last executing test programs:

23.870872988s ago: executing program 2 (id=961):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'tunl0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x13, 0x4, 0x0, 0x0, 0x4c, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp_prespec={0x44, 0x2c, 0xbd, 0x3, 0x1, [{@private=0xa010100}, {@remote}, {@broadcast}, {@empty, 0x3}, {@private=0xa010180, 0xa}]}, @noop, @noop, @rr={0x7, 0x7, 0x1, [@remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000190c0)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
socket(0x10, 0x3, 0x0) (async)
r8 = socket(0x10, 0x3, 0x0)
get_robust_list(r3, &(0x7f00000003c0)=&(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)}}, &(0x7f0000000400)=0x18)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010c00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000dc5624a0f600140012800a00010069706f69620000006d79022fe994ac37b8f13b520e62f4fab8f25a51bcd7e6d7b526940b29fa6a044df987a5755e2e926bc8ff7322cf0d6b34895d2cd9cb4bf4c55c748a0fd5c8c1a434a961f027a0c7ffecb620de9137534e05f468f9b276", @ANYRES32=r7, @ANYBLOB], 0x3c}}, 0x0) (async)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010c00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000dc5624a0f600140012800a00010069706f69620000006d79022fe994ac37b8f13b520e62f4fab8f25a51bcd7e6d7b526940b29fa6a044df987a5755e2e926bc8ff7322cf0d6b34895d2cd9cb4bf4c55c748a0fd5c8c1a434a961f027a0c7ffecb620de9137534e05f468f9b276", @ANYRES32=r7, @ANYBLOB], 0x3c}}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140)) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r6, &(0x7f0000004340)={0x0, 0x0, 0x0}, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) (async)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
dup(r1) (async)
r9 = dup(r1)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

21.073628399s ago: executing program 2 (id=975):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x30, 0x0, 0x800, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x57}, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x81, 0x62}}}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
clock_gettime(0x1, &(0x7f00000000c0)={<r5=>0x0, <r6=>0x0})
clock_gettime(0x0, &(0x7f0000000280)={<r7=>0x0, <r8=>0x0})
setitimer(0x2, &(0x7f0000000340)={{r5, r6/1000+60000}, {r7, r8/1000+10000}}, &(0x7f0000000380))
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r3, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaa"], 0x0)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r10 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r12, &(0x7f0000000000), 0x400000000000041, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
recvmmsg(r11, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r13 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r13, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203f3021600000000000000000000080200090008000000e9000000000000000300060000000000020000000000000000000000000000000200010000000000000003fdff000020030005000000000002000000ac1414aa00000000000000000a00080008"], 0xb0}, 0x1, 0x7}, 0x0)
getsockopt$inet6_mptcp_buf(r9, 0x11c, 0x3, &(0x7f0000000000)=""/152, &(0x7f0000000140)=0x8882d63d64a56960)

19.912000766s ago: executing program 2 (id=977):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000001c0)='wg2\x00', 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x4a9a, 0x4)
sendmmsg$inet(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000bc0)="23004e4ee760d48ddc6b7a1ebfc6e0276028840fb20d5233e81c802684e8ac1dc195296ffaaeace75a07a653ee918f67beb970cd36769470f7acb5cd5becfa3839cec05a81f9488931e0a9ba9a246f45fee8b5240bd1e078539b56973bfbbee5a100668daf66ef25121ca65db1d172a489e35e43f2ced9183d48b5850b9e1de2c492604f7b27f030d82cf14d7bcbe35579bfbfbcccc3dceb90", 0x99}, {&(0x7f00000003c0)="5da06493186e6d6ba685848f5ddf2c9113a8044e6bab0fc9e5ed5b04a67e4fa294030e8abbed516947557c7843bb1d909eee1d979bf39d2d537e95fa468fedac1f5b995d", 0x44}], 0x2, 0x0, 0x0, 0xe0ffffff}}], 0x1, 0x0)

18.74567842s ago: executing program 2 (id=981):
r0 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000000)=0xed, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x80, &(0x7f00000003c0)={0xa, 0x4e21, 0x1, @remote, 0x7}, 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000040)={'wg1\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x336, '\x00', r5, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x9, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xc0ff}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xb, 0x8, 0x9}, {0x4, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r6}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0x7, 0x8}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = syz_pidfd_open(r0, 0x0)
setns(r8, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8800, &(0x7f0000001dc0)={0xf, 0x84, 0x40000}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_int(r9, &(0x7f00000001c0)='cpuset.mem_hardwall\x00', 0x2, 0x0)
r11 = openat$cgroup_procs(r9, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0)
sendfile(r11, r10, 0x0, 0xc)

17.687227997s ago: executing program 2 (id=987):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3593], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001970000ff7f0000000b800000", @ANYBLOB, @ANYRES32=r1], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000018c0)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r2 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)

17.394547332s ago: executing program 2 (id=991):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="6c030000", @ANYRES16=r2, @ANYBLOB="05002abd7000fddbdf2501000000060006004e24000040030880bc00008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240001000000000000000000000000000000000000000000000000000000000000000000200004000f58da9e40047cf0ff01000000000000000000000000000102000000240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c08000300070000003402008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0c02098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff050003000100000064000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200e00000020500030002000000060001000a00000014000200000000000000000000000000000000010500030002000000dc000080060001000a0000001400020000000000000000000000ffffac1414aa05000300030000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000a00000014000200fe8800000000000000000000000000010500030001000000060001000200000008000200ffffffff0500030003000000060001000200000008000200640101000500030000000000060001000200000008000200ac1e0101050003000200000070000080060001000a00000014000200200100000000000000000000000000010500030001000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff020000000000000000000000000001050003000200000048000080080003000000000008000a000100800024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220800030003000000080009800400008004000080060006004e24000008000100", @ANYRES32=r3], 0x36c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

9.124894479s ago: executing program 3 (id=1016):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x1f, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000004000850000008b00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

8.945423606s ago: executing program 3 (id=1020):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000004, 0x5d032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x800000000000, 0x0, 0x0, 0x2, 0x12, 0xe4, 0x42, 0x5c})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmmsg$inet(r7, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f00000025c0)="402e4f917f08c3207a5e06c7fa23c36c258696b36bdb7b69ba3baeb3b90736e5", 0x20}], 0x1}}], 0x400000000000151, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

7.377730728s ago: executing program 3 (id=1024):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x806902, 0x0)
read$FUSE(r1, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6gre0\x00', <r2=>0x0, 0x29, 0x13, 0x80, 0x40, 0x14, @remote, @dev={0xfe, 0x80, '\x00', 0x22}, 0x80, 0x80, 0x1, 0xf}})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x800, '\x00', r2, 0xffffffffffffffff, 0x5, 0x3, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000705000400000000000900020073797a32000000001400078008000640000000000800084000000000050005000a0000000500010006feff000d000300686173683a6e6574"], 0x5c}}, 0x0)

5.002533902s ago: executing program 1 (id=1030):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x1f, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000004000850000008b00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.890507813s ago: executing program 4 (id=1032):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4}, 0xc)
ioctl(r2, 0x8b1a, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x4000800)

4.872146309s ago: executing program 1 (id=1033):
r0 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000010000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000001000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)

4.700157028s ago: executing program 1 (id=1034):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000088c0)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in6=@empty, 0x0, 0x0, 0x14}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {}, {0x0, 0x0, 0x4}, {}, 0x0, 0x0, 0xa, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}}, 0x0)

4.696350506s ago: executing program 1 (id=1035):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000bc0)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x3, 0xfd, 0x0, 0x4}, {0x6, 0x24, 0x1a, 0x7ff, 0x29}}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x4}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x3}}}}}}}]}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
modify_ldt$write2(0x11, &(0x7f0000000000)={0x6, 0x100000, 0x2000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1}, 0x10)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x18b340, 0x0)
ioctl$FBIO_WAITFORVSYNC(r5, 0x4605, 0x20000000)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000040)=@attr_set_pmu={0x0, 0x1, 0x1, &(0x7f0000000000)=0x7})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x11, r6)
r7 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
landlock_restrict_self(r7, 0x0)
ptrace(0x10, r6)
r8 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r8, 0x0)
ptrace(0x10, r6)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

3.753468232s ago: executing program 0 (id=1037):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
recvmmsg(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/27, 0x1b}], 0x1}}], 0x2, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x49, &(0x7f0000000000)=0x8, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10000}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000))
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, 0x0, 0x3000c81c)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000500)={'ip_vti0\x00', r6, 0x7800, 0x700, 0x4, 0x66, {{0xc, 0x4, 0x3, 0x37, 0x30, 0x64, 0x0, 0x4f, 0x29, 0x0, @private=0xa010102, @private=0xa010101, {[@generic={0x94, 0x12, "102fdbe1efd770ab0895796dbd0bc3b9"}, @generic={0x7, 0x6, "4b6628ea"}, @end]}}}}})
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000000c0)="17000000010001000003d68c5ee1768812003208020300ecff3f0002000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ab65761407a681f009cee4a5acb3da400001fb700674f39b44e33bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/180, 0x114)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_DISABLE(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4040)

3.719436068s ago: executing program 0 (id=1038):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x0)
io_setup(0x9, &(0x7f0000003080)=<r3=>0x0)
io_getevents(r3, 0x1, 0x1, &(0x7f0000000000)=[{}], 0x0)
io_submit(r3, 0x1, &(0x7f0000000940)=[&(0x7f0000001940)={0x0, 0x0, 0x0, 0x7, 0xeffd, r2, 0x0}])

3.481048175s ago: executing program 4 (id=1039):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'virt_wifi0\x00'}, 0x18)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000140)=0x6ddf2614, 0x1)
recvmmsg(r1, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f0000000300)}, 0x10001}], 0x1, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmmsg$sock(r3, &(0x7f0000003bc0), 0x4000000000002ca, 0x4040014)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r4)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r4, &(0x7f0000000700)={0x0, 0x4a, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x40088c4}, 0x20008810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ptype\x00')
fsconfig$FSCONFIG_SET_FLAG(r7, 0x0, 0x0, 0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x400880, 0x0)

3.424139526s ago: executing program 3 (id=1040):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x800, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000040), 0x2cf1389d, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000180)={0x1, 0x0, {0x0, 0x5, 0x3008, 0x0, 0x0, 0x4, 0x0, 0x1}})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r8, 0xc0184800, &(0x7f0000000040)={0xd, r5})
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="a7ffa888000000001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r9, @ANYBLOB="7c434c44e8c7f122a97c9282c0a9d506e73707a65d14023a86ccc9318b9de47b0f7c7fd0a9f9a7c04c497f5af055c3377c23252477"], 0x44}}, 0x0)

2.446086045s ago: executing program 0 (id=1041):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="ef00000000000000140012800b0001006970766c616e0000", @ANYRES32, @ANYBLOB="08000400", @ANYRES32], 0x4c}}, 0x0)

2.43114878s ago: executing program 4 (id=1042):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x1003)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000400158000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)

2.28824791s ago: executing program 3 (id=1043):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x1f, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000004000850000008b00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.213266651s ago: executing program 0 (id=1044):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setreuid(0xee01, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000100000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r6=>0x0}, 0x8)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000500)={0x48, 0x8, r0, 0x0, 0x9, 0x0, 0x0, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r7, 0x29, 0x45, &(0x7f0000000740)={'HL\x00'}, &(0x7f0000000780)=0x1e)

2.205373223s ago: executing program 3 (id=1045):
r0 = syz_usb_connect(0x2, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$uac1(0x0, 0xaf, &(0x7f0000000180)=ANY=[], 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000200)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000280)={@local})
r2 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6, 0x10}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0xdb4, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

1.38818327s ago: executing program 1 (id=1046):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000005c0)={'syz0\x00', {}, 0x45, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x61965b7e, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x6, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7f, 0x0, 0x57eb46fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x199, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000], [0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x100000, 0x8000]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
symlinkat(&(0x7f0000000b00)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000b40)='./file7\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000d40)={{{@in6, @in6=@local}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000000e40)=0xe8)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)

1.176204736s ago: executing program 0 (id=1047):
r0 = openat$binfmt_format(0xffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
close_range(r0, r0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r3, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @remote, 0x19}, 0x1c, &(0x7f0000000c40)=[{&(0x7f00000001c0)="4bd48e7c9cc05ee68ff2d5594112b8fe14214cc23e1859ef1d3bca97462d97fdcc5bf2f7eb59fef416b76956d8f3b56331725c3216e55bc5c87f0ec06e53756c", 0x40}, {&(0x7f0000000d40)="f660988cffaf5f258c8850530ffad54fbb8c1175779e1dd06c989dba844d8cc87e7b10bd851376621c012089df8b857d60ca094671b5975d712d0b4144b0aad292f0247cdd3b81706cb4464648aeb35d529ffb4e2a73c69de2a66126a07d8685bffd2898292c2d25c37a14a92e2ed379fd6351c0cb97f5809f7adc6483c89aee4fccdaac19eb13a41db163815bdece0365574072fe8510b311fec445f3de57203931905c320231ee22c04d213d7995da487ae9c53c54b01d0a349b2218d547ca284b3bb7acd15a4440db135fb08a17e9a86989c9e8dac9530eb219d4420718887e921095f686ead7f914348a66b54ea63d453881df78b4f97edd479f77fdb8c880cc021bed7f2ccef344b60defe42150301466d2838b4c2ab94f691908fddb4171bbed167d0ca8d542b7ebc569c31e293debe3ee5c1e2dfcf4900f57f12845e8d3a2d2687fbb1292d426dc6978f05f22a60d9cbd89af88dc67b538637c7d42aad21dc150bd21679c553d8b030af994f68082261698abcbd861a8aaaa308a3485c09ed7f469b063db0b0f6b1548f2c14b552d326de6fb19876f58020958eb2ff820bf29da18528d443ae64d8bd412deeb19d64d8b84bfadfaa7fab69e58833023879b44c5459ec39903e28a747cec35015ddd63c63f674ec8f5071d19a2b10f08b5bf181fa2fead034ebe2b0f85e2548477e4c1f4bc7bb054db21ced46c54ec728e094fe62cdb2a1a7a5ecced7e87807ee2ca17d7a96a1bec2cdad4a8e2492633082f29871f45c96483a96da4e3a04409d96f87480875f702d337cea32fc09b12dea01c564a8e351358b9598f66b297985e3f612e96593167b671ad901135fb55833f999b6de8d41565b808485d51cdfd37e49238eedbf1d435f2f80f5097c11271903fab290e0de8d982328935b6079550cae448a9010ed4091751afc6f3c4543b7aa910a9676b853cb69f4bb70b4981971c0d544edfef70ea9c0ded085a989de9416f77b8b2e47175bba4e4cc2cfd2d86d85b0f5d3a1f6314df460e3d16da85ce37897db1530b6b79588979f770b5755ff53216a5b2b2be0213041feddd028db60841f3f7ed69d21528420b4d012f35ed78cf8b3bdcf8344e1581e5c3c652a8c91e81c4a904af5cc740398433fa32ce9d91f81162e998d8169d7eafacfb29c29bea047ecff24df11608c135597e67d9581722fcceff88b3f0a059d18c1e7b1765605a4faec22825ab6d7e9d7432852c6ae9121c26b9138e64cfd1114639933fb825fa104597b0348c21b862d36fc0fefd557e9cca570b0178e9d923b27a9fdb3822326404bc93e2fbe681c9a025156b61d83732c03244d33b75191bc8f9b61b9f586ccb75b57b45ae759f18e69d5118200f570722848a46191f65d56f01b2becc5ecdc5c0c0152b737ff58f00fe6230b201a57078cbda7bc47b62e1642669d53489d04b6933f7eca44f9fd831ccc81c630393c5b3a4e810cdcbc79b8f7e25b7d0", 0x421}], 0x2, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8000001)

1.10464334s ago: executing program 4 (id=1048):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
recvmmsg(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/27, 0x1b}], 0x1}}], 0x2, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x49, &(0x7f0000000000)=0x8, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10000}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000))
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, 0x0, 0x3000c81c)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000500)={'ip_vti0\x00', r6, 0x7800, 0x700, 0x4, 0x66, {{0xc, 0x4, 0x3, 0x37, 0x30, 0x64, 0x0, 0x4f, 0x29, 0x0, @private=0xa010102, @private=0xa010101, {[@generic={0x94, 0x12, "102fdbe1efd770ab0895796dbd0bc3b9"}, @generic={0x7, 0x6, "4b6628ea"}, @end]}}}}})
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000000c0)="17000000010001000003d68c5ee1768812003208020300ecff3f0002000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ab65761407a681f009cee4a5acb3da400001fb700674f39b44e33bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/180, 0x114)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_DISABLE(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4040)

894.700936ms ago: executing program 4 (id=1049):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_emit_vhci(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2000000000000069, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r3, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{0x0}], 0x1}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0x1}], 0x1}}], 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bind$ax25(0xffffffffffffffff, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)

27.424497ms ago: executing program 4 (id=1050):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x38, 0x1403, 0x6c08c44bda12f87d, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team_slave_1\x00'}}]}, 0x38}}, 0xffffff7f00000000)

