836][T10215] RDX: 0000000020000000 RSI: 00000000200000c0 RDI: 0000000000000000
[  413.253805][T10215] RBP: 00007f788fdf70a0 R08: 0000000020000400 R09: 0000000000000000
[  413.261777][T10215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.269761][T10215] R13: 0000000000000000 R14: 00007f788f145fa0 R15: 00007ffe148ff328
[  413.277772][T10215]  </TASK>
[  413.294143][    T8] usb 1-1: unable to read config index 0 descriptor/start: -61
[  413.302189][    T8] usb 1-1: can't read configurations, error -61
[  413.317891][    T8] usb usb1-port1: attempt power cycle
[  413.687387][    T8] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  413.731797][    T8] usb 1-1: unable to read config index 0 descriptor/start: -61
[  413.762187][    T8] usb 1-1: can't read configurations, error -61
[  413.947453][    T8] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  413.971323][    T8] usb 1-1: unable to read config index 0 descriptor/start: -61
[  413.983538][    T8] usb 1-1: can't read configurations, error -61
[  413.997455][    T8] usb usb1-port1: unable to enumerate USB device
[  414.201501][T10228] tmpfs: Bad value for 'mpol'
[  414.213998][T10228] overlayfs: missing 'lowerdir'
[  415.157515][    T8] usb 6-1: USB disconnect, device number 17
[  415.186297][T10256] IPVS: length: 198 != 24
[  415.835216][ T7300] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  416.144963][ T7300] usb 2-1: config 0 has no interfaces?
[  416.171966][ T7300] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  416.172045][ T7300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.393448][   T29] audit: type=1326 audit(1732818587.276:89066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.393597][   T29] audit: type=1326 audit(1732818587.286:89067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.393718][   T29] audit: type=1326 audit(1732818587.286:89068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.393815][   T29] audit: type=1326 audit(1732818587.286:89069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.393911][   T29] audit: type=1326 audit(1732818587.286:89070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.394007][   T29] audit: type=1326 audit(1732818587.286:89071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.394105][   T29] audit: type=1326 audit(1732818587.286:89072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.394202][   T29] audit: type=1326 audit(1732818587.286:89073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.394298][   T29] audit: type=1326 audit(1732818587.286:89074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.394396][   T29] audit: type=1326 audit(1732818587.286:89075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10254 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb27380809 code=0x50000
[  416.514824][    C1] vkms_vblank_simulate: vblank timer overrun
[  416.580655][    C1] vkms_vblank_simulate: vblank timer overrun
[  416.648648][ T7300] usb 2-1: config 0 descriptor??
[  418.060135][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  418.088954][T10266] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1212'.
[  418.097889][T10266] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1212'.
[  419.108833][   T25] usb 2-1: USB disconnect, device number 37
[  419.207873][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1214'.
[  419.272892][T10274] sock: sock_timestamping_bind_phc: sock not bind to device
[  419.488508][T10271] hsr_slave_1 (unregistering): left promiscuous mode
[  421.896318][ T7070] Bluetooth: hci5: Frame reassembly failed (-84)
[  421.954736][   T29] kauditd_printk_skb: 8986 callbacks suppressed
[  421.954776][   T29] audit: type=1326 audit(1732818592.676:98062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  422.345221][   T29] audit: type=1326 audit(1732818592.676:98063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  422.368275][   T29] audit: type=1326 audit(1732818592.676:98064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  422.410100][T10320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1227'.
[  422.421927][T10320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1227'.
[  422.611838][   T29] audit: type=1326 audit(1732818592.676:98065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  422.663577][   T29] audit: type=1326 audit(1732818592.676:98066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  422.707664][   T29] audit: type=1326 audit(1732818592.676:98067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  423.003811][   T29] audit: type=1326 audit(1732818592.676:98068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  423.070714][   T29] audit: type=1326 audit(1732818592.676:98069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  423.092782][   T29] audit: type=1326 audit(1732818592.676:98070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  423.115019][   T29] audit: type=1326 audit(1732818592.676:98071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  424.319298][ T5845] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  424.355470][ T5155] Bluetooth: hci5: command 0x1003 tx timeout
[  427.587196][   T29] kauditd_printk_skb: 1538 callbacks suppressed
[  427.587217][   T29] audit: type=1326 audit(1732818596.336:99610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  428.585609][   T29] audit: type=1326 audit(1732818596.336:99611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  428.619836][   T29] audit: type=1326 audit(1732818596.336:99612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  428.658963][T10332] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1231'.
[  428.767221][   T29] audit: type=1326 audit(1732818596.336:99613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  428.810380][   T29] audit: type=1326 audit(1732818596.336:99614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  428.891275][   T29] audit: type=1326 audit(1732818596.336:99615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  429.625573][   T29] audit: type=1326 audit(1732818596.336:99616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  429.763850][   T29] audit: type=1326 audit(1732818596.336:99617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  430.006059][   T29] audit: type=1326 audit(1732818596.336:99618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  430.184517][   T29] audit: type=1326 audit(1732818596.336:99619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10310 comm="syz.1.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  430.228313][T10354] 9pnet_fd: Insufficient options for proto=fd
[  431.349776][T10378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1241'.
[  431.364451][T10378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1241'.
[  431.556830][T10380] mkiss: ax0: crc mode is auto.
[  432.218810][T10404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1248'.
[  432.228164][T10404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1248'.
[  432.239020][T10404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1248'.
[  433.839136][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[  433.846153][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  433.846169][   T29] audit: type=1326 audit(1732818604.156:99645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.523750][   T25] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  434.531921][ T2147] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  434.555426][   T29] audit: type=1326 audit(1732818604.156:99646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.578487][   T29] audit: type=1326 audit(1732818604.156:99647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.600276][   T29] audit: type=1326 audit(1732818604.156:99648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.604388][T10423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1254'.
[  434.622481][   T29] audit: type=1326 audit(1732818604.156:99649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.632747][T10423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1254'.