755.148µs ago: executing program 0 (id=1051):
r0 = openat$binfmt_format(0xffffff9c, 0x0, 0x2, 0x0)
write$binfmt_format(r0, &(0x7f0000003080)='1\x00', 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r3, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @remote, 0x19}, 0x1c, &(0x7f0000000c40)=[{0x0}, {&(0x7f0000000d40)="f660988cffaf5f258c8850530ffad54fbb8c1175779e1dd06c989dba844d8cc87e7b10bd851376621c012089df8b857d60ca094671b5975d712d0b4144b0aad292f0247cdd3b81706cb4464648aeb35d529ffb4e2a73c69de2a66126a07d8685bffd2898292c2d25c37a14a92e2ed379fd6351c0cb97f5809f7adc6483c89aee4fccdaac19eb13a41db163815bdece0365574072fe8510b311fec445f3de57203931905c320231ee22c04d213d7995da487ae9c53c54b01d0a349b2218d547ca284b3bb7acd15a4440db135fb08a17e9a86989c9e8dac9530eb219d4420718887e921095f686ead7f914348a66b54ea63d453881df78b4f97edd479f77fdb8c880cc021bed7f2ccef344b60defe42150301466d2838b4c2ab94f691908fddb4171bbed167d0ca8d542b7ebc569c31e293debe3ee5c1e2dfcf4900f57f12845e8d3a2d2687fbb1292d426dc6978f05f22a60d9cbd89af88dc67b538637c7d42aad21dc150bd21679c553d8b030af994f68082261698abcbd861a8aaaa308a3485c09ed7f469b063db0b0f6b1548f2c14b552d326de6fb19876f58020958eb2ff820bf29da18528d443ae64d8bd412deeb19d64d8b84bfadfaa7fab69e58833023879b44c5459ec39903e28a747cec35015ddd63c63f674ec8f5071d19a2b10f08b5bf181fa2fead034ebe2b0f85e2548477e4c1f4bc7bb054db21ced46c54ec728e094fe62cdb2a1a7a5ecced7e87807ee2ca17d7a96a1bec2cdad4a8e2492633082f29871f45c96483a96da4e3a04409d96f87480875f702d337cea32fc09b12dea01c564a8e351358b9598f66b297985e3f612e96593167b671ad901135fb55833f999b6de8d41565b808485d51cdfd37e49238eedbf1d435f2f80f5097c11271903fab290e0de8d982328935b6079550cae448a9010ed4091751afc6f3c4543b7aa910a9676b853cb69f4bb70b4981971c0d544edfef70ea9c0ded085a989de9416f77b8b2e47175bba4e4cc2cfd2d86d85b0f5d3a1f6314df460e3d16da85ce37897db1530b6b79588979f770b5755ff53216a5b2b2be0213041feddd028db60841f3f7ed69d21528420b4d012f35ed78cf8b3bdcf8344e1581e5c3c652a8c91e81c4a904af5cc740398433fa32ce9d91f81162e998d8169d7eafacfb29c29bea047ecff24df11608c135597e67d9581722fcceff88b3f0a059d18c1e7b1765605a4faec22825ab6d7e9d7432852c6ae9121c26b9138e64cfd1114639933fb825fa104597b0348c21b862d36fc0fefd557e9cca570b0178e9d923b27a9fdb3822326404bc93e2fbe681c9a025156b61d83732c03244d33b75191bc8f9b61b9f586ccb75b57b45ae759f18e69d5118200f570722848a46191f65d56f01b2becc5ecdc5c0c0152b737ff58f00fe6230b201a57078cbda7bc47b62e1642669d53489d04b6933f7eca44f9fd831ccc81c630393c5b3a4e810cdcbc79b8f7e25b7d0313e142afe76fc17d98afed1f8c7af862de4c12bf7cca463e459dc364303e88eb5b19b0f0fece79742ad03910080a0a65cdec1f97f472813e5dd2d8946f0f6e2a7fd4ed7f8190312bd8dd7580c9c5ee17d3803b9caae54ff801661e79a668e5b93713162f01e9738d173b5b18a426cae406d03853c99846b5ac5e8226f829f9e1aabc92bff6a63bbd2783fd54912fd1a9951c8bd35234a54a87692ff9b7b98abfb73a51b9547aa8c44be776d96f7ee0031915ba6678ab137a684f0afa8afc2a860bb81152f6c64c84ca99a8b77960288b1a677c7ce951f42c42fbb82c4539eaa5b114fd7e451173164c61aecaea800f142dd1f2a59a3e188b23ca833c969b25dd27a4c7798165dcc72b094c88cacac8f2c419b4e4a628bdc5de7c714ac7d96e710aa9514376345fded5d504decb862dec0cc564ec1cdeefb9c629be0948d37a9e750d5af63525c5156f02b2fb97bdd6eb233382bd02d671894a2509dabb5", 0x57f}], 0x2, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8000001)

0s ago: executing program 1 (id=1052):
prlimit64(0x0, 0xe, 0x0, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000d40)={{{@in6, @in6=@local}}, {{@in=@remote}, 0x0, @in6=@initdev}}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r0, 0x0)

kernel console output (not intermixed with test programs):

tes leftover after parsing attributes in process `syz.3.4'.
[   76.046863][ T5920] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4'.
[   76.631940][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.680477][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.749889][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.757924][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.855606][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.950827][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   76.951023][ T5927] warning: `syz.1.12' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   76.959458][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.020373][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   77.060387][ T5828] Bluetooth: hci0: command tx timeout
[   77.191840][ T5828] Bluetooth: hci2: command tx timeout
[   77.191928][ T5825] Bluetooth: hci1: command tx timeout
[   77.208310][ T5930] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   77.262884][ T5825] Bluetooth: hci3: command tx timeout
[   77.268376][ T5825] Bluetooth: hci4: command tx timeout
[   77.570636][ T5916] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   77.736852][ T5950] syz.1.15 uses obsolete (PF_INET,SOCK_PACKET)
[   77.737416][ T5916] usb 5-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=3f.fc
[   77.760564][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.785885][ T5916] usb 5-1: Product: syz
[   77.794641][ T5952] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.808205][ T5916] usb 5-1: Manufacturer: syz
[   77.844032][ T5916] usb 5-1: SerialNumber: syz
[   77.978619][ T5954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15'.
[   78.002049][ T5916] usb 5-1: config 0 descriptor??
[   78.023718][ T5916] cypress_m8 5-1:0.0: Nokia CA-42 V2 Adapter converter detected
[   78.097357][ T5916] nokiaca42v2 ttyUSB0: required endpoint is missing
[   78.626550][    T9] usb 5-1: USB disconnect, device number 2
[   78.635053][    T9] cypress_m8 5-1:0.0: device disconnected
[   79.135762][ T5867] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   79.219915][ T5974] netlink: 36 bytes leftover after parsing attributes in process `syz.4.22'.
[   79.320325][ T5867] usb 2-1: Using ep0 maxpacket: 8
[   79.422033][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   79.450714][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   79.461424][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   79.470031][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   79.511036][ T5867] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[   79.530605][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   79.566356][ T5867] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[   79.639821][ T5977] netlink: 24 bytes leftover after parsing attributes in process `syz.3.23'.
[   79.660320][ T5867] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.905528][ T5867] usb 2-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[   79.914850][ T5867] usb 2-1: New USB device strings: Mfr=244, Product=255, SerialNumber=0
[   79.923820][ T5867] usb 2-1: Product: syz
[   79.928033][ T5867] usb 2-1: Manufacturer: syz
[   79.936510][ T5867] usb 2-1: config 0 descriptor??
[   80.654033][ T5965] syz.0.17 (5965): drop_caches: 2
[   81.746200][ T5867] hid-picolcd 0003:04D8:F002.0001: No report with id 0xf3 found
[   81.764827][ T5867] hid-picolcd 0003:04D8:F002.0001: No report with id 0xf4 found
[   82.555982][ T5867] usb 2-1: USB disconnect, device number 2
[   83.672082][ T6009] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   84.032121][ T6017] capability: warning: `syz.4.32' uses deprecated v2 capabilities in a way that may be insecure
[   85.120417][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.336807][ T6054] mmap: syz.1.41 (6054) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   85.373954][ T6057] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   85.410410][ T6057] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   85.431981][ T6057] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   85.451690][ T6057] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   85.602454][ T6057] geneve2: entered promiscuous mode
[   85.650516][ T6057] geneve2: entered allmulticast mode
[   87.058741][ T6072] hsr0: entered allmulticast mode
[   87.064084][ T6072] hsr_slave_0: entered allmulticast mode
[   87.069765][ T6072] hsr_slave_1: entered allmulticast mode
[   87.133165][ T6074] input: syz0 as /devices/virtual/input/input5
[   87.393783][ T2149] cfg80211: failed to load regulatory.db
[   89.386558][ T6128] netlink: 'syz.0.57': attribute type 1 has an invalid length.
[   89.680397][ T2149] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   89.775145][ T6132] kvm: pic: non byte write
[   89.787191][ T6132] kvm: pic: non byte write
[   89.865053][ T2149] usb 3-1: config 0 has an invalid interface number: 30 but max is 0
[   89.873338][ T2149] usb 3-1: config 0 has no interface number 0
[   89.879468][ T2149] usb 3-1: New USB device found, idVendor=0572, idProduct=d811, bcdDevice=94.e2
[   89.908873][ T2149] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.964042][ T2149] usb 3-1: config 0 descriptor??
[   89.983139][ T2149] dvb-usb: found a 'Mygica D689 DMB-TH' in warm state.
[   90.377614][ T6130] orangefs_mount: mount request failed with -4
[   90.742129][ T2149] usb 3-1: setting power ON
[   90.747250][ T2149] dvb-usb: bulk message failed: -22 (2/0)
[   90.897984][ T2149] dvb-usb: bulk message failed: -22 (1/0)
[   91.073209][ T2149] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[   91.159399][ T2149] dvb-usb: Mygica D689 DMB-TH error while loading driver (-19)
[   91.186108][ T2149] dvb_usb_cxusb 3-1:0.30: probe with driver dvb_usb_cxusb failed with error -22
[   91.287817][ T6160] netlink: 92 bytes leftover after parsing attributes in process `syz.2.66'.
[   91.645033][ T5825] Bluetooth: hci3: command 0x0406 tx timeout
[   91.868767][ T6164] Invalid logical block size (1806)
[   91.928272][ T2149] usb 3-1: USB disconnect, device number 2
[   92.001449][ T5821] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   92.169492][ T5821] usb 4-1: config 201 has an invalid interface number: 249 but max is 0
[   92.188458][ T5821] usb 4-1: config 201 has no interface number 0
[   92.198647][ T5821] usb 4-1: config 201 interface 249 altsetting 4 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[   92.232277][ T5821] usb 4-1: config 201 interface 249 has no altsetting 0
[   92.260407][ T5821] usb 4-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[   92.277157][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.277189][ T5821] usb 4-1: Product: syz
[   92.277206][ T5821] usb 4-1: Manufacturer: syz
[   92.277222][ T5821] usb 4-1: SerialNumber: syz
[   92.721260][ T6152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.749092][ T6152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.983013][ T6152] netlink: 'syz.3.65': attribute type 3 has an invalid length.
[   93.016128][ T5821] ath6kl: Failed to submit usb control message: -71
[   93.028322][ T5821] ath6kl: unable to send the bmi data to the device: -71
[   93.036059][ T5821] ath6kl: Unable to send get target info: -71
[   93.044253][ T5821] ath6kl: Failed to init ath6kl core: -71
[   93.052520][ T5821] ath6kl_usb 4-1:201.249: probe with driver ath6kl_usb failed with error -71
[   93.077325][ T5821] usb 4-1: USB disconnect, device number 2
[   94.269513][ T6197] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[   94.332907][ T6197] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[   94.348916][ T6197] Zero length message leads to an empty skb
[   94.410601][ T6191] netlink: 224 bytes leftover after parsing attributes in process `syz.3.77'.
[   94.450157][ T6207] netlink: 40 bytes leftover after parsing attributes in process `syz.4.80'.
[   94.450259][ T6206] netlink: 40 bytes leftover after parsing attributes in process `syz.4.80'.
[   94.548008][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.69'.
[   94.738176][ T6211] kvm: pic: non byte write
[   94.958094][ T6180] tty tty25: ldisc open failed (-12), clearing slot 24
[   96.085850][ T6230] geneve2: entered promiscuous mode
[   96.092566][ T6230] geneve2: entered allmulticast mode
[   96.932757][ T6237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.87'.
[   96.944329][ T6237] xt_connbytes: Forcing CT accounting to be enabled
[   96.951330][ T6237] Cannot find add_set index 0 as target
[   97.875813][ T6246] netlink: 216 bytes leftover after parsing attributes in process `syz.4.90'.
[   97.901671][ T6246] netlink: 24 bytes leftover after parsing attributes in process `syz.4.90'.
[   97.969352][ T6246] netlink: 16 bytes leftover after parsing attributes in process `syz.4.90'.
[   98.092095][ T6254] netlink: 28 bytes leftover after parsing attributes in process `syz.0.93'.
[   98.114338][ T6254] netlink: 28 bytes leftover after parsing attributes in process `syz.0.93'.
[   98.680387][ T5821] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   99.210179][ T5821] usb 4-1: Using ep0 maxpacket: 16
[   99.218116][ T5821] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[   99.230333][ T5821] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   99.240238][ T5821] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   99.367156][ T6283] capability: warning: `syz.1.106' uses 32-bit capabilities (legacy support in use)
[   99.463295][ T5821] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   99.472708][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.480830][ T5821] usb 4-1: Product: syz
[   99.485030][ T5821] usb 4-1: Manufacturer: syz
[   99.489659][ T5821] usb 4-1: SerialNumber: syz
[  100.490671][ T5821] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  100.494930][ T5825] Bluetooth: hci4: command 0x0405 tx timeout
[  100.500782][ T5821] usb 4-1: unit 0 not found!
[  101.198908][ T5821] usb 4-1: USB disconnect, device number 3
[  101.486303][   T29] audit: type=1326 audit(1737225064.537:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3561f85d29 code=0x7ffc0000
[  101.602111][ T6320] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (52285443328 ns). Using initial count to start timer.
[  101.641712][   T29] audit: type=1326 audit(1737225064.547:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3561f85d29 code=0x7ffc0000
[  101.717077][   T29] audit: type=1326 audit(1737225064.597:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f3561f85d29 code=0x7ffc0000
[  101.759493][   T29] audit: type=1326 audit(1737225064.597:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3561f85d29 code=0x7ffc0000
[  101.807619][   T29] audit: type=1326 audit(1737225064.597:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3561f85d29 code=0x7ffc0000
[  101.863271][   T29] audit: type=1326 audit(1737225064.597:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3561f87c47 code=0x7ffc0000
[  101.884858][   T29] audit: type=1326 audit(1737225064.597:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3561f87bbc code=0x7ffc0000
[  101.906855][   T29] audit: type=1326 audit(1737225064.597:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3561f87af4 code=0x7ffc0000
[  101.928702][   T29] audit: type=1326 audit(1737225064.597:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3561f87af4 code=0x7ffc0000
[  101.950441][   T29] audit: type=1326 audit(1737225064.607:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6322 comm="syz.4.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3561f8498a code=0x7ffc0000
[  102.159393][ T6335] overlayfs: failed to resolve './file0': -2
[  102.206983][ T6344] netlink: 1788 bytes leftover after parsing attributes in process `syz.3.127'.
[  102.318747][ T6348] xt_hashlimit: size too large, truncated to 1048576
[  102.326154][ T6348] xt_hashlimit: overflow, rate too high: 0
[  102.448005][ T6351] netlink: 84 bytes leftover after parsing attributes in process `syz.0.128'.
[  102.457658][ T6351] netlink: 8 bytes leftover after parsing attributes in process `syz.0.128'.
[  103.353602][ T6358] netlink: 1788 bytes leftover after parsing attributes in process `syz.1.131'.
[  104.730786][ T6364] netlink: 48 bytes leftover after parsing attributes in process `syz.0.133'.
[  105.117853][ T6372] xt_hashlimit: overflow, try lower: 5/0
[  105.253781][ T6376] netlink: 196 bytes leftover after parsing attributes in process `syz.0.138'.
[  105.286262][ T6376] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  105.404915][ T6383] netlink: 'syz.3.141': attribute type 8 has an invalid length.
[  105.490280][    T9] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[  105.660769][    T9] usb 3-1: device descriptor read/64, error -71
[  105.910231][    T9] usb 3-1: new low-speed USB device number 4 using dummy_hcd
[  106.073499][    T9] usb 3-1: device descriptor read/64, error -71
[  106.191107][    T9] usb usb3-port1: attempt power cycle
[  106.790333][    T9] usb 3-1: new low-speed USB device number 5 using dummy_hcd
[  107.014828][    T9] usb 3-1: device descriptor read/8, error -71
[  107.058027][ T6423] netlink: 'syz.1.154': attribute type 29 has an invalid length.
[  107.232906][ T6423] netlink: 'syz.1.154': attribute type 29 has an invalid length.
[  107.650318][ T6423] netlink: 508 bytes leftover after parsing attributes in process `syz.1.154'.
[  107.730824][ T6423] unsupported nla_type 40
[  107.900228][    T9] usb 3-1: new low-speed USB device number 6 using dummy_hcd
[  107.944022][    T9] usb 3-1: device descriptor read/8, error -71
[  108.102919][    T9] usb usb3-port1: unable to enumerate USB device
[  108.148357][ T6443] vlan2: entered promiscuous mode
[  108.155847][ T6443] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  108.164309][ T6443] vlan2: entered allmulticast mode
[  108.170602][ T6443] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  108.193710][ T6443] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  108.228952][ T6443] mac80211_hwsim hwsim11 wlan1: left promiscuous mode
[  109.181759][ T6460] tipc: Failed to remove unknown binding: 66,1,1/0:1949572763/1949572765
[  109.185068][ T6461] netlink: 36 bytes leftover after parsing attributes in process `syz.4.166'.
[  109.357131][ T6465] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  109.648813][ T6472] FAULT_INJECTION: forcing a failure.
[  109.648813][ T6472] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  109.663578][ T6472] CPU: 0 UID: 0 PID: 6472 Comm: syz.0.167 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  109.677422][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  109.691242][ T6472] Call Trace:
[  109.695421][ T6472]  <TASK>
[  109.698379][ T6472]  dump_stack_lvl+0x241/0x360
[  109.703121][ T6472]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.708364][ T6472]  ? __pfx__printk+0x10/0x10
[  109.713001][ T6472]  ? __pfx_lock_release+0x10/0x10
[  109.718513][ T6472]  ? __up_read+0x2c2/0x6b0
[  109.723073][ T6472]  should_fail_ex+0x3b0/0x4e0
[  109.727809][ T6472]  _copy_from_user+0x2f/0xc0
[  109.732971][ T6472]  __se_sys_move_pages+0x132e/0x1b10
[  109.738404][ T6472]  ? __pfx___se_sys_move_pages+0x10/0x10
[  109.744140][ T6472]  ? irqentry_exit+0x63/0x90
[  109.748870][ T6472]  ? lockdep_hardirqs_on+0x99/0x150
[  109.754157][ T6472]  ? __x64_sys_move_pages+0x21/0xf0
[  109.759410][ T6472]  do_syscall_64+0xf3/0x230
[  109.764125][ T6472]  ? clear_bhb_loop+0x35/0x90
[  109.768987][ T6472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.775292][ T6472] RIP: 0033:0x7f935a385d29
[  109.779755][ T6472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.799920][ T6472] RSP: 002b:00007f935b1ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  109.808472][ T6472] RAX: ffffffffffffffda RBX: 00007f935a576080 RCX: 00007f935a385d29
[  109.816484][ T6472] RDX: 0000000020000080 RSI: 0000000000001efe RDI: 0000000000000000
[  109.824494][ T6472] RBP: 00007f935b1ee090 R08: 0000000020000040 R09: 0000000000000000
[  109.832587][ T6472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.840595][ T6472] R13: 0000000000000000 R14: 00007f935a576080 R15: 00007fffd218af38
[  109.848619][ T6472]  </TASK>
[  109.851717][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.898730][    C1] Illegal XDP return value 16128 on prog  (id 29) dev lo, expect packet loss!
[  110.328956][ T6485] netlink: 24 bytes leftover after parsing attributes in process `syz.4.171'.
[  110.522953][ T5869] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  110.557054][ T6478] delete_channel: no stack
[  110.700903][ T5869] usb 4-1: Using ep0 maxpacket: 16
[  110.708697][ T5869] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  110.742031][ T5869] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  110.767212][ T6488] loop2: detected capacity change from 0 to 7
[  110.790456][ T5869] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  110.804171][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.881190][ T6488] Dev loop2: unable to read RDB block 7
[  110.940453][ T5869] usb 4-1: Product: syz
[  110.944689][ T5869] usb 4-1: Manufacturer: syz
[  110.946378][ T6488]  loop2: unable to read partition table
[  110.955918][ T5869] usb 4-1: SerialNumber: syz
[  110.965659][ T6488] loop2: partition table beyond EOD, truncated
[  110.982154][ T6488] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  111.007855][ T5193] Dev loop2: unable to read RDB block 7
[  111.013792][ T5193]  loop2: unable to read partition table
[  111.019772][ T5193] loop2: partition table beyond EOD, truncated
[  111.747948][ T5869] usb 4-1: 0:2 : does not exist
[  111.759448][ T5869] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  111.815279][ T5869] usb 4-1: USB disconnect, device number 4
[  112.152917][ T5817] udevd[5817]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  113.443025][ T6522] dvmrp0: entered allmulticast mode
[  113.585977][ T5916] IPVS: starting estimator thread 0...
[  113.720596][ T6526] IPVS: using max 38 ests per chain, 91200 per kthread
[  114.101192][ T6534] netlink: 24 bytes leftover after parsing attributes in process `syz.3.190'.
[  114.218353][ T6535] netlink: 1788 bytes leftover after parsing attributes in process `syz.4.189'.
[  114.549276][ T6543] netlink: 68 bytes leftover after parsing attributes in process `syz.2.193'.
[  114.604250][ T6543] netlink: 68 bytes leftover after parsing attributes in process `syz.2.193'.
[  114.865842][ T6549] hub 9-0:1.0: USB hub found
[  114.873760][ T6549] hub 9-0:1.0: 1 port detected
[  115.011786][ T6551] netlink: 'syz.2.196': attribute type 29 has an invalid length.
[  115.020905][ T6551] netlink: 'syz.2.196': attribute type 29 has an invalid length.
[  115.730256][ T6560] program syz.2.200 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  117.394352][    C1] hrtimer: interrupt took 973191 ns
[  119.614154][ T6653] xt_hashlimit: max too large, truncated to 1048576
[  122.442008][ T6699] fuse: Unknown parameter 'group'
[  122.471026][ T6698] tmpfs: Unknown parameter '0000000000000000000'
[  122.489596][ T6697] could not allocate digest TFM handle blake2s-128
[  124.234801][ T6736] xt_hashlimit: overflow, try lower: 0/0
[  129.158142][ T6766] kvm: pic: non byte write
[  130.499963][ T6784] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (5), value rounded to 5 ms
[  130.568887][ T6784] 8021q: adding VLAN 0 to HW filter on device bond1
[  132.971307][ T6816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.979869][ T6816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.076896][ T6820] tmpfs: Bad value for 'mpol'
[  133.200705][ T5955] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  133.242145][ T6822] FAULT_INJECTION: forcing a failure.
[  133.242145][ T6822] name failslab, interval 1, probability 0, space 0, times 0
[  133.292980][ T6822] CPU: 0 UID: 0 PID: 6822 Comm: syz.2.274 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  133.303636][ T6822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  133.313981][ T6822] Call Trace:
[  133.317285][ T6822]  <TASK>
[  133.320234][ T6822]  dump_stack_lvl+0x241/0x360
[  133.324944][ T6822]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.330172][ T6822]  ? __pfx__printk+0x10/0x10
[  133.334786][ T6822]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  133.340709][ T6822]  ? __pfx___might_resched+0x10/0x10
[  133.346025][ T6822]  should_fail_ex+0x3b0/0x4e0
[  133.350732][ T6822]  should_failslab+0xac/0x100
[  133.355442][ T6822]  ? __get_vm_area_node+0x132/0x2d0
[  133.360665][ T6822]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  133.366416][ T6822]  __get_vm_area_node+0x132/0x2d0
[  133.371551][ T6822]  __vmalloc_node_range_noprof+0x344/0x1380
[  133.377467][ T6822]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  133.383036][ T6822]  ? mark_lock+0x9a/0x360
[  133.387408][ T6822]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  133.393765][ T6822]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  133.399329][ T6822]  __vmalloc_noprof+0x79/0x90
[  133.404042][ T6822]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  133.409631][ T6822]  bpf_prog_alloc_no_stats+0x4d/0x4d0
[  133.415033][ T6822]  ? bpf_prog_alloc+0x28/0x1b0
[  133.419826][ T6822]  bpf_prog_alloc+0x3a/0x1b0
[  133.424442][ T6822]  bpf_prog_load+0x7f7/0x20f0
[  133.429259][ T6822]  ? __pfx_bpf_prog_load+0x10/0x10
[  133.434400][ T6822]  ? __pfx___might_resched+0x10/0x10
[  133.439735][ T6822]  ? __might_fault+0xc6/0x120
[  133.444529][ T6822]  __sys_bpf+0x4ee/0x810
[  133.448929][ T6822]  ? __pfx___sys_bpf+0x10/0x10
[  133.453734][ T6822]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  133.458040][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  133.459725][ T6822]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  133.466044][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  133.472261][ T6822]  ? do_syscall_64+0x100/0x230
[  133.472286][ T6822]  __x64_sys_bpf+0x7c/0x90
[  133.472311][ T6822]  do_syscall_64+0xf3/0x230
[  133.472328][ T6822]  ? clear_bhb_loop+0x35/0x90
[  133.496956][ T6822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.502892][ T6822] RIP: 0033:0x7f353c985d29