[  434.653710][   T29] audit: type=1326 audit(1732818604.156:99650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.653753][   T29] audit: type=1326 audit(1732818604.156:99651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.653784][   T29] audit: type=1326 audit(1732818604.156:99652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.653815][   T29] audit: type=1326 audit(1732818604.156:99653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.653845][   T29] audit: type=1326 audit(1732818604.156:99654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10411 comm="syz.0.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  434.776663][ T2147] usb 2-1: device descriptor read/64, error -71
[  435.757568][   T25] usb 5-1: Using ep0 maxpacket: 32
[  436.687631][   T53] Bluetooth: hci5: command 0x1003 tx timeout
[  436.708039][ T5845] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  436.971974][ T2147] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  436.981992][   T25] usb 5-1: device descriptor read/all, error -71
[  437.673138][T10435] pim6reg: entered allmulticast mode
[  438.127867][T10437] sp0: Synchronizing with TNC
[  438.307801][T10437] random: crng reseeded on system resumption
[  438.454404][T10435] fuse: Bad value for 'fd'
[  438.609416][T10432] pim6reg: left allmulticast mode
[  438.686696][T10428] [U] è`
[  439.472868][T10450] netlink: 'syz.0.1262': attribute type 26 has an invalid length.
[  439.473258][T10452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1261'.
[  440.077262][ T5920] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  440.251420][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.257824][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  440.365376][T10466] IPVS: length: 198 != 24
[  440.448977][ T5920] usb 5-1: Using ep0 maxpacket: 32
[  440.533089][ T5920] usb 5-1: New USB device found, idVendor=06cd, idProduct=0107, bcdDevice=44.fe
[  440.602231][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.007024][ T5920] usb 5-1: config 0 descriptor??
[  441.014562][ T5920] keyspan 5-1:0.0: Keyspan 1 port adapter converter detected
[  441.036195][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 84
[  441.126321][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81
[  441.135943][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 82
[  441.153033][ T3002] Bluetooth: hci5: Frame reassembly failed (-84)
[  441.160763][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1
[  441.163432][ T2901] Bluetooth: hci5: Frame reassembly failed (-84)
[  441.168504][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2
[  441.182606][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83
[  441.190552][ T5920] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 3
[  441.206149][ T5920] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  441.214924][   T29] kauditd_printk_skb: 1360 callbacks suppressed
[  441.214941][   T29] audit: type=1326 audit(1732818612.136:101015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.242981][    C1] vkms_vblank_simulate: vblank timer overrun
[  441.305799][   T29] audit: type=1326 audit(1732818612.176:101016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.327554][    C1] vkms_vblank_simulate: vblank timer overrun
[  441.418296][   T29] audit: type=1326 audit(1732818612.176:101017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.449492][   T29] audit: type=1326 audit(1732818612.176:101018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.474665][   T29] audit: type=1326 audit(1732818612.176:101019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.663571][   T29] audit: type=1326 audit(1732818612.176:101020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.767539][   T29] audit: type=1326 audit(1732818612.176:101021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.813683][   T29] audit: type=1326 audit(1732818612.176:101022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  441.982577][   T29] audit: type=1326 audit(1732818612.176:101023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  442.209708][   T29] audit: type=1326 audit(1732818612.176:101024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10463 comm="syz.0.1266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  442.318531][T10479] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1263'.
[  442.716150][    T8] usb 5-1: USB disconnect, device number 23
[  442.961794][    T8] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  443.267266][    T8] keyspan 5-1:0.0: device disconnected
[  443.297899][ T5845] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  443.792351][T10488] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1271'.
[  445.366865][T10502] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1275'.
[  445.376658][T10502] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1275'.
[  445.451702][T10505] IPVS: length: 198 != 24
[  446.203611][T10502] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1275'.
[  446.517577][ T5920] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  446.790830][T10515] netlink: 'syz.0.1279': attribute type 1 has an invalid length.
[  446.799082][T10515] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1279'.
[  446.880053][T10519] vlan2: entered promiscuous mode
[  446.891673][T10519] team0: entered promiscuous mode
[  446.902260][T10519] team0: left promiscuous mode
[  446.926078][ T5920] usb 5-1: too many configurations: 36, using maximum allowed: 8
[  446.937655][ T5920] usb 5-1: unable to read config index 0 descriptor/start: -61
[  446.945572][ T5920] usb 5-1: can't read configurations, error -61
[  447.117549][ T5920] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  448.807527][ T5920] usb 5-1: device descriptor read/all, error -71
[  448.821035][ T5920] usb usb5-port1: attempt power cycle
[  448.837291][    T8] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  448.959383][ T2969] Bluetooth: hci5: Frame reassembly failed (-84)
[  448.966962][ T2969] Bluetooth: hci5: Frame reassembly failed (-84)
[  448.998489][    T8] usb 4-1: Using ep0 maxpacket: 8
[  449.034462][    T8] usb 4-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  449.054850][   T29] kauditd_printk_skb: 247 callbacks suppressed
[  449.054869][   T29] audit: type=1326 audit(1732818619.976:101272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.088858][    T8] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  449.104428][   T29] audit: type=1326 audit(1732818619.976:101273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.126308][   T29] audit: type=1326 audit(1732818619.976:101274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.232878][   T29] audit: type=1326 audit(1732818619.976:101275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.254913][   T29] audit: type=1326 audit(1732818619.976:101276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.277132][   T29] audit: type=1326 audit(1732818619.976:101277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.299153][   T29] audit: type=1326 audit(1732818619.976:101278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.321352][   T29] audit: type=1326 audit(1732818619.976:101279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.344292][   T29] audit: type=1326 audit(1732818619.976:101280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.373843][   T29] audit: type=1326 audit(1732818619.976:101281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10532 comm="syz.1.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  449.406477][T10545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1287'.
[  449.415504][T10545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1287'.
[  449.430018][T10545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1287'.
[  449.623382][T10549] IPVS: length: 198 != 24
[  450.464983][    T8] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  450.474244][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.482579][    T8] usb 4-1: Product: syz
[  450.486764][    T8] usb 4-1: Manufacturer: syz
[  450.491444][    T8] usb 4-1: SerialNumber: syz
[  450.847273][ T5920] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  450.889373][    T9] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  450.977670][ T5845] Bluetooth: hci5: command 0x1003 tx timeout
[  450.985385][   T53] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  451.007258][ T5920] usb 1-1: Using ep0 maxpacket: 8
[  451.015731][ T5920] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  451.024237][ T5920] usb 1-1: config 0 has no interface number 0
[  451.030653][ T5920] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  451.045742][ T5920] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  451.058351][ T5920] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  451.070512][ T5920] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  451.083687][ T5920] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  451.093604][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.105711][ T5920] usb 1-1: config 0 descriptor??