[  133.507326][ T6822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.527046][ T6822] RSP: 002b:00007f353d848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  133.535606][ T6822] RAX: ffffffffffffffda RBX: 00007f353cb75fa0 RCX: 00007f353c985d29
[  133.543608][ T6822] RDX: 0000000000000070 RSI: 0000000020000440 RDI: 0000000000000005
[  133.551609][ T6822] RBP: 00007f353d848090 R08: 0000000000000000 R09: 0000000000000000
[  133.559611][ T6822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.567636][ T6822] R13: 0000000000000001 R14: 00007f353cb75fa0 R15: 00007ffeea2309f8
[  133.575656][ T6822]  </TASK>
[  134.024800][ T6822] syz.2.274: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  134.049379][ T6822] CPU: 1 UID: 0 PID: 6822 Comm: syz.2.274 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  134.060044][ T6822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  134.064876][ T5955] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.070102][ T6822] Call Trace:
[  134.070120][ T6822]  <TASK>
[  134.070129][ T6822]  dump_stack_lvl+0x241/0x360
[  134.070158][ T6822]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.070178][ T6822]  ? __pfx__printk+0x10/0x10
[  134.070201][ T6822]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  134.070223][ T6822]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  134.070249][ T6822]  warn_alloc+0x278/0x410
[  134.070275][ T6822]  ? __pfx_warn_alloc+0x10/0x10
[  134.086823][ T5955] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.087425][ T6822]  ? __kasan_kmalloc+0x23/0xb0
[  134.094168][ T5955] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  134.097297][ T6822]  ? __kmalloc_cache_node_noprof+0x25d/0x3a0
[  134.097330][ T6822]  ? __get_vm_area_node+0x280/0x2d0
[  134.097356][ T6822]  __vmalloc_node_range_noprof+0x369/0x1380
[  134.097379][ T6822]  ? mark_lock+0x9a/0x360
[  134.107464][ T5955] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.108366][ T6822]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.183311][ T6822]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  134.188898][ T6822]  __vmalloc_noprof+0x79/0x90
[  134.193581][ T6822]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  134.199215][ T6822]  bpf_prog_alloc_no_stats+0x4d/0x4d0
[  134.204587][ T6822]  ? bpf_prog_alloc+0x28/0x1b0
[  134.209354][ T6822]  bpf_prog_alloc+0x3a/0x1b0
[  134.213946][ T6822]  bpf_prog_load+0x7f7/0x20f0
[  134.218632][ T6822]  ? __pfx_bpf_prog_load+0x10/0x10
[  134.223837][ T6822]  ? __pfx___might_resched+0x10/0x10
[  134.229150][ T6822]  ? __might_fault+0xc6/0x120
[  134.233846][ T6822]  __sys_bpf+0x4ee/0x810
[  134.238092][ T6822]  ? __pfx___sys_bpf+0x10/0x10
[  134.242869][ T6822]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  134.248858][ T6822]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  134.255198][ T6822]  ? do_syscall_64+0x100/0x230
[  134.259963][ T6822]  __x64_sys_bpf+0x7c/0x90
[  134.264386][ T6822]  do_syscall_64+0xf3/0x230
[  134.268981][ T6822]  ? clear_bhb_loop+0x35/0x90
[  134.273701][ T6822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.279603][ T6822] RIP: 0033:0x7f353c985d29
[  134.284027][ T6822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.303675][ T6822] RSP: 002b:00007f353d848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  134.312233][ T6822] RAX: ffffffffffffffda RBX: 00007f353cb75fa0 RCX: 00007f353c985d29
[  134.320203][ T6822] RDX: 0000000000000070 RSI: 0000000020000440 RDI: 0000000000000005
[  134.328171][ T6822] RBP: 00007f353d848090 R08: 0000000000000000 R09: 0000000000000000
[  134.336143][ T6822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.344116][ T6822] R13: 0000000000000001 R14: 00007f353cb75fa0 R15: 00007ffeea2309f8
[  134.352107][ T6822]  </TASK>
[  134.369957][ T6822] Mem-Info:
[  134.380297][ T6822] active_anon:3198 inactive_anon:7529 isolated_anon:0
[  134.380297][ T6822]  active_file:4717 inactive_file:45202 isolated_file:0
[  134.380297][ T6822]  unevictable:768 dirty:62 writeback:0
[  134.380297][ T6822]  slab_reclaimable:8957 slab_unreclaimable:98125
[  134.380297][ T6822]  mapped:32124 shmem:7175 pagetables:817
[  134.380297][ T6822]  sec_pagetables:0 bounce:0
[  134.380297][ T6822]  kernel_misc_reclaimable:0
[  134.380297][ T6822]  free:1328773 free_pcp:504 free_cma:0
[  134.441643][ T6822] Node 0 active_anon:12792kB inactive_anon:30364kB active_file:18796kB inactive_file:180808kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:128544kB dirty:248kB writeback:0kB shmem:27164kB shmem_thp:6144kB shmem_pmdmapped:6144kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12132kB pagetables:3368kB sec_pagetables:0kB all_unreclaimable? no
[  134.445686][ T5955] usb 5-1: config 0 descriptor??
[  134.479936][ T6822] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  134.983042][ T6822] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  135.039172][ T6822] lowmem_reserve[]: 0 2492 2493 0 0
[  135.060175][ T6822] Node 0 DMA32 free:1396156kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:12880kB inactive_anon:30288kB active_file:18012kB inactive_file:180756kB unevictable:1536kB writepending:264kB present:3129332kB managed:2552772kB mlocked:0kB bounce:0kB free_pcp:1624kB local_pcp:992kB free_cma:0kB
[  135.102890][ T6822] lowmem_reserve[]: 0 0 0 0 0
[  135.107721][ T6822] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:784kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  135.142335][ T6822] lowmem_reserve[]: 0 0 0 0 0
[  135.157887][ T6822] Node 1 Normal free:3904064kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  135.693157][ T6836] =======================================================
[  135.693157][ T6836] WARNING: The mand mount option has been deprecated and
[  135.693157][ T6836]          and is ignored by this kernel. Remove the mand
[  135.693157][ T6836]          option from the mount to silence this warning.
[  135.693157][ T6836] =======================================================
[  135.817513][ T6822] lowmem_reserve[]: 0 0 0 0 0
[  135.902124][ T5955] usbhid 5-1:0.0: can't add hid device: -71
[  135.908325][ T5955] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  135.910312][ T6822] Node 0 
[  135.919894][ T5955] usb 5-1: USB disconnect, device number 3
[  135.984379][ T6822] DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  136.040269][ T6822] Node 0 DMA32: 398*4kB (UM) 465*8kB (UME) 423*16kB (UME) 290*32kB (UME) 436*64kB (UME) 51*128kB (UME) 25*256kB (ME) 10*512kB (UM) 11*1024kB (UME) 6*2048kB (ME) 320*4096kB (UM) = 1401584kB
[  136.158935][ T6822] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  136.190259][ T6822] Node 1 Normal: 172*4kB (UME) 48*8kB (UME) 37*16kB (UME) 192*32kB (UME) 87*64kB (UME) 32*128kB (UME) 14*256kB (UM) 6*512kB (UM) 3*1024kB (UM) 1*2048kB (U) 946*4096kB (M) = 3904064kB
[  136.216707][ T6857] usb usb4: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  136.246536][ T6822] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  136.257603][ T6822] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  136.272263][ T6857] netlink: 16 bytes leftover after parsing attributes in process `syz.4.280'.
[  136.286350][ T6857] netlink: 16 bytes leftover after parsing attributes in process `syz.4.280'.
[  136.298223][ T6822] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  136.339051][ T6822] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  136.413951][ T6822] 54512 total pagecache pages
[  136.418701][ T6822] 0 pages in swap cache
[  136.451882][ T6822] Free swap  = 124484kB
[  136.456092][ T6822] Total swap = 124996kB
[  136.469000][ T6822] 2097051 pages RAM
[  136.478484][ T6822] 0 pages HighMem/MovableOnly
[  136.503716][ T6822] 427006 pages reserved
[  136.507935][ T6822] 0 pages cma reserved
[  136.523093][ T6869] xt_CT: You must specify a L4 protocol and not use inversions on it
[  136.539033][ T6867] kvm: pic: non byte write
[  137.263758][ T5822] Bluetooth: hci4: command 0x0405 tx timeout
[  137.386293][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.290'.
[  138.857136][ T6904] No such timeout policy "syz1"
[  138.966336][ T6906] netlink: 24 bytes leftover after parsing attributes in process `syz.4.293'.
[  138.975792][ T6906] netlink: 272 bytes leftover after parsing attributes in process `syz.4.293'.
[  138.985462][ T6906] netlink: 72 bytes leftover after parsing attributes in process `syz.4.293'.
[  140.460514][ T6922] netlink: 1788 bytes leftover after parsing attributes in process `syz.2.298'.
[  141.736449][ T6931] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  142.330491][ T2149] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  142.492962][ T2149] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.513912][ T2149] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  142.527097][ T2149] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.535697][ T2149] usb 5-1: Product: syz
[  142.545746][ T2149] usb 5-1: Manufacturer: syz
[  142.550689][ T2149] usb 5-1: SerialNumber: syz
[  142.650443][ T5821] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  142.830737][ T5821] usb 1-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config
[  142.843007][ T5821] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  142.872899][ T5821] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  142.938861][ T5821] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  142.971244][ T5821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.021718][ T5821] usb 1-1: Product: syz
[  143.044228][ T5821] usb 1-1: Manufacturer: syz
[  143.060911][   T29] kauditd_printk_skb: 20 callbacks suppressed
[  143.060961][   T29] audit: type=1326 audit(1737225106.127:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.102195][ T5821] usb 1-1: SerialNumber: syz
[  143.217778][   T29] audit: type=1326 audit(1737225106.127:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.222214][ T5821] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  143.261387][   T29] audit: type=1326 audit(1737225106.127:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.331447][   T29] audit: type=1326 audit(1737225106.167:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.359596][ T5821] cdc_ncm 1-1:1.0: bind() failure
[  143.394029][   T29] audit: type=1326 audit(1737225106.167:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.416275][ T6951] netlink: 'syz.0.310': attribute type 30 has an invalid length.
[  143.471026][ T5821] usb 1-1: USB disconnect, device number 2
[  143.497619][   T29] audit: type=1326 audit(1737225106.167:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.590304][   T29] audit: type=1326 audit(1737225106.167:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.617415][   T29] audit: type=1326 audit(1737225106.167:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.653718][   T29] audit: type=1326 audit(1737225106.167:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.679755][   T29] audit: type=1326 audit(1737225106.167:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6941 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353c985d29 code=0x7fc00000
[  143.774731][ T2149] cdc_ncm 5-1:1.0: SET_CRC_MODE failed
[  143.812267][ T2149] cdc_ncm 5-1:1.0: bind() failure
[  143.841479][ T2149] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  143.858604][ T2149] cdc_ncm 5-1:1.1: bind() failure
[  143.884686][ T2149] usb 5-1: USB disconnect, device number 4
[  144.196602][ T6984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.322'.
[  144.332476][ T6988] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  144.364496][ T6988] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  144.475251][ T6988] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  144.483279][ T6993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.325'.
[  144.493373][ T6988] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  144.555779][ T6988] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  144.563750][ T6993] netlink: 4 bytes leftover after parsing attributes in process `syz.3.325'.
[  144.585038][ T6988] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  144.593961][ T6993] netlink: 32 bytes leftover after parsing attributes in process `syz.3.325'.
[  144.602191][ T6995] kvm: pic: non byte write
[  144.616866][ T7000] hub 9-0:1.0: USB hub found
[  144.625295][ T7000] hub 9-0:1.0: 1 port detected
[  144.812475][ T6988] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  144.822216][ T6988] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  144.946651][ T7010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.328'.
[  145.297579][ T7020] netlink: 20 bytes leftover after parsing attributes in process `syz.3.333'.
[  145.312146][ T7020] netlink: 20 bytes leftover after parsing attributes in process `syz.3.333'.
[  145.962085][ T7024] trusted_key: syz.3.334 sent an empty control message without MSG_MORE.
[  146.215029][ T7030] xt_hashlimit: overflow, try lower: 0/0
[  149.608638][ T6990] syz.2.324 (6990) used greatest stack depth: 17680 bytes left
[  149.957969][ T7056] FAULT_INJECTION: forcing a failure.
[  149.957969][ T7056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.972197][ T7056] CPU: 0 UID: 0 PID: 7056 Comm: syz.4.343 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  149.982829][ T7056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  149.992908][ T7056] Call Trace:
[  149.996223][ T7056]  <TASK>
[  149.999153][ T7056]  dump_stack_lvl+0x241/0x360
[  150.003858][ T7056]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.009064][ T7056]  ? __pfx__printk+0x10/0x10
[  150.013660][ T7056]  ? __up_read+0x2c2/0x6b0
[  150.018086][ T7056]  should_fail_ex+0x3b0/0x4e0
[  150.022774][ T7056]  _copy_to_user+0x31/0xb0
[  150.027197][ T7056]  __se_sys_move_pages+0x1808/0x1b10
[  150.032613][ T7056]  ? __pfx_lock_release+0x10/0x10
[  150.037644][ T7056]  ? __pfx___se_sys_move_pages+0x10/0x10
[  150.043279][ T7056]  ? vfs_write+0x730/0xd30
[  150.047722][ T7056]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  150.053717][ T7056]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  150.060048][ T7056]  ? do_syscall_64+0x100/0x230
[  150.064815][ T7056]  ? __x64_sys_move_pages+0x21/0xf0
[  150.070012][ T7056]  do_syscall_64+0xf3/0x230
[  150.074516][ T7056]  ? clear_bhb_loop+0x35/0x90
[  150.079191][ T7056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.085089][ T7056] RIP: 0033:0x7f3561f85d29
[  150.089508][ T7056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.109126][ T7056] RSP: 002b:00007f3562de4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  150.117549][ T7056] RAX: ffffffffffffffda RBX: 00007f3562176080 RCX: 00007f3561f85d29
[  150.125523][ T7056] RDX: 0000000020000080 RSI: 0000000000001efe RDI: 0000000000000000
[  150.133495][ T7056] RBP: 00007f3562de4090 R08: 0000000020000040 R09: 0000000000000000
[  150.141468][ T7056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  150.149438][ T7056] R13: 0000000000000000 R14: 00007f3562176080 R15: 00007ffecdfb8ae8
[  150.157424][ T7056]  </TASK>
[  150.268055][ T7058] netlink: 8 bytes leftover after parsing attributes in process `syz.0.344'.
[  150.469401][ T7058] netlink: 4 bytes leftover after parsing attributes in process `syz.0.344'.
[  150.480850][ T7058] netlink: 32 bytes leftover after parsing attributes in process `syz.0.344'.
[  150.613363][ T5828] block nbd0: Receive control failed (result -107)
[  151.094084][ T7058] nbd0: detected capacity change from 0 to 256
[  151.373783][ T5817] block nbd0: Dead connection, failed to find a fallback
[  151.527292][ T7078] netlink: 104 bytes leftover after parsing attributes in process `syz.1.351'.
[  152.219343][ T7095] overlayfs: failed to resolve './file0': -2
[  152.932280][ T5821] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  153.092282][ T5821] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  153.103320][ T5821] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  153.129598][ T5821] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  153.138947][ T5821] usb 1-1: New USB device strings: Mfr=45, Product=63, SerialNumber=3
[  153.147393][ T5821] usb 1-1: Product: syz
[  153.151688][ T5821] usb 1-1: Manufacturer: syz
[  153.156313][ T5821] usb 1-1: SerialNumber: syz
[  153.175321][ T5821] usb 1-1: config 0 descriptor??
[  153.633666][ T7119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.643301][ T7119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.657016][ T7119] xt_hashlimit: overflow, try lower: 0/0
[  153.702500][ T5821] usb 1-1: USB disconnect, device number 3
[  155.262150][ T7130] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  157.625268][ T7146] openvswitch: netlink: EtherType 50a is less than min 600
[  158.266338][ T7158] netlink: 88 bytes leftover after parsing attributes in process `syz.4.368'.
[  158.588096][ T7165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.375'.
[  159.213424][ T7173] netlink: 216 bytes leftover after parsing attributes in process `syz.0.379'.
[  159.241722][ T7173] netlink: 24 bytes leftover after parsing attributes in process `syz.0.379'.
[  159.251723][ T7173] netlink: 16 bytes leftover after parsing attributes in process `syz.0.379'.
[  159.660348][ T5867] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  159.766394][ T7191] kvm: pic: non byte write
[  159.822315][ T5867] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  159.839329][ T5867] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  159.868686][ T5867] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  159.885504][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.898184][ T5867] usb 4-1: Product: syz
[  159.908022][ T5867] usb 4-1: Manufacturer: syz
[  159.936338][ T5867] usb 4-1: SerialNumber: syz
[  159.966471][ T5867] cdc_ether 4-1:1.0: skipping garbage
[  159.988503][ T5867] usb 4-1: bad CDC descriptors
[  161.312331][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  161.312349][   T29] audit: type=1326 audit(1737225124.377:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.356036][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.392'.
[  161.363482][   T29] audit: type=1326 audit(1737225124.377:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.379702][ T7213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.393'.
[  161.405741][   T29] audit: type=1326 audit(1737225124.377:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.439894][   T29] audit: type=1326 audit(1737225124.417:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.502774][ T7213] bridge0: port 3(macsec1) entered blocking state
[  161.509634][ T7213] bridge0: port 3(macsec1) entered disabled state
[  161.537908][ T7213] macsec1: entered allmulticast mode
[  161.543622][   T29] audit: type=1326 audit(1737225124.417:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.661526][ T7213] macsec1: left allmulticast mode
[  161.696349][   T29] audit: type=1326 audit(1737225124.417:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e2b184690 code=0x7ffc0000
[  161.934057][   T29] audit: type=1326 audit(1737225124.417:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.968339][   T29] audit: type=1326 audit(1737225124.417:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  161.995447][   T29] audit: type=1326 audit(1737225124.417:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  162.019248][   T29] audit: type=1326 audit(1737225124.417:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7208 comm="syz.1.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x7ffc0000
[  162.299510][  T973] usb 4-1: USB disconnect, device number 5
[  163.466691][ T7248] netlink: 68 bytes leftover after parsing attributes in process `syz.2.403'.
[  163.493358][ T7248] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  163.617823][ T7255] xt_CT: You must specify a L4 protocol and not use inversions on it
[  165.770479][ T5916] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  166.050435][ T5916] usb 5-1: Using ep0 maxpacket: 16
[  166.067263][ T5916] usb 5-1: config 0 has an invalid interface number: 49 but max is 0
[  166.092849][ T7280] netlink: 48 bytes leftover after parsing attributes in process `syz.3.412'.
[  166.124812][ T5916] usb 5-1: config 0 has no interface number 0
[  166.163862][ T5916] usb 5-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  166.200015][ T5916] usb 5-1: config 0 interface 49 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  166.229266][ T5916] usb 5-1: config 0 interface 49 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  166.485879][ T5916] usb 5-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  166.496003][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.504948][ T5916] usb 5-1: Product: syz
[  166.509683][ T5916] usb 5-1: Manufacturer: syz
[  166.514483][ T5916] usb 5-1: SerialNumber: syz
[  166.533499][ T5916] usb 5-1: config 0 descriptor??
[  166.540262][ T7275] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  166.759107][ T7274] xt_hashlimit: overflow, try lower: 0/0
[  167.370070][ T7303] netlink: 1788 bytes leftover after parsing attributes in process `syz.0.421'.
[  168.200521][ T5916] usb 5-1: USB disconnect, device number 5
[  168.903430][ T7323] xt_hashlimit: overflow, try lower: 5/0
[  168.915592][ T7317] block nbd2: shutting down sockets
[  169.111440][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  169.111460][   T29] audit: type=1326 audit(1737225132.177:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7324 comm="syz.1.430" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x0
[  169.410281][ T7333] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  169.417158][ T7333] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  169.483918][ T7333] vhci_hcd vhci_hcd.0: Device attached
[  169.710349][ T5916] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  169.980356][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  170.022162][ T7343] xt_hashlimit: overflow, try lower: 0/0
[  170.210334][    T9] usb 5-1: Using ep0 maxpacket: 16
[  170.231259][    T9] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  170.295549][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.351100][    T9] usb 5-1: Product: syz
[  170.378834][    T9] usb 5-1: Manufacturer: syz
[  170.412965][    T9] usb 5-1: SerialNumber: syz
[  170.465636][    T9] usb 5-1: config 0 descriptor??
[  170.523217][    T9] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  170.575574][    T9] usb 5-1: Detected FT232H
[  170.841475][ T5916] usb 41-1: device descriptor read/64, error -71
[  170.864591][ T7333] syz.4.433: attempt to access beyond end of device
[  170.864591][ T7333] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[  171.037046][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  171.065819][ T7334] vhci_hcd: connection closed
[  171.083915][    T9] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  171.096540][ T6059] vhci_hcd: stop threads
[  171.162383][ T6059] vhci_hcd: release socket
[  171.253177][    T9] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  171.260448][ T6059] vhci_hcd: disconnect device
[  171.299763][    T9] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  171.311758][ T5916] usb 41-1: new low-speed USB device number 3 using vhci_hcd
[  171.319721][ T5916] usb 41-1: enqueue for inactive port 0
[  171.325368][    T9] usb 5-1: USB disconnect, device number 6
[  171.479528][ T5916] vhci_hcd: vhci_device speed not set
[  171.677920][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  171.733128][ T7348] macvlan2: entered promiscuous mode
[  171.747935][ T7348] macvlan2: entered allmulticast mode
[  171.756068][    T9] ftdi_sio 5-1:0.0: device disconnected
[  172.756968][ T7357] input: syz0 as /devices/virtual/input/input7
[  174.276336][ T7371] nvme_fabrics: unknown parameter or missing value '�' in ctrl creation request
[  174.583155][ T7381] ntfs3(nullb0): Primary boot signature is not NTFS.
[  174.616099][ T7381] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  175.744853][ T7396] loop2: detected capacity change from 0 to 7
[  175.766295][ T7396] Dev loop2: unable to read RDB block 7
[  175.781276][ T7396]  loop2: unable to read partition table
[  175.787141][ T7396] loop2: partition table beyond EOD, truncated
[  175.810154][ T7396] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  176.573891][ T7433] overlayfs: failed to resolve './file0': -2
[  177.244745][ T7427] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  177.521232][ T5916] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  177.691045][ T5916] usb 3-1: device descriptor read/64, error -71
[  177.912929][ T7472] overlayfs: failed to resolve './file0': -2
[  177.970638][ T5916] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  178.055883][ T7478] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  178.120348][ T5916] usb 3-1: device descriptor read/64, error -71
[  178.244069][ T5916] usb usb3-port1: attempt power cycle
[  178.846965][ T5916] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  178.871049][ T5916] usb 3-1: device descriptor read/8, error -71
[  178.927073][ T7481] delete_channel: no stack
[  179.093132][ T7487] FAULT_INJECTION: forcing a failure.
[  179.093132][ T7487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.113137][ T7487] CPU: 0 UID: 0 PID: 7487 Comm: syz.3.480 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  179.123784][ T7487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  179.133848][ T7487] Call Trace:
[  179.137126][ T7487]  <TASK>
[  179.140051][ T7487]  dump_stack_lvl+0x241/0x360
[  179.144737][ T7487]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.149932][ T7487]  ? __pfx__printk+0x10/0x10
[  179.154525][ T7487]  ? __pfx_lock_release+0x10/0x10
[  179.159723][ T7487]  should_fail_ex+0x3b0/0x4e0
[  179.164399][ T7487]  _copy_from_user+0x2f/0xc0
[  179.168993][ T7487]  memdup_user+0x64/0xc0
[  179.173243][ T7487]  strndup_user+0x68/0xc0
[  179.177577][ T7487]  bpf_uprobe_multi_link_attach+0x329/0xdd0
[  179.183505][ T7487]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  179.190446][ T7487]  ? __fget_files+0x395/0x410
[  179.195124][ T7487]  ? bpf_prog_attach_check_attach_type+0x42c/0x4f0
[  179.201630][ T7487]  link_create+0x6d7/0x870
[  179.206051][ T7487]  __sys_bpf+0x4bc/0x810
[  179.210291][ T7487]  ? __pfx___sys_bpf+0x10/0x10
[  179.215062][ T7487]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  179.221041][ T7487]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  179.227369][ T7487]  ? do_syscall_64+0x100/0x230
[  179.232133][ T7487]  __x64_sys_bpf+0x7c/0x90
[  179.236552][ T7487]  do_syscall_64+0xf3/0x230
[  179.241063][ T7487]  ? clear_bhb_loop+0x35/0x90
[  179.245741][ T7487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.251646][ T7487] RIP: 0033:0x7f8224385d29
[  179.256063][ T7487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.275670][ T7487] RSP: 002b:00007f8225282038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  179.284086][ T7487] RAX: ffffffffffffffda RBX: 00007f8224575fa0 RCX: 00007f8224385d29
[  179.292056][ T7487] RDX: 0000000000000040 RSI: 00000000200005c0 RDI: 000000000000001c
[  179.300026][ T7487] RBP: 00007f8225282090 R08: 0000000000000000 R09: 0000000000000000
[  179.307999][ T7487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.315996][ T7487] R13: 0000000000000000 R14: 00007f8224575fa0 R15: 00007ffc1d6c0618
[  179.324003][ T7487]  </TASK>
[  179.334281][ T7490] netlink: 28 bytes leftover after parsing attributes in process `syz.4.481'.
[  179.343450][ T7490] netlink: 8 bytes leftover after parsing attributes in process `syz.4.481'.
[  179.351890][ T5916] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  179.401113][ T5916] usb 3-1: device descriptor read/8, error -71
[  179.471305][ T7494] netlink: 96 bytes leftover after parsing attributes in process `syz.3.483'.
[  179.525662][ T5916] usb usb3-port1: unable to enumerate USB device
[  179.590202][ T5869] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  179.745367][ T5869] usb 1-1: device descriptor read/64, error -71
[  180.030309][ T5869] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  180.169987][ T5869] usb 1-1: device descriptor read/64, error -71
[  180.283069][ T5869] usb usb1-port1: attempt power cycle
[  180.499532][ T7515] overlayfs: failed to clone upperpath
[  181.210609][ T5869] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  181.243598][ T5869] usb 1-1: device descriptor read/8, error -71
[  181.493663][ T5869] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  181.540851][ T5869] usb 1-1: device descriptor read/8, error -71
[  181.557526][ T7532] vlan2: entered promiscuous mode
[  181.569420][ T7532] veth1_virt_wifi: entered promiscuous mode
[  181.582385][ T7532] vlan2: entered allmulticast mode
[  181.587948][ T7532] veth1_virt_wifi: entered allmulticast mode
[  181.746103][ T5869] usb usb1-port1: unable to enumerate USB device
[  181.751768][ T7532] veth1_virt_wifi: left allmulticast mode
[  181.759323][ T7532] veth1_virt_wifi: left promiscuous mode
[  184.041703][ T7578] netlink: 104 bytes leftover after parsing attributes in process `syz.2.512'.
[  184.190272][ T7586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.514'.
[  185.997991][ T7608] fuseblk: Bad value for 'fd'
[  186.600297][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  186.732830][ T7627] netlink: 96 bytes leftover after parsing attributes in process `syz.3.526'.
[  186.790325][    T9] usb 5-1: Using ep0 maxpacket: 16
[  186.832175][    T9] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[  186.862783][    T9] usb 5-1: config 0 has no interface number 0
[  186.898969][    T9] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  186.940142][    T9] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  186.985339][    T9] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  186.995267][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.010942][    T9] usb 5-1: Product: syz
[  187.015177][    T9] usb 5-1: Manufacturer: syz
[  187.019798][    T9] usb 5-1: SerialNumber: syz
[  187.032142][    T9] usb 5-1: config 0 descriptor??
[  187.038199][ T7623] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  187.048041][ T7623] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  187.263917][ T7623] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  187.280381][ T7623] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  187.310256][ T5867] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  187.491262][    T9] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  187.503616][    T9] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71
[  187.515935][    T9] asix 5-1:0.251: probe with driver asix failed with error -71
[  187.535930][    T9] usb 5-1: USB disconnect, device number 7
[  187.553922][ T5867] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  187.585758][ T5867] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  188.408111][ T5867] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  188.417519][ T5867] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 101, changing to 10
[  188.429074][ T5867] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 18286, setting to 1024
[  188.451658][ T5867] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  188.460927][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  188.469785][ T7635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.490246][ T5867] usb 4-1: Product: syz
[  188.494472][ T5867] usb 4-1: Manufacturer: syz
[  188.673098][ T7635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.736672][ T7633] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  188.765031][ T7635] bond0 (unregistering): Released all slaves
[  188.817282][ T5867] cdc_wdm 4-1:1.0: skipping garbage
[  188.829901][ T5867] cdc_wdm 4-1:1.0: skipping garbage
[  188.897238][ T5867] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  188.950282][ T5916] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  188.968266][ T5867] cdc_wdm 4-1:1.0: Unknown control protocol
[  189.071339][ T7633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.130430][ T5916] usb 3-1: Using ep0 maxpacket: 32
[  189.173544][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 57528, setting to 1024
[  189.195587][ T7633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.235512][ T5916] usb 3-1: New USB device found, idVendor=056a, idProduct=033c, bcdDevice= 0.00
[  189.287097][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.323625][ T5867] usb 4-1: USB disconnect, device number 6
[  189.403467][ T5916] usb 3-1: config 0 descriptor??
[  190.480188][ T5916] wacom 0003:056A:033C.0002: Unknown device_type for 'HID 056a:033c'. Assuming pen.
[  190.533712][ T5916] wacom 0003:056A:033C.0002: hidraw0: USB HID v0.00 Device [HID 056a:033c] on usb-dummy_hcd.2-1/input0
[  190.546717][ T5916] input: Wacom Intuos PT S 2 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:033C.0002/input/input8
[  190.878123][ T5916] usb 3-1: USB disconnect, device number 11
[  191.740601][ T7681] process 'syz.1.542' launched './file1' with NULL argv: empty string added
[  192.987744][ T7704] overlayfs: failed to clone upperpath
[  193.058161][ T7710] @: renamed from vlan0 (while UP)
[  193.285864][ T7719] hsr0: entered promiscuous mode
[  193.320791][ T7717] netlink: 216 bytes leftover after parsing attributes in process `syz.4.551'.
[  193.324429][ T7719] vlan2: entered promiscuous mode
[  193.347366][ T7717] netlink: 24 bytes leftover after parsing attributes in process `syz.4.551'.
[  193.348259][ T7719] vlan2: entered allmulticast mode
[  193.374499][ T7717] netlink: 16 bytes leftover after parsing attributes in process `syz.4.551'.
[  194.126173][ T7738] netlink: 28 bytes leftover after parsing attributes in process `syz.0.558'.
[  194.194267][ T7738] netlink: 'syz.0.558': attribute type 7 has an invalid length.
[  194.248712][ T7738] netlink: 'syz.0.558': attribute type 8 has an invalid length.
[  194.318811][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.558'.
[  194.898975][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  194.905378][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  195.674904][ T7753] netlink: 4 bytes leftover after parsing attributes in process `syz.4.562'.
[  196.270365][ T7753] netlink: 20 bytes leftover after parsing attributes in process `syz.4.562'.
[  196.296679][ T7753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.562'.
[  196.385579][ T7753] netlink: 16 bytes leftover after parsing attributes in process `syz.4.562'.
[  196.545773][ T7753] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(����Q00000000000000000000004
[  196.545773][ T7753] 
[  199.691107][ T7807] overlayfs: missing 'lowerdir'
[  199.800241][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  200.020209][    T9] usb 3-1: device descriptor read/64, error -71
[  200.290540][ T5916] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  200.472147][ T5916] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.480519][    T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  200.484611][ T5916] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  200.549757][ T5916] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  200.572650][ T5916] usb 5-1: New USB device strings: Mfr=45, Product=63, SerialNumber=3
[  200.587970][ T5916] usb 5-1: Product: syz
[  200.594284][ T5916] usb 5-1: Manufacturer: syz
[  200.599164][ T5916] usb 5-1: SerialNumber: syz
[  200.620237][    T9] usb 3-1: device descriptor read/64, error -71
[  200.675616][ T5916] usb 5-1: config 0 descriptor??
[  200.731312][    T9] usb usb3-port1: attempt power cycle
[  201.100366][    T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  201.401939][    T9] usb 3-1: device descriptor read/8, error -71
[  201.674018][ T7835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.682875][ T7835] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.690213][    T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  201.700351][ T7835] xt_hashlimit: overflow, try lower: 0/0
[  201.721226][    T9] usb 3-1: device descriptor read/8, error -71
[  201.722246][ T5916] usb 5-1: USB disconnect, device number 8
[  201.840669][    T9] usb usb3-port1: unable to enumerate USB device
[  205.088472][ T7865] overlayfs: missing 'lowerdir'
[  206.830466][ T7890] loop2: detected capacity change from 0 to 7
[  206.858338][ T7890] Dev loop2: unable to read RDB block 7
[  206.880467][ T7890]  loop2: unable to read partition table
[  206.886320][ T7890] loop2: partition table beyond EOD, truncated
[  206.920315][ T7890] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  207.930378][ T5869] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  208.130385][ T5869] usb 1-1: Using ep0 maxpacket: 16
[  208.228920][ T5869] usb 1-1: config 0 has an invalid interface number: 49 but max is 0
[  208.348580][ T5869] usb 1-1: config 0 has no interface number 0
[  208.434359][ T5869] usb 1-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  208.602168][ T5869] usb 1-1: config 0 interface 49 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  208.731480][ T5869] usb 1-1: config 0 interface 49 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  208.808742][ T5869] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  208.845788][ T5869] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.864459][ T5869] usb 1-1: Product: syz
[  208.904577][ T5869] usb 1-1: Manufacturer: syz
[  209.097609][ T5869] usb 1-1: SerialNumber: syz
[  209.790632][ T5869] usb 1-1: config 0 descriptor??
[  209.796523][ T7899] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  209.867077][ T7908] FAULT_INJECTION: forcing a failure.
[  209.867077][ T7908] name failslab, interval 1, probability 0, space 0, times 0
[  209.914110][ T7908] CPU: 1 UID: 0 PID: 7908 Comm: syz.4.607 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  209.924850][ T7908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  209.934932][ T7908] Call Trace:
[  209.938245][ T7908]  <TASK>
[  209.941196][ T7908]  dump_stack_lvl+0x241/0x360
[  209.945930][ T7908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.951159][ T7908]  ? __pfx__printk+0x10/0x10
[  209.955785][ T7908]  ? fs_reclaim_acquire+0x93/0x130
[  209.960924][ T7908]  ? __pfx___might_resched+0x10/0x10
[  209.966249][ T7908]  ? dynamic_dname+0x141/0x1b0
[  209.971045][ T7908]  should_fail_ex+0x3b0/0x4e0
[  209.975755][ T7908]  should_failslab+0xac/0x100
[  209.980468][ T7908]  __kmalloc_noprof+0xdd/0x4c0
[  209.985259][ T7908]  ? tomoyo_encode+0x26f/0x540
[  209.990058][ T7908]  tomoyo_encode+0x26f/0x540
[  209.994766][ T7908]  ? __pfx_anon_inodefs_dname+0x10/0x10
[  210.000351][ T7908]  tomoyo_realpath_from_path+0x59e/0x5e0
[  210.006030][ T7908]  tomoyo_path_number_perm+0x236/0x860
[  210.011517][ T7908]  ? __lock_acquire+0x1397/0x2100
[  210.016574][ T7908]  ? tomoyo_path_number_perm+0x206/0x860
[  210.022242][ T7908]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  210.028300][ T7908]  ? __fget_files+0x2a/0x410
[  210.032923][ T7908]  ? __fget_files+0x2a/0x410
[  210.037543][ T7908]  security_file_ioctl+0xc6/0x2a0
[  210.042599][ T7908]  __se_sys_ioctl+0x46/0x170
[  210.047232][ T7908]  do_syscall_64+0xf3/0x230
[  210.051763][ T7908]  ? clear_bhb_loop+0x35/0x90
[  210.056471][ T7908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.062401][ T7908] RIP: 0033:0x7f3561f85d29
[  210.066848][ T7908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.086481][ T7908] RSP: 002b:00007f3562e05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  210.094955][ T7908] RAX: ffffffffffffffda RBX: 00007f3562175fa0 RCX: 00007f3561f85d29
[  210.102951][ T7908] RDX: 0000000020000000 RSI: 000000004008ae90 RDI: 0000000000000005
[  210.110934][ T7908] RBP: 00007f3562e05090 R08: 0000000000000000 R09: 0000000000000000
[  210.118919][ T7908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.126899][ T7908] R13: 0000000000000000 R14: 00007f3562175fa0 R15: 00007ffecdfb8ae8
[  210.134894][ T7908]  </TASK>
[  210.148719][ T7908] ERROR: Out of memory at tomoyo_realpath_from_path.
[  210.163018][ T7898] xt_hashlimit: overflow, try lower: 0/0
[  210.750365][    T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  211.129465][ T7917] ptrace attach of "./syz-executor exec"[5815] was attempted by ""[7917]
[  211.149926][ T7917] pimreg: entered allmulticast mode
[  211.382207][    T9] usb 3-1: device descriptor read/64, error -71
[  211.966647][ T5869] usb 1-1: USB disconnect, device number 8
[  212.322214][ T7927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.613'.
[  212.799878][ T7934] tipc: Started in network mode
[  212.805218][ T7934] tipc: Node identity ac14140f, cluster identity 4711
[  212.822287][ T7934] tipc: New replicast peer: 255.255.255.255
[  212.830059][ T7934] tipc: Enabled bearer <udp:syz2>, priority 10
[  213.963613][    T9] tipc: Node number set to 2886997007
[  216.890537][ T5869] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  217.070558][ T5869] usb 3-1: Using ep0 maxpacket: 16
[  217.086407][ T5869] usb 3-1: config 0 has an invalid interface number: 49 but max is 0
[  217.165282][ T5869] usb 3-1: config 0 has no interface number 0
[  217.259085][ T5869] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  218.072276][ T5869] usb 3-1: config 0 interface 49 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  218.082272][ T5869] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  218.144610][ T5869] usb 3-1: string descriptor 0 read error: -71
[  218.151814][ T5869] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  218.161033][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.193588][ T5869] usb 3-1: config 0 descriptor??
[  218.211714][ T5869] usb 3-1: can't set config #0, error -71
[  218.572011][ T5869] usb 3-1: USB disconnect, device number 18
[  218.750820][ T7976] overlayfs: failed to clone upperpath
[  219.158241][ T7988] netlink: 12 bytes leftover after parsing attributes in process `syz.2.631'.
[  219.520215][ T7998] vlan2: entered promiscuous mode
[  219.525334][ T7998] veth1_virt_wifi: entered promiscuous mode
[  219.532069][ T7998] vlan2: entered allmulticast mode
[  219.537284][ T7998] veth1_virt_wifi: entered allmulticast mode
[  219.553824][ T7998] veth1_virt_wifi: left allmulticast mode
[  219.559687][ T7998] veth1_virt_wifi: left promiscuous mode
[  221.090754][   T46] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  222.340186][   T46] usb 3-1: Using ep0 maxpacket: 16
[  222.347006][   T46] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  222.357156][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.421270][   T46] usb 3-1: config 0 descriptor??
[  222.429125][   T46] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  222.470317][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  222.620195][    T9] usb 5-1: Using ep0 maxpacket: 32
[  222.629667][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  222.631922][   T46] usb 3-1: Detected FT232B
[  222.645054][    T9] usb 5-1: config 2 has an invalid interface number: 155 but max is 1
[  222.657640][    T9] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  222.676071][    T9] usb 5-1: config 2 has 1 interface, different from the descriptor's value: 2
[  222.685150][    T9] usb 5-1: config 2 has no interface number 0
[  222.766926][    T9] usb 5-1: too many endpoints for config 2 interface 155 altsetting 15: 96, using maximum allowed: 30
[  222.778574][    T9] usb 5-1: config 2 interface 155 altsetting 15 has 0 endpoint descriptors, different from the interface descriptor's value: 96
[  222.792392][    T9] usb 5-1: config 2 interface 155 has no altsetting 0
[  222.803680][    T9] usb 5-1: string descriptor 0 read error: -22
[  222.810067][    T9] usb 5-1: New USB device found, idVendor=0781, idProduct=0100, bcdDevice= 1.00
[  222.820282][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.974313][    T9] usb-storage 5-1:2.155: USB Mass Storage device detected
[  223.005072][    T9] usb-storage 5-1:2.155: Quirks match for vid 0781 pid 0100: 1
[  223.013514][    T9] usb-storage 5-1:2.155: This device (0781,0100,0100 S 82 P 01) has an unneeded Protocol entry in unusual_devs.h (kernel 6.13.0-rc7-syzkaller-00189-g595523945be0)
[  223.013514][    T9]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  223.443636][ T5916] usb 5-1: USB disconnect, device number 9
[  223.514126][ T8055] x_tables: duplicate underflow at hook 1