[  451.115645][    T9] usb 5-1: New USB device found, idVendor=0d81, idProduct=1910, bcdDevice=eb.c6
[  451.125565][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.134016][    T9] usb 5-1: Product: syz
[  451.143625][ T5920] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  451.154348][    T9] usb 5-1: Manufacturer: syz
[  451.159062][    T9] usb 5-1: SerialNumber: syz
[  451.318565][T10531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  451.335678][T10531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  451.376552][   T25] usb 1-1: USB disconnect, device number 24
[  451.387282][   T25] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  452.181017][    T8] cdc_ncm 4-1:1.0: bind() failure
[  452.201407][    T8] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71
[  452.241142][    T8] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71
[  452.272607][    T8] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[  452.294468][    T8] usb 4-1: USB disconnect, device number 41
[  453.599576][    T9] pwc: Visionite VCS-UM100 USB webcam detected.
[  453.606829][    T9] pwc: Failed to set LED on/off time (-71)
[  453.678530][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  453.715287][    T9] pwc: send_video_command error -71
[  453.720926][    T9] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  453.728695][    T9] Philips webcam 5-1:5.0: probe with driver Philips webcam failed with error -71
[  453.741037][    T9] usb 5-1: USB disconnect, device number 27
[  453.930897][T10584] delete_channel: no stack
[  454.077520][T10583] IPv6: sit1: Disabled Multicast RS
[  454.178833][T10589] IPVS: length: 198 != 24
[  455.214592][T10592] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  455.977506][ T2969] Bluetooth: hci5: Frame reassembly failed (-84)
[  456.022392][   T29] kauditd_printk_skb: 2509 callbacks suppressed
[  456.022410][   T29] audit: type=1326 audit(1732818626.946:103791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  456.056450][   T29] audit: type=1326 audit(1732818626.956:103792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  456.078197][    C1] vkms_vblank_simulate: vblank timer overrun
[  456.114683][   T29] audit: type=1326 audit(1732818626.956:103793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  456.205151][   T29] audit: type=1326 audit(1732818626.956:103794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  456.330006][   T29] audit: type=1326 audit(1732818626.956:103795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  457.103757][   T29] audit: type=1326 audit(1732818626.956:103796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  457.125510][    C1] vkms_vblank_simulate: vblank timer overrun
[  457.137286][   T29] audit: type=1326 audit(1732818626.956:103797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  457.140510][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  457.158945][    C1] vkms_vblank_simulate: vblank timer overrun
[  457.159145][   T29] audit: type=1326 audit(1732818626.956:103798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  457.194604][    C1] vkms_vblank_simulate: vblank timer overrun
[  457.200999][   T29] audit: type=1326 audit(1732818626.956:103799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  457.233799][   T29] audit: type=1326 audit(1732818626.956:103800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10596 comm="syz.1.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ef80809 code=0x50000
[  457.246900][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  457.271772][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  457.280036][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  457.293241][ T5155] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  457.301309][T10612] FAULT_INJECTION: forcing a failure.
[  457.301309][T10612] name failslab, interval 1, probability 0, space 0, times 0
[  457.312267][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  457.324809][T10612] CPU: 1 UID: 0 PID: 10612 Comm: syz.0.1306 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  457.335241][T10612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  457.345294][T10612] Call Trace:
[  457.348567][T10612]  <TASK>
[  457.351495][T10612]  dump_stack_lvl+0x241/0x360
[  457.356179][T10612]  ? __pfx_dump_stack_lvl+0x10/0x10
[  457.361455][T10612]  ? __pfx__printk+0x10/0x10
[  457.366048][T10612]  ? kmem_cache_alloc_noprof+0x48/0x380
[  457.371691][T10612]  ? __pfx___might_resched+0x10/0x10
[  457.377205][T10612]  should_fail_ex+0x3b0/0x4e0
[  457.385508][T10612]  should_failslab+0xac/0x100
[  457.390327][T10612]  ? skb_clone+0x20c/0x390
[  457.394854][T10612]  kmem_cache_alloc_noprof+0x70/0x380
[  457.400536][T10612]  skb_clone+0x20c/0x390
[  457.404805][T10612]  dccp_connect+0x4ef/0x890
[  457.409383][T10612]  dccp_v4_connect+0xbc9/0x1380
[  457.414625][T10612]  __inet_stream_connect+0x262/0xf30
[  457.419964][T10612]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  457.426326][T10612]  ? __local_bh_enable_ip+0x168/0x200
[  457.431722][T10612]  ? lockdep_hardirqs_on+0x99/0x150
[  457.437124][T10612]  ? __pfx___inet_stream_connect+0x10/0x10
[  457.442961][T10612]  ? __local_bh_enable_ip+0x168/0x200
[  457.448540][T10612]  ? inet_stream_connect+0x50/0xa0
[  457.453677][T10612]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  457.459615][T10612]  inet_stream_connect+0x65/0xa0
[  457.464664][T10612]  __sys_connect+0x288/0x2d0
[  457.469283][T10612]  ? __fget_files+0x2a/0x410
[  457.474070][T10612]  ? __pfx___sys_connect+0x10/0x10
[  457.479220][T10612]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  457.485754][T10612]  ? do_syscall_64+0x100/0x230
[  457.490559][T10612]  __x64_sys_connect+0x7a/0x90
[  457.495446][T10612]  do_syscall_64+0xf3/0x230
[  457.500363][T10612]  ? clear_bhb_loop+0x35/0x90
[  457.505066][T10612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.511078][T10612] RIP: 0033:0x7fcbe8980809
[  457.515714][T10612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.535870][T10612] RSP: 002b:00007fcbe9804058 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  457.544492][T10612] RAX: ffffffffffffffda RBX: 00007fcbe8b45fa0 RCX: 00007fcbe8980809
[  457.552933][T10612] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003
[  457.561109][T10612] RBP: 00007fcbe98040a0 R08: 0000000000000000 R09: 0000000000000000
[  457.569117][T10612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  457.577123][T10612] R13: 0000000000000000 R14: 00007fcbe8b45fa0 R15: 00007ffc07c88488
[  457.585239][T10612]  </TASK>
[  457.588367][    C1] vkms_vblank_simulate: vblank timer overrun
[  458.019533][ T5845] Bluetooth: hci5: command 0x1003 tx timeout
[  458.029590][   T53] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  458.156872][   T81] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.326249][   T81] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.561621][   T81] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.631208][T10609] chnl_net:caif_netlink_parms(): no params data found
[  458.741671][   T81] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.877259][   T25] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  459.037334][   T25] usb 1-1: Using ep0 maxpacket: 8