[  223.557749][ T8059] netlink: 1788 bytes leftover after parsing attributes in process `syz.0.651'.
[  223.724258][ T8063] loop9: detected capacity change from 0 to 8
[  223.734660][ T8063]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  223.740484][ T8063] loop9: partition table partially beyond EOD, truncated
[  223.757552][   T46] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  223.760426][ T8063] loop9: p1 size 81768186 extends beyond EOD, truncated
[  223.785073][   T46] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  223.820265][   T46] usb 3-1: USB disconnect, device number 19
[  223.835532][   T46] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  223.838667][ T5836]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  223.860682][   T46] ftdi_sio 3-1:0.0: device disconnected
[  223.893100][ T5836] loop9: partition table partially beyond EOD, truncated
[  223.917377][ T5836] loop9: p1 size 81768186 extends beyond EOD, truncated
[  223.956409][ T8064]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  223.962109][ T8064] loop9: partition table partially beyond EOD, truncated
[  223.973683][ T8064] loop9: p1 size 81768186 extends beyond EOD, truncated
[  225.179128][ T8073] netlink: 16 bytes leftover after parsing attributes in process `syz.3.656'.
[  225.386531][ T8073] netlink: 4 bytes leftover after parsing attributes in process `syz.3.656'.
[  227.599268][ T8105] tmpfs: Unknown parameter 'seclabel'
[  227.751182][ T8100] 9pnet_fd: Insufficient options for proto=fd
[  227.771514][ T8098] 9pnet_fd: Insufficient options for proto=fd
[  227.840300][ T5869] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  227.870214][   T46] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  228.013755][ T5869] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  228.023174][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.040147][ T5869] usb 4-1: Product: syz
[  228.048024][   T46] usb 3-1: device descriptor read/64, error -71
[  228.320409][   T46] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  228.476133][   T46] usb 3-1: device descriptor read/64, error -71
[  228.602108][   T46] usb usb3-port1: attempt power cycle
[  229.005351][ T5869] usb 4-1: Manufacturer: syz
[  229.010006][ T5869] usb 4-1: SerialNumber: syz
[  229.023935][ T5869] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  229.050327][   T46] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  229.087410][   T46] usb 3-1: device descriptor read/8, error -71
[  229.305492][  T973] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  229.531463][ T5869] usb 4-1: USB disconnect, device number 7
[  229.551117][   T46] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  229.571006][   T46] usb 3-1: device descriptor read/8, error -71
[  229.697086][   T46] usb usb3-port1: unable to enumerate USB device
[  229.917922][ T8132] netlink: 4 bytes leftover after parsing attributes in process `syz.1.679'.
[  229.948252][ T8132] bridge0: port 3(macsec1) entered blocking state
[  230.060271][ T8132] bridge0: port 3(macsec1) entered disabled state
[  230.067227][ T8132] macsec1: entered allmulticast mode
[  230.082005][ T8132] macsec1: left allmulticast mode
[  230.330296][  T973] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  230.353681][ T8136] netlink: 92 bytes leftover after parsing attributes in process `syz.4.680'.
[  230.364316][  T973] ath9k_htc: Failed to initialize the device
[  230.379840][ T5869] usb 4-1: ath9k_htc: USB layer deinitialized
[  234.196467][ T8177] tipc: Enabling of bearer <qdp:s> rejected, media not registered
[  234.744693][ T8192] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  236.549600][   T46] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  237.183593][   T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  237.193941][   T46] usb 5-1: config 0 interface 0 altsetting 15 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  237.238525][   T46] usb 5-1: config 0 interface 0 has no altsetting 0
[  237.249882][   T46] usb 5-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[  237.259085][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.271088][   T46] usb 5-1: config 0 descriptor??
[  237.327791][   T29] audit: type=1326 audit(1737225201.387:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.359772][   T29] audit: type=1326 audit(1737225201.387:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.417896][   T29] audit: type=1326 audit(1737225201.397:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.456808][   T29] audit: type=1326 audit(1737225201.397:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.478282][    C0] vkms_vblank_simulate: vblank timer overrun
[  237.502722][   T29] audit: type=1326 audit(1737225201.397:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.508821][   T46] usb 5-1: string descriptor 0 read error: -71
[  237.524538][   T29] audit: type=1326 audit(1737225201.397:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.569234][   T46] usb 5-1: selecting invalid altsetting 0
[  237.624719][   T46] usb 5-1: USB disconnect, device number 10
[  237.654737][   T29] audit: type=1326 audit(1737225201.397:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.753684][   T29] audit: type=1326 audit(1737225201.397:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.833186][   T29] audit: type=1326 audit(1737225201.397:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  237.899334][   T29] audit: type=1326 audit(1737225201.397:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8215 comm="syz.3.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8224385d29 code=0x7ffc0000
[  238.024783][ T8230] netlink: 172 bytes leftover after parsing attributes in process `syz.3.712'.
[  238.040969][ T8230] netlink: 16 bytes leftover after parsing attributes in process `syz.3.712'.
[  238.249370][ T8232] block device autoloading is deprecated and will be removed.
[  238.260336][ T8232] syz.3.714: attempt to access beyond end of device
[  238.260336][ T8232] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  239.160282][   T46] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  239.411274][   T46] usb 3-1: device descriptor read/64, error -71
[  239.650576][   T46] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  239.808200][ T8271] overlayfs: failed to clone upperpath
[  239.810031][ T8270] netlink: 12 bytes leftover after parsing attributes in process `syz.4.726'.
[  239.823550][   T46] usb 3-1: device descriptor read/64, error -71
[  239.930587][   T46] usb usb3-port1: attempt power cycle
[  240.296107][   T46] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  240.322554][   T46] usb 3-1: device descriptor read/8, error -71
[  240.617034][   T46] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  240.972555][   T46] usb 3-1: device descriptor read/8, error -71
[  241.092572][   T46] usb usb3-port1: unable to enumerate USB device
[  241.204053][ T8300] fuse: Unknown parameter '000000000000000000030x0000000000000003'
[  241.242635][ T8302] netlink: 'syz.0.736': attribute type 1 has an invalid length.
[  241.318178][ T8302] 8021q: adding VLAN 0 to HW filter on device bond2
[  241.457686][ T8305] bond2: (slave gretap1): making interface the new active one
[  241.489966][ T8305] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  241.621262][ T8308] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  244.165402][ T8337] binder: 8334:8337 ioctl c0306201 200003c0 returned -22
[  244.250341][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  244.250358][   T29] audit: type=1326 audit(1737225208.257:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8332 comm="syz.1.746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x0
[  244.643621][ T5869] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  245.213149][ T5869] usb 4-1: device descriptor read/64, error -71
[  245.303696][ T8351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.748'.
[  245.732947][ T5869] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  245.795626][ T8355] netlink: 892 bytes leftover after parsing attributes in process `syz.2.751'.
[  245.955689][ T5869] usb 4-1: device descriptor read/64, error -71
[  246.081888][ T5869] usb usb4-port1: attempt power cycle
[  247.150963][ T5869] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  247.186146][ T5869] usb 4-1: device descriptor read/8, error -71
[  247.472424][ T5869] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  247.590898][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805cb7a800: rx timeout, send abort
[  247.600954][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805cb7a400: rx timeout, send abort
[  247.610221][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cb7a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  247.626127][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cb7a400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  247.710541][ T5869] usb 4-1: device not accepting address 11, error -71
[  247.719458][ T5869] usb usb4-port1: unable to enumerate USB device
[  249.978476][ T8401] xt_hashlimit: Unknown mode mask 2000, kernel too old?
[  250.368477][ T8409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.768'.
[  250.458834][ T8416] xt_hashlimit: overflow, try lower: 0/0
[  250.801297][ T8409] netlink: 4 bytes leftover after parsing attributes in process `syz.2.768'.
[  250.896637][ T8409] netlink: 32 bytes leftover after parsing attributes in process `syz.2.768'.
[  251.502322][ T8420] xt_cgroup: invalid path, errno=-2
[  252.167143][ T8436] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  252.199649][ T8436] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  254.142615][ T8455] loop9: detected capacity change from 0 to 8
[  254.161341][ T8455]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  254.167029][ T8455] loop9: partition table partially beyond EOD, truncated
[  254.176583][ T8455] loop9: p1 size 81768186 extends beyond EOD, truncated
[  254.700295][ T8461]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  254.705674][ T8461] loop9: partition table partially beyond EOD, truncated
[  254.712951][ T8461] loop9: p1 size 81768186 extends beyond EOD, truncated
[  255.653674][ T8472] netlink: 36 bytes leftover after parsing attributes in process `syz.0.786'.
[  256.332848][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  256.339380][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  256.625543][ T8486] fuse: Invalid rootmode
[  256.825017][ T8496] hub 6-0:1.0: USB hub found
[  256.831246][ T8496] hub 6-0:1.0: 1 port detected
[  257.010947][ T5867] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  257.269141][ T5867] usb 1-1: device descriptor read/64, error -71
[  257.336481][ T8479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.349163][ T8479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.362283][ T8479] bond0 (unregistering): Released all slaves
[  257.503440][ T8504] IPVS: set_ctl: invalid protocol: 33 224.0.0.1:20004
[  257.596221][ T5867] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  257.760791][ T5867] usb 1-1: device descriptor read/64, error -71
[  257.887063][ T5867] usb usb1-port1: attempt power cycle
[  258.146893][ T8507] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  258.178198][ T8507] loop2: detected capacity change from 0 to 15
[  258.202696][ T8507] Dev loop2: unable to read RDB block 15
[  258.208431][ T8507]  loop2: unable to read partition table
[  258.215895][ T8507] loop2: partition table beyond EOD, truncated
[  258.222811][ T8517] 9pnet_fd: Insufficient options for proto=fd
[  258.226299][ T8516] JFS: discard option not supported on device
[  258.237622][ T8507] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  258.260726][ T8516] syz.3.800: attempt to access beyond end of device
[  258.260726][ T8516] loop3: rw=0, sector=64, nr_sectors = 8 limit=0
[  258.296553][ T8516] syz.3.800: attempt to access beyond end of device
[  258.296553][ T8516] loop3: rw=0, sector=120, nr_sectors = 8 limit=0
[  258.310397][ T8513] No source specified
[  258.320889][ T5867] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  258.324747][ T8516] Mount JFS Failure: -5
[  258.336299][ T8516] jfs_mount failed w/return code = -5
[  258.360867][ T5867] usb 1-1: device descriptor read/8, error -71
[  259.244774][ T5867] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  259.270841][ T5867] usb 1-1: device descriptor read/8, error -71
[  259.298149][ T8529] kvm: pic: non byte write
[  259.397752][ T5867] usb usb1-port1: unable to enumerate USB device
[  259.520034][ T8541] netlink: 48 bytes leftover after parsing attributes in process `syz.1.807'.
[  259.539245][ T8538] netlink: 216 bytes leftover after parsing attributes in process `syz.4.808'.
[  259.549795][ T8538] netlink: 24 bytes leftover after parsing attributes in process `syz.4.808'.
[  259.566140][ T8533] loop2: detected capacity change from 0 to 7
[  259.580244][ T8538] netlink: 16 bytes leftover after parsing attributes in process `syz.4.808'.
[  259.581141][ T8533] Dev loop2: unable to read RDB block 7
[  259.618014][ T8533]  loop2: unable to read partition table
[  259.628292][ T8533] loop2: partition table beyond EOD, truncated
[  259.639746][ T8533] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  260.443156][ T8561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.815'.
[  260.491055][ T8561] loop2: detected capacity change from 0 to 7
[  260.553332][ T5820] Dev loop2: unable to read RDB block 7
[  260.558965][ T5820]  loop2: unable to read partition table
[  260.580526][ T5820] loop2: partition table beyond EOD, truncated
[  260.588867][ T8561] Dev loop2: unable to read RDB block 7
[  260.600310][ T8561]  loop2: unable to read partition table
[  260.606248][ T8561] loop2: partition table beyond EOD, truncated
[  260.613589][ T8561] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  260.660213][ T5867] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  260.810602][ T5867] usb 1-1: Using ep0 maxpacket: 16
[  260.820175][ T5867] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  260.830686][ T5867] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  260.839754][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.853777][ T5867] usb 1-1: config 0 descriptor??
[  260.878290][ T5867] pxrc 1-1:0.0: Could not find endpoint
[  261.073129][ T8581] bridge2: entered promiscuous mode
[  261.078478][ T8581] bridge2: entered allmulticast mode
[  261.197142][ T5867] usb 1-1: USB disconnect, device number 13
[  261.368976][ T8589] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  261.424397][ T8595] overlay: Unknown parameter 'appraise'
[  261.449764][ T8595] netlink: 52 bytes leftover after parsing attributes in process `syz.3.830'.
[  264.658907][ T8638] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  265.489595][ T8652] netlink: 92 bytes leftover after parsing attributes in process `syz.0.849'.
[  266.020333][ T5869] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  266.460296][ T5869] usb 3-1: Using ep0 maxpacket: 8
[  266.575981][ T5869] usb 3-1: config 21 has an invalid interface number: 99 but max is 3
[  266.589042][ T5869] usb 3-1: config 21 contains an unexpected descriptor of type 0x1, skipping
[  266.629407][ T5869] usb 3-1: config 21 has an invalid interface number: 51 but max is 3
[  266.669823][ T5869] usb 3-1: config 21 has an invalid interface number: 208 but max is 3
[  266.690557][ T5869] usb 3-1: config 21 contains an unexpected descriptor of type 0x2, skipping
[  266.719946][ T5869] usb 3-1: config 21 has an invalid interface number: 54 but max is 3
[  266.769453][ T5869] usb 3-1: config 21 has no interface number 0
[  266.829955][ T5869] usb 3-1: config 21 has no interface number 1
[  266.857697][ T5869] usb 3-1: config 21 has no interface number 2
[  266.897664][ T5869] usb 3-1: config 21 has no interface number 3
[  266.929449][ T5869] usb 3-1: config 21 interface 99 altsetting 200 has a duplicate endpoint with address 0xF, skipping
[  266.986927][ T5869] usb 3-1: config 21 interface 51 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 16
[  267.027931][ T5869] usb 3-1: config 21 interface 51 altsetting 7 has a duplicate endpoint with address 0xC, skipping
[  267.056796][ T5869] usb 3-1: config 21 interface 208 altsetting 250 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  267.130308][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has a duplicate endpoint with address 0x5, skipping
[  267.169936][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has a duplicate endpoint with address 0x86, skipping
[  267.205992][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has an invalid descriptor for endpoint zero, skipping
[  267.238872][ T5869] usb 3-1: config 21 interface 208 altsetting 250 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  267.266505][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has a duplicate endpoint with address 0xD, skipping
[  267.298287][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has a duplicate endpoint with address 0xC, skipping
[  267.330011][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has a duplicate endpoint with address 0x3, skipping
[  267.358742][ T5869] usb 3-1: config 21 interface 208 altsetting 250 endpoint 0xA has invalid maxpacket 512, setting to 64
[  267.383149][ T5869] usb 3-1: config 21 interface 208 altsetting 250 has 11 endpoint descriptors, different from the interface descriptor's value: 10
[  267.406477][ T5869] usb 3-1: config 21 interface 54 altsetting 9 has an endpoint descriptor with address 0x17, changing to 0x7
[  267.438473][ T5869] usb 3-1: config 21 interface 54 altsetting 9 has a duplicate endpoint with address 0xB, skipping
[  267.465433][ T5869] usb 3-1: config 21 interface 54 altsetting 9 has a duplicate endpoint with address 0x6, skipping
[  267.497963][ T5869] usb 3-1: config 21 interface 54 altsetting 9 has a duplicate endpoint with address 0x5, skipping
[  267.515669][ T5869] usb 3-1: config 21 interface 54 altsetting 9 bulk endpoint 0x4 has invalid maxpacket 16
[  267.542121][ T5869] usb 3-1: config 21 interface 99 has no altsetting 0
[  267.567415][ T5869] usb 3-1: config 21 interface 51 has no altsetting 0
[  267.596013][ T5869] usb 3-1: config 21 interface 208 has no altsetting 0
[  267.610163][ T5869] usb 3-1: config 21 interface 54 has no altsetting 0
[  267.636047][ T5869] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=15.15
[  267.649443][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.696960][ T5869] usb 3-1: Product: syz
[  267.710037][ T5869] usb 3-1: Manufacturer: syz
[  267.724827][ T5869] usb 3-1: SerialNumber: syz
[  267.745077][ T5869] usb 3-1: can't set config #21, error -71
[  267.758363][ T5869] usb 3-1: USB disconnect, device number 28
[  267.848841][ T8694] netlink: 12 bytes leftover after parsing attributes in process `syz.2.861'.
[  267.858020][ T8694] netlink: 16 bytes leftover after parsing attributes in process `syz.2.861'.
[  268.482760][   T29] audit: type=1326 audit(1737225232.547:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.1.864" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e2b185d29 code=0x0
[  268.504973][ T6091] wlan1: Trigger new scan to find an IBSS to join
[  269.282425][ T8712] cgroup: none used incorrectly
[  269.872997][ T8712] orangefs_mount: mount request failed with -4
[  270.134265][ T8715] netlink: 12 bytes leftover after parsing attributes in process `syz.0.867'.
[  270.340515][ T8718] overlayfs: missing 'lowerdir'
[  271.810374][    T9] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  272.061957][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  272.074332][    T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  272.111170][ T8743] kvm: pic: non byte write
[  272.123609][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  272.181344][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 144, setting to 64
[  272.208305][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  272.230712][  T973] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  272.266357][    T9] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  272.281840][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  272.290000][    T9] usb 1-1: Product: syz
[  272.363596][ T8750] netlink: 1788 bytes leftover after parsing attributes in process `syz.2.879'.
[  273.006268][    T9] usb 1-1: Manufacturer: syz
[  273.015846][    T9] usb 1-1: SerialNumber: syz
[  273.024340][    T9] usb 1-1: config 0 descriptor??
[  273.029853][ T8725] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  273.100846][  T973] usb 4-1: Using ep0 maxpacket: 8
[  273.108981][  T973] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  273.120173][  T973] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  273.123423][ T8757] xt_TPROXY: Can be used only with -p tcp or -p udp
[  273.129958][  T973] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  273.184006][  T973] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  273.214770][  T973] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  273.253928][  T973] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  273.263496][  T973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.337362][    T9] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  273.344319][    T9] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  273.681646][ T6013] wlan1: Trigger new scan to find an IBSS to join
[  273.685680][ T5867] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  273.709726][    T9] radio-si470x 1-1:0.0: software version 0, hardware version 0
[  273.718898][  T973] usb 4-1: GET_CAPABILITIES returned 0
[  273.724593][  T973] usbtmc 4-1:16.0: can't read capabilities
[  273.732203][    T9] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  273.744659][    T9] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  273.813688][ T8774] ptrace attach of "./syz-executor exec"[5815] was attempted by ""[8774]
[  273.834850][ T5867] usb 5-1: device descriptor read/64, error -71
[  273.933408][ T8725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.008059][ T8725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.080518][ T5867] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  274.431549][ T5867] usb 5-1: device descriptor read/64, error -71
[  274.447166][ T8776] openvswitch: netlink: Unknown nsh attribute 0
[  274.454025][ T8776] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  274.506020][ T8776] evm: overlay not supported
[  274.560578][ T5867] usb usb5-port1: attempt power cycle
[  274.589065][    T9] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71
[  274.606643][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.613363][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.620037][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.626981][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.635429][  T973] usb 4-1: USB disconnect, device number 12
[  274.641807][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.643263][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.643500][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.643717][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.643930][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.644167][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.644440][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.651024][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.657543][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.664120][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.670677][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.677199][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.683807][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.690359][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.696885][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.703507][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.710039][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.716624][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.723285][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.729804][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.736447][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.743028][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.750716][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.757286][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.763829][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.770411][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.776945][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.783780][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.790706][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.797308][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.803903][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.809580][ T8781] sch_tbf: peakrate 5120 is lower than or equals to rate 18106760376364425629 !
[  274.810450][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.810647][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.810831][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.831212][ T6047] wlan1: Creating new IBSS network, BSSID ce:3a:8a:92:19:08
[  274.838608][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.891780][    T9] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71
[  274.901577][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.909374][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.913030][ T5867] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  274.916053][    C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[  274.941472][    T9] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22
[  274.966351][    T9] usb 1-1: USB disconnect, device number 14
[  274.982072][ T5867] usb 5-1: device descriptor read/8, error -71
[  275.029166][ T8789] xt_hashlimit: size too large, truncated to 1048576
[  275.866386][ T8789] SET target dimension over the limit!
[  275.890306][ T5867] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  275.950487][ T5867] usb 5-1: device descriptor read/8, error -71
[  275.975769][ T8797] netlink: 'syz.1.895': attribute type 29 has an invalid length.
[  275.991299][ T8797] netlink: 'syz.1.895': attribute type 29 has an invalid length.
[  276.004169][ T8797] netlink: 508 bytes leftover after parsing attributes in process `syz.1.895'.
[  276.060584][ T5867] usb usb5-port1: unable to enumerate USB device
[  277.482496][ T8819] syz.3.903: attempt to access beyond end of device
[  277.482496][ T8819] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  277.495407][ T8819] hpfs: hpfs_map_sector(): read error
[  278.369783][ T8842] overlayfs: conflicting options: userxattr,redirect_dir=follow
[  279.051773][ T8855] overlayfs: failed to clone upperpath
[  279.073047][ T8844] x_tables: unsorted underflow at hook 3
[  279.079300][ T8844] netlink: 32 bytes leftover after parsing attributes in process `syz.3.909'.
[  279.472328][ T2149] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  279.636548][ T2149] usb 4-1: config index 0 descriptor too short (expected 19, got 18)
[  279.686019][ T2149] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=1f.ad
[  279.820789][ T2149] usb 4-1: New USB device strings: Mfr=199, Product=128, SerialNumber=155
[  279.918985][ T2149] usb 4-1: Product: syz
[  279.923416][ T2149] usb 4-1: Manufacturer: syz
[  279.928041][ T2149] usb 4-1: SerialNumber: syz
[  279.960234][ T2149] usb 4-1: config 0 descriptor??
[  279.968352][ T2149] gspca_main: spca508-2.14.0 probing 8086:0110
[  280.181572][ T2149] gspca_spca508: reg_read err -32
[  280.335622][ T8881] netlink: 'syz.0.925': attribute type 4 has an invalid length.
[  280.475706][ T8885] xfrm0: entered allmulticast mode
[  281.140348][ T2149] gspca_spca508: reg_read err -32
[  281.220289][    T8] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  281.388923][ T2149] gspca_spca508: reg_read err -71
[  281.395897][ T2149] gspca_spca508: reg_read err -71
[  281.401636][ T2149] gspca_spca508: reg write: error -71
[  281.407551][ T2149] spca508 4-1:0.0: probe with driver spca508 failed with error -71
[  281.419923][ T2149] usb 4-1: USB disconnect, device number 13
[  281.433594][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.444780][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  281.455603][    T8] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  281.464875][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.511649][    T8] usb 1-1: config 0 descriptor??
[  281.732161][ T8888] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.744035][ T8888] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.071848][    T8] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor
[  282.085940][    T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0003/input/input13
[  282.215371][    T8] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  282.354945][ T8919] syz.3.936: attempt to access beyond end of device
[  282.354945][ T8919] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  282.370047][ T8921] netlink: 188 bytes leftover after parsing attributes in process `syz.1.937'.
[  284.218884][    T8] usb 1-1: reset high-speed USB device number 15 using dummy_hcd
[  284.762294][ T8952] syz.3.948: attempt to access beyond end of device
[  284.762294][ T8952] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  285.059266][ T8956] hub 6-0:1.0: USB hub found
[  285.065264][ T8956] hub 6-0:1.0: 1 port detected
[  285.934700][ T5869] usb 1-1: USB disconnect, device number 15
[  286.105677][ T8970] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  286.677261][ T8976] netlink: 'syz.3.956': attribute type 12 has an invalid length.
[  286.787537][ T8983] netlink: 248 bytes leftover after parsing attributes in process `syz.4.958'.
[  286.865056][ T8988] overlayfs: missing 'lowerdir'
[  287.306743][ T9005] FAULT_INJECTION: forcing a failure.
[  287.306743][ T9005] name failslab, interval 1, probability 0, space 0, times 0
[  287.350217][ T9005] CPU: 0 UID: 0 PID: 9005 Comm: syz.0.965 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  287.360967][ T9005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  287.371050][ T9005] Call Trace:
[  287.374329][ T9005]  <TASK>
[  287.377256][ T9005]  dump_stack_lvl+0x241/0x360
[  287.381942][ T9005]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.387138][ T9005]  ? __pfx__printk+0x10/0x10
[  287.391728][ T9005]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  287.397094][ T9005]  ? __pfx___might_resched+0x10/0x10
[  287.402387][ T9005]  should_fail_ex+0x3b0/0x4e0
[  287.407152][ T9005]  should_failslab+0xac/0x100
[  287.411831][ T9005]  __kmalloc_node_noprof+0xe1/0x4d0
[  287.417056][ T9005]  ? __kvmalloc_node_noprof+0x72/0x190
[  287.422515][ T9005]  __kvmalloc_node_noprof+0x72/0x190
[  287.427853][ T9005]  alloc_netdev_mqs+0xa72/0x1080
[  287.432803][ T9005]  rtnl_create_link+0x2f9/0xc20
[  287.437665][ T9005]  rtnl_newlink_create+0x210/0xa40
[  287.442884][ T9005]  ? __pfx___mutex_lock+0x10/0x10
[  287.447918][ T9005]  ? cap_capable+0x1b4/0x250
[  287.452509][ T9005]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  287.458150][ T9005]  ? ns_capable+0x8a/0xf0
[  287.462493][ T9005]  rtnl_newlink+0x1c7e/0x2210
[  287.467191][ T9005]  ? __pfx_rtnl_newlink+0x10/0x10
[  287.472251][ T9005]  ? __netlink_deliver_tap+0x56b/0x7f0
[  287.477710][ T9005]  ? __pfx_validate_chain+0x10/0x10
[  287.482910][ T9005]  ? __sock_sendmsg+0x221/0x270
[  287.487762][ T9005]  ? ____sys_sendmsg+0x52a/0x7e0
[  287.492701][ T9005]  ? __sys_sendmsg+0x269/0x350
[  287.497465][ T9005]  ? do_syscall_64+0xf3/0x230
[  287.502136][ T9005]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.508220][ T9005]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  287.514248][ T9005]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  287.520599][ T9005]  ? mark_lock+0x9a/0x360
[  287.524951][ T9005]  ? __lock_acquire+0x1397/0x2100
[  287.530002][ T9005]  ? __pfx_lock_release+0x10/0x10
[  287.535029][ T9005]  ? cap_capable+0x1b4/0x250
[  287.539635][ T9005]  ? __pfx_rtnl_newlink+0x10/0x10
[  287.544675][ T9005]  rtnetlink_rcv_msg+0x791/0xcf0
[  287.549617][ T9005]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  287.554732][ T9005]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  287.560196][ T9005]  ? ref_tracker_free+0x643/0x7e0
[  287.565227][ T9005]  netlink_rcv_skb+0x1e3/0x430
[  287.569993][ T9005]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  287.575461][ T9005]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  287.580767][ T9005]  ? netlink_deliver_tap+0x2e/0x1b0
[  287.585975][ T9005]  netlink_unicast+0x7f6/0x990
[  287.590745][ T9005]  ? __pfx_netlink_unicast+0x10/0x10
[  287.596025][ T9005]  ? __virt_addr_valid+0x45f/0x530
[  287.601138][ T9005]  ? __phys_addr_symbol+0x2f/0x70
[  287.606165][ T9005]  ? __check_object_size+0x47a/0x730
[  287.611465][ T9005]  netlink_sendmsg+0x8e4/0xcb0
[  287.616249][ T9005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.621542][ T9005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.626825][ T9005]  __sock_sendmsg+0x221/0x270
[  287.631538][ T9005]  ____sys_sendmsg+0x52a/0x7e0
[  287.636309][ T9005]  ? __pfx_____sys_sendmsg+0x10/0x10
[  287.641614][ T9005]  ? __fget_files+0x2a/0x410
[  287.646209][ T9005]  ? __fget_files+0x2a/0x410
[  287.650805][ T9005]  __sys_sendmsg+0x269/0x350
[  287.655397][ T9005]  ? __pfx_lock_release+0x10/0x10
[  287.660424][ T9005]  ? __pfx___sys_sendmsg+0x10/0x10
[  287.665542][ T9005]  ? __pfx_vfs_write+0x10/0x10
[  287.670335][ T9005]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  287.676672][ T9005]  ? do_syscall_64+0x100/0x230
[  287.681440][ T9005]  ? do_syscall_64+0xb6/0x230
[  287.686115][ T9005]  do_syscall_64+0xf3/0x230
[  287.690620][ T9005]  ? clear_bhb_loop+0x35/0x90
[  287.695299][ T9005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.701200][ T9005] RIP: 0033:0x7f935a385d29
[  287.705642][ T9005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.725272][ T9005] RSP: 002b:00007f935b20f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.733695][ T9005] RAX: ffffffffffffffda RBX: 00007f935a575fa0 RCX: 00007f935a385d29
[  287.741673][ T9005] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 000000000000000c
[  287.749650][ T9005] RBP: 00007f935b20f090 R08: 0000000000000000 R09: 0000000000000000
[  287.757628][ T9005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  287.765602][ T9005] R13: 0000000000000000 R14: 00007f935a575fa0 R15: 00007fffd218af38
[  287.773604][ T9005]  </TASK>
[  289.690382][  T973] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  289.825868][ T9033] netlink: 24 bytes leftover after parsing attributes in process `syz.3.976'.
[  289.853571][  T973] usb 1-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  289.869669][  T973] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  289.879948][  T973] usb 1-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00
[  290.590178][  T973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.659843][  T973] usb 1-1: config 0 descriptor??
[  291.943467][ T9055] netlink: 12 bytes leftover after parsing attributes in process `syz.1.982'.
[  292.848272][  T973] usb 1-1: USB disconnect, device number 16
[  292.970308][ T5867] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  293.050364][ T2149] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  293.067368][ T9072] vlan0: entered allmulticast mode
[  293.146619][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.181087][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.196397][ T5867] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  293.209453][ T5867] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  293.236033][ T2149] usb 4-1: config 255 has an invalid interface number: 182 but max is 2
[  293.258338][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.266993][ T2149] usb 4-1: config 255 has an invalid interface number: 254 but max is 2
[  293.285056][ T2149] usb 4-1: config 255 has an invalid interface number: 57 but max is 2
[  293.295432][ T5867] usb 5-1: config 0 descriptor??
[  293.306018][ T2149] usb 4-1: config 255 contains an unexpected descriptor of type 0x1, skipping
[  293.318071][ T2149] usb 4-1: config 255 has an invalid interface number: 16 but max is 2
[  293.326681][ T2149] usb 4-1: config 255 has an invalid interface number: 60 but max is 2
[  293.340000][ T2149] usb 4-1: config 255 has an invalid interface number: 103 but max is 2
[  293.357887][ T2149] usb 4-1: config 255 has 6 interfaces, different from the descriptor's value: 3
[  293.389269][ T2149] usb 4-1: config 255 has no interface number 0
[  293.409792][ T2149] usb 4-1: config 255 has no interface number 1
[  293.419998][ T2149] usb 4-1: config 255 has no interface number 2
[  293.433263][ T2149] usb 4-1: config 255 has no interface number 3
[  293.446292][ T2149] usb 4-1: config 255 has no interface number 4
[  293.456136][ T2149] usb 4-1: config 255 has no interface number 5
[  293.468867][ T2149] usb 4-1: config 255 interface 182 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  293.496648][ T6058] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.496774][ T2149] usb 4-1: too many endpoints for config 255 interface 254 altsetting 243: 100, using maximum allowed: 30
[  293.542531][ T2149] usb 4-1: config 255 interface 254 altsetting 243 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  293.562737][ T2149] usb 4-1: config 255 interface 57 altsetting 5 has a duplicate endpoint with address 0x9, skipping
[  293.587301][ T2149] usb 4-1: config 255 interface 57 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  293.618150][ T2149] usb 4-1: too many endpoints for config 255 interface 16 altsetting 253: 69, using maximum allowed: 30
[  293.654063][ T2149] usb 4-1: config 255 interface 16 altsetting 253 endpoint 0x7 has an invalid bInterval 133, changing to 11
[  293.674216][ T2149] usb 4-1: config 255 interface 16 altsetting 253 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  293.698373][ T2149] usb 4-1: config 255 interface 16 altsetting 253 has an invalid descriptor for endpoint zero, skipping
[  293.744656][ T5867] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  293.747508][ T6058] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.781129][ T5867] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  293.801280][ T2149] usb 4-1: config 255 interface 16 altsetting 253 has 3 endpoint descriptors, different from the interface descriptor's value: 69
[  293.839859][ T5867] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  293.879463][ T2149] usb 4-1: config 255 interface 60 altsetting 125 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  293.952154][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has a duplicate endpoint with address 0x3, skipping
[  294.004408][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  294.116459][ T2149] usb 4-1: config 255 interface 103 altsetting 7 bulk endpoint 0xA has invalid maxpacket 8
[  294.187619][ T6058] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.209126][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  294.233498][ T2149] usb 4-1: config 255 interface 103 altsetting 7 endpoint 0x8 has invalid maxpacket 1024, setting to 64
[  294.267261][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  294.339587][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has a duplicate endpoint with address 0x8, skipping
[  294.360408][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has a duplicate endpoint with address 0xD, skipping
[  294.373499][ T6058] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.389912][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has a duplicate endpoint with address 0x3, skipping
[  294.401769][ T2149] usb 4-1: config 255 interface 103 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  294.413747][ T2149] usb 4-1: config 255 interface 182 has no altsetting 0
[  294.421515][ T2149] usb 4-1: config 255 interface 254 has no altsetting 0
[  294.429661][ T2149] usb 4-1: config 255 interface 57 has no altsetting 0
[  294.437242][ T2149] usb 4-1: config 255 interface 16 has no altsetting 0
[  294.491546][ T2149] usb 4-1: config 255 interface 60 has no altsetting 0
[  294.509718][ T2149] usb 4-1: config 255 interface 103 has no altsetting 0
[  294.531500][ T5825] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  294.542173][ T5825] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  294.550890][ T5825] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  294.559277][ T5825] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  294.563565][ T2149] usb 4-1: New USB device found, idVendor=3340, idProduct=0426, bcdDevice=40.82
[  294.585642][ T5825] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  294.595711][ T5825] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  294.612557][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  294.621663][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  294.682754][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  294.691846][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  294.700652][ T5828] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  294.709991][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  294.778357][ T6058] bridge_slave_1: left allmulticast mode
[  294.785404][ T2149] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.787154][ T6058] bridge_slave_1: left promiscuous mode
[  294.794150][ T2149] usb 4-1: Product: syz
[  294.803508][ T2149] usb 4-1: Manufacturer: syz
[  294.808199][ T2149] usb 4-1: SerialNumber: syz
[  294.817483][ T6058] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.864989][ T6058] bridge_slave_0: left allmulticast mode
[  294.873019][ T6058] bridge_slave_0: left promiscuous mode
[  294.878768][ T6058] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.610537][   T46] usb 5-1: reset high-speed USB device number 15 using dummy_hcd
[  295.674632][ T2149] usb 4-1: USB disconnect, device number 14
[  296.814501][ T5828] Bluetooth: hci1: command tx timeout
[  297.053801][ T5947] usb 5-1: USB disconnect, device number 15
[  299.117427][ T9144] netlink: 1788 bytes leftover after parsing attributes in process `syz.1.1010'.
[  299.232989][ T5828] Bluetooth: hci1: command tx timeout
[  299.400467][ T5947] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  299.735614][ T6058] bond1 (unregistering): Released all slaves
[  300.102441][ T6058] tipc: Disabling bearer <udp:syz2>
[  300.130301][ T6058] tipc: Left network mode
[  300.130561][ T5947] usb 5-1: Using ep0 maxpacket: 16
[  300.153440][ T5947] usb 5-1: unable to get BOS descriptor or descriptor too short
[  300.165400][ T5947] usb 5-1: config 7 has an invalid interface number: 151 but max is 0
[  300.203798][ T5947] usb 5-1: config 7 has no interface number 0
[  300.412528][ T9161] netlink: 564 bytes leftover after parsing attributes in process `syz.1.1012'.
[  300.421911][ T9161] netlink: 564 bytes leftover after parsing attributes in process `syz.1.1012'.
[  300.458438][ T5947] usb 5-1: config 7 interface 151 has no altsetting 0
[  301.223336][ T5947] usb 5-1: New USB device found, idVendor=0c45, idProduct=628e, bcdDevice=d9.8d
[  301.232556][ T5947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.244094][ T5947] usb 5-1: can't set config #7, error -71
[  301.481478][ T5828] Bluetooth: hci1: command tx timeout
[  301.585303][ T5947] usb 5-1: USB disconnect, device number 16
[  302.937491][ T9189] overlayfs: missing 'lowerdir'
[  302.970454][ T9191] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1021'.
[  303.032624][ T9192] netlink: 'syz.0.1022': attribute type 9 has an invalid length.
[  303.047656][ T9192] netlink: 'syz.0.1022': attribute type 6 has an invalid length.
[  303.059371][ T9091] chnl_net:caif_netlink_parms(): no params data found
[  303.106675][ T9186] netlink: 'syz.4.1021': attribute type 29 has an invalid length.
[  303.115155][ T9187] netlink: 'syz.4.1021': attribute type 29 has an invalid length.
[  303.286514][ T6058] hsr_slave_0: left promiscuous mode
[  303.364000][ T6058] hsr_slave_1: left promiscuous mode
[  303.375951][ T6058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.383707][ T6058] batman_adv: batadv0: Removing interface: batadv_slave_0