[  459.052774][   T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  459.073029][T10609] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.080595][   T25] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  459.104436][T10609] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.110138][   T25] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  459.121963][T10609] bridge_slave_0: entered allmulticast mode
[  459.129768][T10609] bridge_slave_0: entered promiscuous mode
[  459.146795][   T25] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  459.157236][T10609] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.170623][T10609] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.219441][T10642] IPVS: length: 198 != 24
[  459.304864][T10609] bridge_slave_1: entered allmulticast mode
[  459.439295][T10609] bridge_slave_1: entered promiscuous mode
[  459.541788][   T53] Bluetooth: hci1: command tx timeout
[  459.752251][   T25] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  459.767286][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.932451][T10609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  459.945100][T10609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  460.029745][   T25] usb 1-1: GET_CAPABILITIES returned 0
[  460.036304][   T25] usbtmc 1-1:16.0: can't read capabilities
[  460.535811][   T25] usb 1-1: USB disconnect, device number 25
[  460.658596][T10609] team0: Port device team_slave_0 added
[  460.703872][T10609] team0: Port device team_slave_1 added
[  460.787258][T10652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1315'.
[  460.806796][T10652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1315'.
[  460.824045][   T81] bridge_slave_1: left allmulticast mode
[  460.835761][   T81] bridge_slave_1: left promiscuous mode
[  460.849524][T10652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1315'.
[  460.874557][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  460.909734][   T81] bridge_slave_0: left allmulticast mode
[  460.916816][   T81] bridge_slave_0: left promiscuous mode
[  460.922764][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.635498][   T53] Bluetooth: hci1: command tx timeout
[  462.242312][ T5920] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  462.325737][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  462.447609][ T5920] usb 1-1: Using ep0 maxpacket: 16
[  462.498726][ T5920] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  462.569372][ T5920] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  462.623812][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  462.673309][ T5920] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  462.776655][ T5920] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  462.857499][   T81] bond0 (unregistering): Released all slaves
[  462.881110][ T5920] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  462.898581][T10609] batman_adv: batadv0: Adding interface: batadv_slave_0
[  462.905824][ T5920] usb 1-1: config 0 has no interface number 0
[  462.905868][ T5920] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  462.912565][T10609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.933488][ T5920] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  462.965883][ T5920] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  462.976536][ T5920] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  462.991836][ T5920] usb 1-1: config 0 interface 125 has no altsetting 0
[  462.997071][T10609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  462.999175][ T5920] usb 1-1: config 0 interface 125 has no altsetting 2
[  463.031897][ T5920] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  463.041944][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.058034][ T5920] usb 1-1: Product: syz
[  463.062635][ T5920] usb 1-1: Manufacturer: syz
[  463.067557][T10609] batman_adv: batadv0: Adding interface: batadv_slave_1
[  463.074643][T10609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  463.101319][ T5920] usb 1-1: SerialNumber: syz
[  463.119594][ T5920] usb 1-1: config 0 descriptor??
[  463.130356][T10609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  463.131820][ T5920] usb 1-1: selecting invalid altsetting 2
[  463.303587][T10675] tmpfs: Unknown parameter 'inode3¶2'
[  463.404485][T10609] hsr_slave_0: entered promiscuous mode
[  463.426109][T10609] hsr_slave_1: entered promiscuous mode
[  463.444782][T10609] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  463.480953][T10609] Cannot create hsr debugfs directory
[  463.680065][   T81] hsr_slave_0: left promiscuous mode
[  463.695685][   T81] hsr_slave_1: left promiscuous mode
[  463.709050][   T53] Bluetooth: hci1: command tx timeout
[  463.719320][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  463.730774][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  463.741903][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  463.753166][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  463.805375][   T81] veth1_macvtap: left promiscuous mode
[  463.811187][   T81] veth0_macvtap: left promiscuous mode
[  463.817948][   T81] veth1_vlan: left promiscuous mode
[  463.827361][   T81] veth0_vlan: left promiscuous mode
[  464.179418][ T5920] get_1284_register timeout
[  464.196254][    C0] usb 1-1: async_complete: urb error -71
[  464.202063][    C0] usb 1-1: async_complete: urb error -71
[  464.207766][    C0] usb 1-1: async_complete: urb error -71
[  464.214516][ T5920] uss720 1-1:0.125: probe with driver uss720 failed with error -5
[  464.233969][ T5920] usb 1-1: USB disconnect, device number 26
[  465.814197][T10699] tty tty4: ldisc open failed (-12), clearing slot 3
[  465.928582][   T53] Bluetooth: hci1: command tx timeout
[  466.215885][   T11] tipc: Subscription rejected, illegal request
[  466.664645][   T81] team0 (unregistering): Port device team_slave_1 removed
[  467.236314][   T81] team0 (unregistering): Port device team_slave_0 removed
[  467.520691][T10720] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  467.528937][T10720] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  467.542497][T10724] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  467.558925][T10720] vhci_hcd vhci_hcd.0: Device attached
[  467.591091][T10720] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  467.606351][T10720] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  467.619094][T10720] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  467.632970][T10720] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  467.661951][T10720] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  467.694760][T10720] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(24)
[  467.702816][T10720] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  467.731442][T10720] vhci_hcd vhci_hcd.0: Device attached
[  467.739644][ T2147] vhci_hcd: vhci_device speed not set
[  467.754805][T10725] vhci_hcd: connection closed
[  467.758775][T10722] vhci_hcd: connection closed
[  467.779148][ T2933] vhci_hcd: stop threads
[  467.807958][ T2147] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  467.815834][ T2933] vhci_hcd: release socket
[  467.843431][T10723] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  467.854873][ T2933] vhci_hcd: disconnect device
[  467.862865][ T2933] vhci_hcd: stop threads
[  467.868734][ T2933] vhci_hcd: release socket
[  467.875516][ T2933] vhci_hcd: disconnect device
[  468.702114][T10737] netlink: 'syz.0.1338': attribute type 1 has an invalid length.
[  468.709580][T10609] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  468.710358][T10737] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1338'.
[  468.755304][T10609] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  468.768712][T10609] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  468.817396][T10609] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  468.867276][T10739] bond_slave_0: entered promiscuous mode
[  468.873696][T10739] bond_slave_1: entered promiscuous mode
[  468.887206][T10739] vlan2: entered promiscuous mode
[  468.893527][T10739] bond0: entered promiscuous mode
[  468.927285][T10739] bond0: left promiscuous mode
[  468.935040][T10739] bond_slave_0: left promiscuous mode
[  468.941833][T10739] bond_slave_1: left promiscuous mode
[  469.043989][T10742] veth1_to_team: entered promiscuous mode
[  469.054056][T10742] binder: binder_mmap: 10741 20ffd000-21000000 bad vm_flags failed -1
[  469.315255][   T81] IPVS: stop unused estimator thread 0...
[  469.426648][T10609] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.459863][T10609] 8021q: adding VLAN 0 to HW filter on device team0
[  469.487965][ T2969] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.488896][   T29] kauditd_printk_skb: 2388 callbacks suppressed
[  469.488912][   T29] audit: type=1326 audit(1732818640.416:106189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10758 comm="syz.0.1343" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x0
[  469.495732][ T2969] bridge0: port 1(bridge_slave_0) entered forwarding state
[  469.554135][   T81] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.562401][   T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.580400][T10762] usb usb9: usbfs: process 10762 (syz.0.1343) did not claim interface 0 before use
[  469.796791][T10741] veth1_to_team: left promiscuous mode
[  469.893554][T10772] netlink: 'syz.4.1347': attribute type 3 has an invalid length.
[  469.931348][T10609] 8021q: adding VLAN 0 to HW filter on device batadv0
[  470.140368][T10779] vlan2: entered promiscuous mode
[  470.148433][T10779] team0: entered promiscuous mode
[  470.154561][T10779] team_slave_0: entered promiscuous mode
[  470.162074][T10779] team_slave_1: entered promiscuous mode
[  470.172050][T10779] team0: left promiscuous mode
[  470.181038][T10779] team_slave_0: left promiscuous mode
[  470.187973][T10779] team_slave_1: left promiscuous mode
[  470.445766][T10788] vlan2: entered promiscuous mode
[  470.457628][T10788] team0: entered promiscuous mode
[  470.610815][T10788] team0: left promiscuous mode
[  471.386118][T10609] veth0_vlan: entered promiscuous mode
[  471.446229][T10609] veth1_vlan: entered promiscuous mode
[  471.534268][T10609] veth0_macvtap: entered promiscuous mode
[  471.719264][T10813] netlink: 'syz.3.1360': attribute type 2 has an invalid length.
[  471.734267][T10609] veth1_macvtap: entered promiscuous mode
[  471.865077][T10609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  471.877484][T10609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.907683][T10609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  471.972726][T10609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.091411][T10609] batman_adv: batadv0: Interface activated: batadv_slave_0
[  472.227966][T10609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  472.296140][T10609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.364167][T10609] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  472.455811][T10609] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  472.520256][T10609] batman_adv: batadv0: Interface activated: batadv_slave_1
[  472.593727][T10609] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  472.652356][T10609] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  472.707277][T10609] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  472.745958][T10609] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  472.972997][   T53] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  472.986637][   T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/u9:0 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  473.000749][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  473.012326][   T53] Workqueue: hci4 hci_rx_work
[  473.017321][   T53] Call Trace:
[  473.021194][   T53]  <TASK>
[  473.024439][   T53]  dump_stack_lvl+0x241/0x360
[  473.030173][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  473.038158][   T53]  ? __pfx__printk+0x10/0x10
[  473.043168][   T53]  ? __kmalloc_cache_noprof+0x243/0x390
[  473.052004][   T53]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  473.058488][   T53]  sysfs_create_dir_ns+0x2ce/0x3a0
[  473.064374][   T53]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  473.071121][   T53]  kobject_add_internal+0x435/0x8d0
[  473.076929][   T53]  kobject_add+0x152/0x220
[  473.082124][   T53]  ? do_raw_spin_unlock+0x13c/0x8b0
[  473.087839][   T53]  ? device_add+0x3e7/0xbf0
[  473.093492][   T53]  ? __pfx_kobject_add+0x10/0x10
[  473.099200][   T53]  ? _raw_spin_unlock+0x28/0x50
[  473.104895][   T53]  ? get_device_parent+0x165/0x410
[  473.110495][   T53]  device_add+0x4e5/0xbf0
[  473.115500][   T53]  hci_conn_add_sysfs+0xe8/0x200
[  473.120962][   T53]  le_conn_complete_evt+0xc9f/0x12e0
[  473.127347][   T53]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  473.134073][   T53]  ? __mutex_unlock_slowpath+0x21e/0x790
[  473.140621][   T53]  ? __pfx___mutex_lock+0x10/0x10
[  473.147269][   T53]  ? skb_pull_data+0x112/0x230
[  473.152187][   T53]  hci_le_conn_complete_evt+0x18c/0x420
[  473.158635][   T53]  hci_event_packet+0xa55/0x1540
[  473.166328][   T53]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  473.173314][   T53]  ? __pfx_hci_event_packet+0x10/0x10
[  473.179588][   T53]  ? do_raw_spin_unlock+0x13c/0x8b0
[  473.186412][   T53]  ? hci_send_to_monitor+0xd8/0x7f0
[  473.194630][   T53]  ? kcov_remote_start+0x97/0x7d0
[  473.200830][   T53]  hci_rx_work+0x3f3/0xdb0
[  473.206522][   T53]  ? process_scheduled_works+0x976/0x1850
[  473.214822][   T53]  process_scheduled_works+0xa63/0x1850
[  473.222333][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  473.229551][   T53]  ? assign_work+0x364/0x3d0
[  473.236267][   T53]  worker_thread+0x870/0xd30
[  473.242006][   T53]  ? __kthread_parkme+0x169/0x1d0
[  473.247849][   T53]  ? __pfx_worker_thread+0x10/0x10
[  473.253767][   T53]  kthread+0x2f0/0x390
[  473.259906][   T53]  ? __pfx_worker_thread+0x10/0x10
[  473.265938][   T53]  ? __pfx_kthread+0x10/0x10
[  473.271281][   T53]  ret_from_fork+0x4b/0x80
[  473.275974][   T53]  ? __pfx_kthread+0x10/0x10
[  473.281109][   T53]  ret_from_fork_asm+0x1a/0x30
[  473.287497][   T53]  </TASK>
[  473.291175][    C1] vkms_vblank_simulate: vblank timer overrun
[  473.300371][ T2147] vhci_hcd: vhci_device speed not set
[  473.313686][   T53] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  473.331104][   T53] Bluetooth: hci4: failed to register connection device
[  473.387155][   T53] Bluetooth: hci4: unexpected event for opcode 0x080f
[  473.803126][ T2901] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.842553][ T2901] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  473.890353][ T2933] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.906893][ T2933] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.109953][   T25] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  474.963341][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1299'.