[  303.419476][ T6058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.432129][ T6058] batman_adv: batadv0: Removing interface: batadv_slave_1
[  303.468017][ T6058] veth1_macvtap: left promiscuous mode
[  303.476772][ T6058] veth0_macvtap: left promiscuous mode
[  303.486931][ T6058] veth1_vlan: left promiscuous mode
[  303.495177][ T6058] veth0_vlan: left promiscuous mode
[  303.530369][ T5828] Bluetooth: hci1: command tx timeout
[  304.845393][ T6091] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  306.003410][ T6058] team0 (unregistering): Port device team_slave_1 removed
[  306.075325][ T6058] team0 (unregistering): Port device team_slave_0 removed
[  307.085897][ T9091] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.099980][ T9091] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.121164][ T9091] bridge_slave_0: entered allmulticast mode
[  307.151043][ T9091] bridge_slave_0: entered promiscuous mode
[  307.179240][ T9091] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.214629][ T9091] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.234927][ T9091] bridge_slave_1: entered allmulticast mode
[  307.258668][ T9091] bridge_slave_1: entered promiscuous mode
[  307.353330][ T9249] netlink: 'syz.3.1040': attribute type 1 has an invalid length.
[  307.646597][ T9249] 8021q: adding VLAN 0 to HW filter on device bond1
[  308.077031][ T9246] bond1: (slave bridge3): making interface the new active one
[  308.107734][ T9246] bond1: (slave bridge3): Enslaving as an active interface with an up link
[  308.146690][ T9091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.225666][ T9091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.266544][ T9257] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1041'.
[  308.291575][ T9257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1041'.
[  308.350280][ T9091] team0: Port device team_slave_0 added
[  308.366371][ T9091] team0: Port device team_slave_1 added
[  308.429719][ T9091] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.441236][ T9091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.487892][ T9091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.610588][ T9091] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.627573][ T9091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.662158][ T9091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.712772][ T9091] hsr_slave_0: entered promiscuous mode
[  308.719251][ T9091] hsr_slave_1: entered promiscuous mode
[  308.728643][ T9091] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  308.926200][ T9091] Cannot create hsr debugfs directory
[  309.354713][ T5947] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  309.740888][ T5947] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  309.750387][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.758438][ T5947] usb 4-1: Product: syz
[  310.472796][ T5947] usb 4-1: Manufacturer: syz
[  310.477688][ T5947] usb 4-1: SerialNumber: syz
[  310.486657][ T5947] usb 4-1: config 0 descriptor??
[  310.737186][   T30] INFO: task udevd:5817 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  310.824186][   T30]       Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  310.840841][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  310.859944][   T30] task:udevd           state:D stack:20944 pid:5817  tgid:5817  ppid:1      flags:0x00004002
[  310.886322][ T5947] dvb_usb_dtv5100 4-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71
[  310.954346][   T30] Call Trace:
[  310.957703][   T30]  <TASK>
[  310.984774][   T30]  __schedule+0x17fb/0x4be0
[  311.026580][   T30]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  311.037949][ T5947] usb 4-1: USB disconnect, device number 15
[  311.050476][   T30]  ? __pfx___schedule+0x10/0x10
[  311.055401][   T30]  ? __blk_flush_plug+0x449/0x500
[  311.100297][   T30]  ? __pfx_lock_release+0x10/0x10
[  311.105418][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  311.141065][   T30]  ? schedule+0x90/0x320
[  311.145375][   T30]  schedule+0x14b/0x320
[  311.149579][   T30]  schedule_timeout+0x15a/0x290
[  311.154645][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  311.160061][   T30]  ? __pfx_process_timeout+0x10/0x10
[  311.165504][   T30]  ? prepare_to_wait_event+0x3bd/0x400
[  311.171591][   T30]  nbd_queue_rq+0x7d9/0x2ef0
[  311.176395][   T30]  ? mark_lock+0x9a/0x360
[  311.180894][   T30]  ? __pfx_nbd_queue_rq+0x10/0x10
[  311.186007][   T30]  ? __lock_acquire+0x1397/0x2100
[  311.191378][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  311.198045][   T30]  blk_mq_dispatch_rq_list+0xad3/0x19d0
[  311.214823][   T30]  ? sbitmap_get+0x289/0x3f0
[  311.219913][   T30]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  311.238664][   T30]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  311.256052][   T30]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  311.264275][   T30]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  311.276714][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  311.277925][ T9283] infiniband syz2: set active
[  311.281856][   T30]  ? __pfx___might_resched+0x10/0x10
[  311.281897][   T30]  ? sbitmap_any_bit_set+0x155/0x190
[  311.281921][   T30]  ? blk_mq_hw_queue_need_run+0x14d/0x6d0
[  311.281944][   T30]  blk_mq_sched_dispatch_requests+0xd6/0x190
[  311.290057][ T9283] infiniband syz2: added team_slave_1
[  311.292821][   T30]  ? blk_mq_run_hw_queue+0x32b/0x500
[  311.312619][ T9283] syz2: rxe_create_cq: returned err = -12
[  311.315039][   T30]  blk_mq_run_hw_queue+0x354/0x500
[  311.322020][ T9283] infiniband syz2: Couldn't create ib_mad CQ
[  311.337987][   T30]  blk_mq_flush_plug_list+0x118e/0x1870
[  311.350475][ T9283] infiniband syz2: Couldn't open port 1
[  311.351981][   T30]  ? __pfx_update_io_ticks+0x10/0x10
[  311.362633][   T30]  ? blk_add_rq_to_plug+0x308/0x4b0
[  311.367882][   T30]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  311.375229][   T30]  ? blk_mq_submit_bio+0xf74/0x2390
[  311.387238][   T30]  __blk_flush_plug+0x420/0x500
[  311.401133][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  311.402421][ T9283] RDS/IB: syz2: added
[  311.407152][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  311.417029][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  311.417237][ T9283] smc: adding ib device syz2 with port count 1
[  311.423457][   T30]  __submit_bio+0x46a/0x560
[  311.423489][   T30]  ? __pfx___submit_bio+0x10/0x10
[  311.423526][   T30]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  311.423546][   T30]  ? bio_associate_blkg_from_css+0x182/0xc70
[  311.423579][   T30]  ? __pfx___might_resched+0x10/0x10
[  311.423607][   T30]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  311.423651][   T30]  block_read_full_folio+0x9b3/0xae0
[  311.423683][   T30]  ? __pfx_blkdev_get_block+0x10/0x10
[  311.423708][   T30]  ? __pfx_block_read_full_folio+0x10/0x10
[  311.423736][   T30]  ? folio_add_lru+0x187/0x230
[  311.423768][   T30]  filemap_read_folio+0x148/0x3b0
[  311.430235][ T5947] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  311.434426][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  311.457714][ T9283] smc:    ib device syz2 port 1 has pnetid 
[  311.462577][   T30]  ? __pfx_filemap_read_folio+0x10/0x10
[  311.462607][   T30]  ? __filemap_get_folio+0x848/0x940
[  311.462639][   T30]  do_read_cache_folio+0x373/0x5b0
[  311.462661][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  311.462691][   T30]  read_part_sector+0xb3/0x260
[  311.462719][   T30]  adfspart_check_ICS+0xd9/0x9a0
[  311.462747][   T30]  ? __pfx_vsnprintf+0x10/0x10
[  311.545509][   T30]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  311.551211][   T30]  ? snprintf+0xda/0x120
[  311.555500][   T30]  ? alloc_pages_mpol_noprof+0x58e/0x780
[  311.561239][   T30]  ? vsnprintf+0x1cc3/0x1da0
[  311.565860][   T30]  ? vsnprintf+0x184/0x1da0
[  311.570436][   T30]  ? __pfx_snprintf+0x10/0x10
[  311.575160][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  311.579969][   T30]  bdev_disk_changed+0x72c/0x13f0
[  311.585074][   T30]  ? __pfx___might_resched+0x10/0x10
[  311.590467][   T30]  ? __pfx_bdev_disk_changed+0x10/0x10
[  311.595962][   T30]  ? wait_on_inode+0xc1/0x230
[  311.600718][   T30]  ? __pfx_wait_on_inode+0x10/0x10
[  311.606683][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  311.611988][   T30]  blkdev_get_whole+0x2d2/0x450
[  311.616873][   T30]  bdev_open+0x2d4/0xc50
[  311.621230][   T30]  blkdev_open+0x389/0x4f0
[  311.625697][   T30]  ? __pfx_blkdev_open+0x10/0x10
[  311.630734][   T30]  do_dentry_open+0xbe1/0x1b70
[  311.635557][   T30]  vfs_open+0x3e/0x330
[  311.639667][   T30]  path_openat+0x2c84/0x3590
[  311.644461][   T30]  ? __pfx_path_openat+0x10/0x10
[  311.649465][   T30]  do_filp_open+0x27f/0x4e0
[  311.654076][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  311.659129][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  311.664266][   T30]  do_sys_openat2+0x13e/0x1d0
[  311.668974][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  311.674302][   T30]  __x64_sys_openat+0x247/0x2a0
[  311.679183][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  311.684661][   T30]  ? do_syscall_64+0x100/0x230
[  311.689455][   T30]  ? do_syscall_64+0xb6/0x230
[  311.694288][   T30]  do_syscall_64+0xf3/0x230
[  311.698822][   T30]  ? clear_bhb_loop+0x35/0x90
[  311.703625][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.710213][   T30] RIP: 0033:0x7ffb35f569a4
[  311.714672][   T30] RSP: 002b:00007ffe60512cf0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  311.723753][   T30] RAX: ffffffffffffffda RBX: 000056027c6cee80 RCX: 00007ffb35f569a4
[  311.731826][   T30] RDX: 00000000000a0800 RSI: 000056027c6af2b0 RDI: 00000000ffffff9c
[  311.739831][   T30] RBP: 000056027c6af2b0 R08: 0000000000000001 R09: 7fffffffffffffff
[  311.747878][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  311.755951][   T30] R13: 000056027c6b78a0 R14: 0000000000000001 R15: 000056027c6ae910
[  311.764019][   T30]  </TASK>
[  311.767133][   T30] 
[  311.767133][   T30] Showing all locks held in the system:
[  311.775110][   T30] 1 lock held by khungtaskd/30:
[  311.779979][   T30]  #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  311.790213][   T30] 10 locks held by kworker/u8:2/35:
[  311.795472][   T30] 2 locks held by kworker/u8:7/3500:
[  311.800943][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  311.812841][   T30]  #1: ffffc9000ce37d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  311.825178][   T30] 2 locks held by getty/5575:
[  311.829882][   T30]  #0: ffff88803187e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  311.842235][   T30]  #1: ffffc9000330b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  311.852688][   T30] 3 locks held by udevd/5817:
[  311.857381][   T30]  #0: ffff88802548e4c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xf0/0xc50
[  311.866848][   T30]  #1: ffff88802525f490 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x32b/0x500
[  311.876588][   T30]  #2: ffff88802555e178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xfe/0x2ef0
[  311.885789][   T30] 5 locks held by kworker/1:8/5947:
[  311.891170][   T30]  #0: ffff88801e2cc548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  311.902688][   T30]  #1: ffffc9000451fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  311.915063][   T30]  #2: ffff888028777190 (&dev->mutex){....}-{4:4}, at: hub_event+0x1fe/0x5150
[  311.924489][   T30]  #3: ffff888145332510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x25b9/0x5150
[  311.934603][   T30]  #4: ffff888028532868 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x25f7/0x5150
[  311.944466][   T30] 5 locks held by kworker/u8:8/6013:
[  311.949819][   T30]  #0: ffff8880b873e758 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  311.959899][   T30]  #1: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x244/0x590
[  311.969437][   T30]  #2: ffff8880b872a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240
[  311.978905][   T30]  #3: ffffffff9a5e7308 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x17f/0x580
[  311.989367][   T30]  #4: ffffffff8e7e7e28 (text_mutex){+.+.}-{4:4}, at: arch_jump_label_transform_apply+0x17/0x30
[  311.999944][   T30] 6 locks held by syz-executor/9091:
[  312.005320][   T30]  #0: ffff88803318c420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x225/0xd30
[  312.014859][   T30]  #1: ffff888027188088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1ea/0x500
[  312.025180][   T30]  #2: ffff888144f0b3c8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  312.035338][   T30]  #3: ffffffff8f54c748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfc/0x480
[  312.045729][   T30]  #4: ffff88805c8570e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xce/0x7c0
[  312.056395][   T30]  #5: ffff888020f40250 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
[  312.066580][   T30] 5 locks held by syz.4.1050/9283:
[  312.071764][   T30] 1 lock held by syz.1.1052/9289:
[  312.076809][   T30]  #0: ffffffff8e93cff8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830
[  312.087867][   T30] 
[  312.090354][   T30] =============================================
[  312.090354][   T30] 
[  312.098811][   T30] NMI backtrace for cpu 0
[  312.103158][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  312.113684][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  312.123769][   T30] Call Trace:
[  312.127063][   T30]  <TASK>
[  312.130004][   T30]  dump_stack_lvl+0x241/0x360
[  312.134733][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.139961][   T30]  ? __pfx__printk+0x10/0x10
[  312.144590][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  312.149560][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  312.155045][   T30]  ? _printk+0xd5/0x120
[  312.159225][   T30]  ? __pfx__printk+0x10/0x10
[  312.163850][   T30]  ? __wake_up_klogd+0xcc/0x110
[  312.168723][   T30]  ? __pfx__printk+0x10/0x10
[  312.173332][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  312.178376][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  312.184384][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  312.190394][   T30]  watchdog+0xff6/0x1040
[  312.194671][   T30]  ? watchdog+0x1ea/0x1040
[  312.199107][   T30]  ? __pfx_watchdog+0x10/0x10
[  312.203801][   T30]  kthread+0x2f0/0x390
[  312.207888][   T30]  ? __pfx_watchdog+0x10/0x10
[  312.212581][   T30]  ? __pfx_kthread+0x10/0x10
[  312.217192][   T30]  ret_from_fork+0x4b/0x80
[  312.221628][   T30]  ? __pfx_kthread+0x10/0x10
[  312.226244][   T30]  ret_from_fork_asm+0x1a/0x30
[  312.231037][   T30]  </TASK>
[  312.234611][   T30] Sending NMI from CPU 0 to CPUs 1:
[  312.239860][    C1] NMI backtrace for cpu 1
[  312.239874][    C1] CPU: 1 UID: 0 PID: 9287 Comm: syz.0.1051 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  312.239893][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  312.239903][    C1] RIP: 0010:lockdep_hardirqs_off+0x4c/0x110
[  312.239935][    C1] Code: 8e 00 00 00 49 89 fe 65 8b 05 b8 a7 42 74 a9 00 00 f0 00 74 66 83 3d e2 5c 76 0e 00 75 15 48 c7 04 24 00 00 00 00 9c 8f 04 24 <f7> 04 24 00 02 00 00 75 7b 65 8b 05 3c 5a 41 74 85 c0 74 54 65 48
[  312.239949][    C1] RSP: 0018:ffffc900033873a8 EFLAGS: 00000046
[  312.239964][    C1] RAX: 0000000000000000 RBX: ffffffff81852d78 RCX: b42ff04013468c00
[  312.239976][    C1] RDX: ffff88823b479250 RSI: ffffffff8c0a9900 RDI: ffffffff8c5edf20
[  312.239988][    C1] RBP: ffffc90003387500 R08: ffffc90003387180 R09: 0000000000000018
[  312.240000][    C1] R10: dffffc0000000000 R11: fffffbfff2030b4f R12: ffffffff846fb8e0
[  312.240013][    C1] R13: 1ffff92000670e88 R14: ffffffff81852d78 R15: ffff88807ff90840
[  312.240025][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  312.240039][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  312.240050][    C1] CR2: 000000002002f000 CR3: 000000000e736000 CR4: 00000000003526f0
[  312.240065][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  312.240074][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  312.240083][    C1] Call Trace:
[  312.240089][    C1]  <NMI>
[  312.240095][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  312.240115][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  312.240133][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  312.240152][    C1]  ? nmi_handle+0x2a/0x5a0
[  312.240177][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  312.240198][    C1]  ? nmi_handle+0x14f/0x5a0
[  312.240214][    C1]  ? nmi_handle+0x2a/0x5a0
[  312.240231][    C1]  ? lockdep_hardirqs_off+0x4c/0x110
[  312.240261][    C1]  ? default_do_nmi+0x63/0x160
[  312.240281][    C1]  ? exc_nmi+0x123/0x1f0
[  312.240300][    C1]  ? end_repeat_nmi+0xf/0x53
[  312.240317][    C1]  ? call_rcu+0x1c8/0xa70
[  312.240338][    C1]  ? __pfx_inode_free_by_rcu+0x10/0x10
[  312.240361][    C1]  ? call_rcu+0x1c8/0xa70
[  312.240385][    C1]  ? lockdep_hardirqs_off+0x4c/0x110
[  312.240408][    C1]  ? lockdep_hardirqs_off+0x4c/0x110
[  312.240433][    C1]  ? lockdep_hardirqs_off+0x4c/0x110
[  312.240456][    C1]  </NMI>
[  312.240462][    C1]  <TASK>
[  312.240469][    C1]  ? call_rcu+0x1c8/0xa70
[  312.240489][    C1]  trace_hardirqs_off+0x12/0x40
[  312.240505][    C1]  call_rcu+0x1c8/0xa70
[  312.240527][    C1]  ? bpf_inode_storage_free+0x72/0x300
[  312.240547][    C1]  ? __pfx_lock_release+0x10/0x10
[  312.240566][    C1]  ? __pfx_call_rcu+0x10/0x10
[  312.240588][    C1]  ? bpf_inode_storage_free+0x72/0x300
[  312.240608][    C1]  __destroy_inode+0x2d9/0x670
[  312.240634][    C1]  evict+0x785/0x9a0
[  312.240656][    C1]  ? __pfx_evict+0x10/0x10
[  312.240676][    C1]  ? _raw_spin_unlock+0x28/0x50
[  312.240695][    C1]  ? iput+0x713/0xa50
[  312.240712][    C1]  __dentry_kill+0x20d/0x630
[  312.240729][    C1]  ? shrink_kill+0x8d/0x2c0
[  312.240744][    C1]  shrink_kill+0xa9/0x2c0
[  312.240759][    C1]  shrink_dentry_list+0x2c0/0x5b0
[  312.240778][    C1]  shrink_dcache_parent+0xcb/0x3b0
[  312.240798][    C1]  ? __pfx_shrink_dcache_parent+0x10/0x10
[  312.240822][    C1]  do_one_tree+0x23/0xe0
[  312.240839][    C1]  shrink_dcache_for_umount+0xb4/0x180
[  312.240858][    C1]  generic_shutdown_super+0x6a/0x2d0
[  312.240877][    C1]  kill_anon_super+0x3b/0x70
[  312.240895][    C1]  proc_kill_sb+0x8d/0xd0
[  312.240911][    C1]  deactivate_locked_super+0xc4/0x130
[  312.240929][    C1]  cleanup_mnt+0x41f/0x4b0
[  312.240946][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  312.240968][    C1]  task_work_run+0x24f/0x310
[  312.240990][    C1]  ? __pfx_task_work_run+0x10/0x10
[  312.241007][    C1]  ? do_exit+0xa25/0x28e0
[  312.241025][    C1]  ? do_exit+0xa25/0x28e0
[  312.241042][    C1]  do_exit+0xa2a/0x28e0
[  312.241062][    C1]  ? __pfx_do_exit+0x10/0x10
[  312.241078][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  312.241109][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.241126][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.241142][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  312.241164][    C1]  do_group_exit+0x207/0x2c0
[  312.241179][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.241198][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  312.241220][    C1]  get_signal+0x16b2/0x1750
[  312.241253][    C1]  ? __pfx_get_signal+0x10/0x10
[  312.241276][    C1]  arch_do_signal_or_restart+0x96/0x860
[  312.241299][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  312.241320][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.241342][    C1]  ? syscall_exit_to_user_mode+0xa3/0x340
[  312.241366][    C1]  syscall_exit_to_user_mode+0xce/0x340
[  312.241389][    C1]  do_syscall_64+0x100/0x230
[  312.241403][    C1]  ? clear_bhb_loop+0x35/0x90
[  312.241420][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.241442][    C1] RIP: 0033:0x7f935a385d29
[  312.241456][    C1] Code: Unable to access opcode bytes at 0x7f935a385cff.
[  312.241464][    C1] RSP: 002b:00007f935b20f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  312.241480][    C1] RAX: 0000000000018ff8 RBX: 00007f935a575fa0 RCX: 00007f935a385d29
[  312.241491][    C1] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000005
[  312.241502][    C1] RBP: 00007f935a401b08 R08: 0000000000000000 R09: 0000000000000000
[  312.241513][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  312.241522][    C1] R13: 0000000000000000 R14: 00007f935a575fa0 R15: 00007fffd218af38
[  312.241541][    C1]  </TASK>
[  312.241872][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  312.241886][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  312.241909][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  312.241920][   T30] Call Trace:
[  312.241927][   T30]  <TASK>
[  312.241936][   T30]  dump_stack_lvl+0x241/0x360
[  312.241963][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.241985][   T30]  ? __pfx__printk+0x10/0x10
[  312.242003][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.242029][   T30]  ? vscnprintf+0x5d/0x90
[  312.242052][   T30]  panic+0x349/0x880
[  312.242074][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  312.242097][   T30]  ? __pfx_panic+0x10/0x10
[  312.242115][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  312.242139][   T30]  ? __irq_work_queue_local+0x137/0x410
[  312.242159][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  312.242179][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  312.242199][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  312.242223][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  312.242247][   T30]  watchdog+0x1035/0x1040
[  312.242266][   T30]  ? watchdog+0x1ea/0x1040
[  312.242290][   T30]  ? __pfx_watchdog+0x10/0x10
[  312.242309][   T30]  kthread+0x2f0/0x390
[  312.242327][   T30]  ? __pfx_watchdog+0x10/0x10
[  312.242345][   T30]  ? __pfx_kthread+0x10/0x10
[  312.242365][   T30]  ret_from_fork+0x4b/0x80
[  312.242382][   T30]  ? __pfx_kthread+0x10/0x10
[  312.242402][   T30]  ret_from_fork_asm+0x1a/0x30
[  312.242436][   T30]  </TASK>
[  312.927061][   T30] Kernel Offset: disabled
[  312.931383][   T30] Rebooting in 86400 seconds..