[  474.980033][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1299'.
[  474.992800][ T5852] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  475.013305][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1299'.
[  475.077421][   T25] usb 4-1: Using ep0 maxpacket: 8
[  475.087947][   T25] usb 4-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  475.106936][   T25] usb 4-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  475.186779][ T5852] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  475.199869][ T5852] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.216954][   T25] usb 4-1: config 6 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 97, changing to 7
[  475.248982][ T5852] usb 1-1: Product: syz
[  475.266069][ T5852] usb 1-1: Manufacturer: syz
[  475.272240][   T25] usb 4-1: config 6 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24929, setting to 1024
[  475.286333][ T5852] usb 1-1: SerialNumber: syz
[  475.321898][ T5852] usb 1-1: config 0 descriptor??
[  475.374639][   T25] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  475.480447][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.606992][   T25] usb 4-1: Product: syz
[  475.638227][   T25] usb 4-1: Manufacturer: syz
[  475.644122][   T25] usb 4-1: SerialNumber: syz
[  475.699597][ T5852] usb 1-1: USB disconnect, device number 27
[  475.782760][   T25] hso 4-1:6.0: Can't find BULK IN endpoint
[  476.717458][ T5852] usb 4-1: USB disconnect, device number 42
[  477.462158][   T53] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  477.475069][   T53] Bluetooth: hci4: Injecting HCI hardware error event
[  477.488449][   T53] Bluetooth: hci4: hardware error 0x00
[  477.696239][T10882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1382'.
[  477.706280][T10882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1382'.
[  477.716396][T10882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1382'.
[  479.101715][   T81] Bluetooth: hci5: Frame reassembly failed (-84)
[  479.987988][   T53] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  479.991232][   T29] audit: type=1326 audit(1732818649.716:106190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.096458][   T29] audit: type=1326 audit(1732818649.716:106191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.247547][   T29] audit: type=1326 audit(1732818649.716:106192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.431742][   T29] audit: type=1326 audit(1732818649.716:106193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.459633][    C1] vkms_vblank_simulate: vblank timer overrun
[  480.613217][   T29] audit: type=1326 audit(1732818649.716:106194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.658210][   T29] audit: type=1326 audit(1732818649.716:106195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.688755][   T29] audit: type=1326 audit(1732818649.716:106196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.712604][    C1] vkms_vblank_simulate: vblank timer overrun
[  480.726636][   T29] audit: type=1326 audit(1732818649.716:106197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.761870][   T29] audit: type=1326 audit(1732818649.716:106198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.790362][   T29] audit: type=1326 audit(1732818649.716:106199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10875 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbe8980809 code=0x50000
[  480.897861][ T5845] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  480.898239][   T53] Bluetooth: hci5: command 0x1003 tx timeout
[  481.290781][T10918] netlink: 'syz.3.1390': attribute type 2 has an invalid length.
[  481.386199][T10920] sit0: entered promiscuous mode
[  481.409780][T10920] netlink: 'syz.0.1391': attribute type 1 has an invalid length.
[  481.427550][T10920] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1391'.
[  481.685341][T10925] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1393'.
[  481.696090][T10925] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1393'.
[  481.706141][T10925] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1393'.
[  481.816230][T10928] IPVS: length: 198 != 24
[  484.672578][T10964] VFS: could not find a valid V7 on nullb0.
[  484.927472][ T5889] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  485.133743][ T5889] usb 7-1: unable to get BOS descriptor or descriptor too short
[  485.171843][ T5889] usb 7-1: config 1 interface 0 altsetting 9 bulk endpoint 0x82 has invalid maxpacket 1023
[  485.207916][ T5889] usb 7-1: config 1 interface 0 has no altsetting 0
[  485.247621][ T5889] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  485.272606][ T5889] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.327189][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  590.335789][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P10962/3:b..l
[  590.345453][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=36569, q=213 ncpus=2)
[  590.354431][    C0] task:syz.4.1402      state:R  running task     stack:23568 pid:10962 tgid:10959 ppid:5854   flags:0x00004002
[  590.369015][    C0] Call Trace:
[  590.372585][    C0]  <TASK>
[  590.376096][    C0]  __schedule+0x17fb/0x4be0
[  590.380976][    C0]  ? mark_lock+0x9a/0x360
[  590.386050][    C0]  ? __pfx___schedule+0x10/0x10
[  590.391437][    C0]  ? preempt_schedule+0xe1/0xf0
[  590.396696][    C0]  preempt_schedule_common+0x84/0xd0
[  590.402419][    C0]  preempt_schedule+0xe1/0xf0
[  590.407327][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  590.415406][    C0]  preempt_schedule_thunk+0x1a/0x30
[  590.422243][    C0]  _raw_spin_unlock+0x3e/0x50
[  590.427178][    C0]  filemap_map_pages+0x1759/0x20d0
[  590.433051][    C0]  ? filemap_map_pages+0x243/0x20d0
[  590.438906][    C0]  ? __pfx_filemap_map_pages+0x10/0x10
[  590.444973][    C0]  ? handle_pte_fault+0x36f/0x68a0
[  590.450577][    C0]  ? __pfx_lock_release+0x10/0x10
[  590.456457][    C0]  ? handle_pte_fault+0x21c3/0x68a0
[  590.462237][    C0]  ? __pfx_filemap_map_pages+0x10/0x10
[  590.467923][    C0]  handle_pte_fault+0x31d6/0x68a0
[  590.474109][    C0]  ? mark_lock+0x9a/0x360
[  590.479363][    C0]  ? mark_lock+0x9a/0x360
[  590.483810][    C0]  ? __pfx_handle_pte_fault+0x10/0x10
[  590.489720][    C0]  ? __lock_acquire+0x1397/0x2100
[  590.495348][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  590.500765][    C0]  ? count_memcg_event_mm+0x3c2/0x420
[  590.506424][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  590.512008][    C0]  handle_mm_fault+0x1053/0x1ad0
[  590.517903][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[  590.523471][    C0]  ? follow_page_pte+0x9ad/0x1db0
[  590.528822][    C0]  ? __get_user_pages+0x1c2d/0x49e0
[  590.534668][    C0]  ? __get_user_pages+0x47d/0x49e0
[  590.540338][    C0]  ? __get_user_pages+0x48b/0x49e0
[  590.545761][    C0]  __get_user_pages+0x1c82/0x49e0
[  590.551325][    C0]  ? __pfx___get_user_pages+0x10/0x10
[  590.557054][    C0]  ? __pfx_mt_find+0x10/0x10
[  590.562150][    C0]  populate_vma_page_range+0x264/0x330
[  590.568124][    C0]  ? __pfx_populate_vma_page_range+0x10/0x10
[  590.574517][    C0]  ? userfaultfd_unmap_complete+0x30c/0x360
[  590.580825][    C0]  ? do_mmap+0x958/0x1000
[  590.585398][    C0]  __mm_populate+0x27a/0x460
[  590.590302][    C0]  ? __pfx___mm_populate+0x10/0x10
[  590.595562][    C0]  vm_mmap_pgoff+0x2c3/0x3d0
[  590.600569][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  590.606135][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  590.612726][    C0]  ? do_syscall_64+0x100/0x230
[  590.618768][    C0]  ? ksys_mmap_pgoff+0xdf/0x720
[  590.623745][    C0]  ? __x64_sys_mmap+0x7f/0x140
[  590.630187][    C0]  do_syscall_64+0xf3/0x230
[  590.635603][    C0]  ? clear_bhb_loop+0x35/0x90
[  590.640751][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.647408][    C0] RIP: 0033:0x7fcb27380809
[  590.652525][    C0] RSP: 002b:00007fcb2814b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  590.662143][    C0] RAX: ffffffffffffffda RBX: 00007fcb27545fa0 RCX: 00007fcb27380809
[  590.672254][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  590.681517][    C0] RBP: 00007fcb273f393e R08: ffffffffffffffff R09: 0000000000000000
[  590.691726][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  590.701139][    C0] R13: 0000000000000000 R14: 00007fcb27545fa0 R15: 00007ffd4e35b888
[  590.709543][    C0]  </TASK>
[  590.713243][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10499 jiffies! g36569 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  590.727170][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=28600
[  590.736738][    C0] rcu: rcu_preempt kthread starved for 10500 jiffies! g36569 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  590.751208][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  590.763215][    C0] rcu: RCU grace-period kthread stack dump:
[  590.769378][    C0] task:rcu_preempt     state:I stack:25976 pid:17    tgid:17    ppid:2      flags:0x00004000
[  590.780913][    C0] Call Trace:
[  590.784474][    C0]  <TASK>
[  590.787874][    C0]  __schedule+0x17fb/0x4be0
[  590.792958][    C0]  ? __pfx___schedule+0x10/0x10
[  590.798483][    C0]  ? __pfx_lock_release+0x10/0x10
[  590.803875][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  590.811043][    C0]  ? schedule+0x90/0x320
[  590.815690][    C0]  schedule+0x14b/0x320
[  590.820227][    C0]  schedule_timeout+0x15a/0x290
[  590.825347][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  590.830860][    C0]  ? __pfx_process_timeout+0x10/0x10
[  590.836464][    C0]  ? prepare_to_swait_event+0x330/0x350
[  590.842138][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  590.847474][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  590.854299][    C0]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[  590.860936][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  590.866867][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  590.872910][    C0]  ? finish_swait+0xd4/0x1e0
[  590.878645][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  590.883902][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  590.890107][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  590.897099][    C0]  ? __kthread_parkme+0x169/0x1d0
[  590.903212][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  590.909059][    C0]  kthread+0x2f0/0x390
[  590.914149][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  590.920465][    C0]  ? __pfx_kthread+0x10/0x10
[  590.925269][    C0]  ret_from_fork+0x4b/0x80
[  590.929934][    C0]  ? __pfx_kthread+0x10/0x10
[  590.935255][    C0]  ret_from_fork_asm+0x1a/0x30
[  590.941094][    C0]  </TASK>
[  590.944557][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  590.952529][    C0] Sending NMI from CPU 0 to CPUs 1:
[  590.958667][    C1] NMI backtrace for cpu 1
[  590.958689][    C1] CPU: 1 UID: 0 PID: 10972 Comm: syz.0.1405 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  590.958709][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  590.958718][    C1] RIP: 0010:lock_acquire+0x251/0x550
[  590.958742][    C1] Code: 8c 00 48 c7 44 24 60 00 00 00 00 9c 8f 44 24 60 42 80 3c 2b 00 74 08 4c 89 f7 e8 1a 84 8c 00 f6 44 24 61 02 0f 85 85 01 00 00 <41> f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 4b c7 44
[  590.958756][    C1] RSP: 0018:ffffc90000a18a20 EFLAGS: 00000046
[  590.958771][    C1] RAX: 0000000000000001 RBX: 1ffff92000143150 RCX: ffff88804eec46d8
[  590.958783][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aeb60 RDI: ffffffff8c6083a0
[  590.958796][    C1] RBP: ffffc90000a18b68 R08: ffffffff942f0887 R09: 1ffffffff285e110
[  590.958807][    C1] R10: dffffc0000000000 R11: fffffbfff285e111 R12: 1ffff9200014314c
[  590.958820][    C1] R13: dffffc0000000000 R14: ffffc90000a18a80 R15: 0000000000000046
[  590.958831][    C1] FS:  00007fcbe97c26c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  590.958847][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  590.958858][    C1] CR2: 00007fcbe97c1fb8 CR3: 000000007d0a2000 CR4: 00000000003526f0
[  590.958878][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  590.958888][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  590.958899][    C1] Call Trace:
[  590.958907][    C1]  <NMI>
[  590.958915][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  590.958950][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  590.958968][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  590.958984][    C1]  ? nmi_handle+0x2a/0x5a0
[  590.959008][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  590.959028][    C1]  ? nmi_handle+0x14f/0x5a0
[  590.959044][    C1]  ? nmi_handle+0x2a/0x5a0
[  590.959060][    C1]  ? lock_acquire+0x251/0x550
[  590.959075][    C1]  ? default_do_nmi+0x63/0x160
[  590.959093][    C1]  ? exc_nmi+0x123/0x1f0
[  590.959110][    C1]  ? end_repeat_nmi+0xf/0x53
[  590.959206][    C1]  ? lock_acquire+0x251/0x550
[  590.959224][    C1]  ? lock_acquire+0x251/0x550
[  590.959241][    C1]  ? lock_acquire+0x251/0x550
[  590.959256][    C1]  </NMI>
[  590.959262][    C1]  <IRQ>
[  590.959271][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  590.959290][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  590.959312][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  590.959336][    C1]  _raw_spin_lock_irqsave+0xd5/0x120
[  590.959356][    C1]  ? debug_object_deactivate+0x158/0x390
[  590.959379][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  590.959404][    C1]  debug_object_deactivate+0x158/0x390
[  590.959427][    C1]  ? __pfx_debug_object_deactivate+0x10/0x10
[  590.959450][    C1]  ? timerqueue_add+0x260/0x290
[  590.959466][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  590.959490][    C1]  debug_deactivate+0x1b/0x220
[  590.959509][    C1]  __hrtimer_run_queues+0x305/0xd50
[  590.959538][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  590.959558][    C1]  ? read_tsc+0x9/0x20
[  590.959577][    C1]  ? ktime_get_update_offsets_now+0x393/0x3b0
[  590.959597][    C1]  hrtimer_interrupt+0x403/0xa40
[  590.959628][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[  590.959648][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  590.959670][    C1]  </IRQ>
[  590.959676][    C1]  <TASK>
[  590.959682][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  590.959702][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  590.959725][    C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 2e 5d 29 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> e3 af 8f f5 65 8b 05 74 91 2f 74 85 c0 74 43 48 c7 04 24 0e 36
[  590.959740][    C1] RSP: 0018:ffffc90003b8f920 EFLAGS: 00000206
[  590.959757][    C1] RAX: 6eda0829f4e5d000 RBX: 1ffff92000771f28 RCX: ffffffff817192da
[  590.959770][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0ad980 RDI: 0000000000000001
[  590.959782][    C1] RBP: ffffc90003b8f9b0 R08: ffffffff942f0887 R09: 1ffffffff285e110
[  590.959794][    C1] R10: dffffc0000000000 R11: fffffbfff285e111 R12: dffffc0000000000
[  590.959806][    C1] R13: 1ffff92000771f24 R14: ffffc90003b8f940 R15: 0000000000000246
[  590.959823][    C1]  ? mark_lock+0x9a/0x360
[  590.959844][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  590.959866][    C1]  ? read_tsc+0x9/0x20
[  590.960005][    C1]  clock_was_set+0x686/0x810
[  590.960028][    C1]  ? __pfx_clock_was_set+0x10/0x10
[  590.960046][    C1]  ? timekeeping_inject_offset+0x3b7/0x520
[  590.960062][    C1]  ? timekeeping_update_from_shadow+0x308/0x3b0
[  590.960079][    C1]  timekeeping_inject_offset+0x3d2/0x520
[  590.960147][    C1]  ? __pfx_timekeeping_inject_offset+0x10/0x10
[  590.960163][    C1]  ? __pfx_add_device_randomness+0x10/0x10
[  590.960181][    C1]  ? bpf_lsm_capable+0x9/0x10
[  590.960199][    C1]  do_adjtimex+0x5b1/0xb10
[  590.960218][    C1]  ? __pfx_do_adjtimex+0x10/0x10
[  590.960234][    C1]  ? __pfx___might_resched+0x10/0x10
[  590.960254][    C1]  ? __might_fault+0xaa/0x120
[  590.960273][    C1]  ? __pfx_lock_release+0x10/0x10
[  590.960294][    C1]  ? __might_fault+0xc6/0x120
[  590.960314][    C1]  __x64_sys_clock_adjtime+0x1e1/0x290
[  590.960331][    C1]  ? __pfx___x64_sys_clock_adjtime+0x10/0x10
[  590.960358][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  590.960375][    C1]  ? exc_page_fault+0x590/0x8c0
[  590.960397][    C1]  ? do_syscall_64+0xb6/0x230
[  590.960415][    C1]  do_syscall_64+0xf3/0x230
[  590.960431][    C1]  ? clear_bhb_loop+0x35/0x90
[  590.960450][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.960467][    C1] RIP: 0033:0x7fcbe8980809
[  590.960484][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  590.960499][    C1] RSP: 002b:00007fcbe97c2058 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  590.960532][    C1] RAX: ffffffffffffffda RBX: 00007fcbe8b46160 RCX: 00007fcbe8980809
[  590.960546][    C1] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000000
[  590.960557][    C1] RBP: 00007fcbe89f393e R08: 0000000000000000 R09: 0000000000000000
[  590.960568][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  590.960579][    C1] R13: 0000000000000001 R14: 00007fcbe8b46160 R15: 00007ffc07c88488
[  590.960597][    C1]  </TASK>