last executing test programs:

2m38.415728691s ago: executing program 1 (id=403):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400894fb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_lsm={0xc, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x66}}, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000100)=@newsa={0x184, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in=@dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 0x0, 0xce3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast2, 0x0, 0x33}, @in=@loopback, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0xfffffffffffffffa}, {0x0, 0x2, 0x10000000}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4b}, [@algo_auth={0x48, 0x1, {{'sm3-generic\x00'}}}, @algo_aead={0x4c, 0x12, {{'ccm-aes-ce\x00'}, 0x0, 0xc0}}]}, 0x184}}, 0x0)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r3, 0x3309, 0x0)

2m35.702757887s ago: executing program 1 (id=414):
r0 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
shmat(r0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
rename(&(0x7f0000000e00)='./bus\x00', &(0x7f0000001080)='./file0\x00')
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
listen(r1, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000300)={0x1, 0xfd85, {<r2=>0x0}, {}, 0x4, 0xfffffffffffffffd})
prlimit64(r2, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$caif_stream(0x25, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)=r5}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r5}, 0x57)
shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
shmdt(0x0)

2m33.961931102s ago: executing program 1 (id=420):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000400)={{0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000006c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x80402e, &(0x7f00000003c0)={0x0, 0x80000, 0x200, 0x0, 0x2}, &(0x7f0000000640), &(0x7f0000000100)=<r5=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(0x0, r5, &(0x7f0000000600)=@IORING_OP_SENDMSG={0x9, 0xc, 0x0, r6, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000300)="b62ce4b376a0aa6be1543e589204a8c0cb557a8f21f72714b87dd95dde5a680bf56675d4246bc58e28f4abddc7a8", 0x2e}, {&(0x7f0000000440)="46d02672f6b295ec5e810c848393ed21c42576935345e4b23d46f461a41ec47c55faf800215d72cb874b2ebc4431dd00ddd7f55bb28f443c522e16f5236a6edfd589f05032fd60859d9114edae49d8555a26e3ac10a4a6d2917fa8f832353986539be4aea2fcaadc4b4805f4c525f116c4", 0x71}, {&(0x7f00000004c0)="78b986573e3cd4ad2693e2da6a668fb1c5c994ec46d54e1508b028fde2146c945c086ae689eda044dae699d1153964d2ab808c2563a2f4dec6f7e45dff236102bc9054302023b67e2839786874450a5546d4555e0e053350aaf66ed256a7e142a008cf7e1dd14a6d7670d92cbc0543a4ac0e91120a5ab8ddefbacbc1d2f87ce3f9b38f2a1b866c55b21f47d748db73e3ceb5e8e8993ec2c6e0eb5622367e417cfd62e18e05a6ee697ffc33aaef156ef55d3761649f6dd09291ac3967557484316951d0", 0xc3}], 0x3}, 0x0, 0x0, 0x1})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
wait4(0x0, 0x0, 0x80000000, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r7, 0x0, 0x700)
io_uring_enter(r4, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000240)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x3}, &(0x7f00000001c0)=0x9c)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000), 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r9, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

2m32.114582272s ago: executing program 1 (id=422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="e715000000000000000800008e92ffae00000080", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400"/28], 0xfffffffffffffea2)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%+9llu \x00'}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200980000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000006c0003806800008008000340000000025c000b80100001800c000100636f756e746572"], 0x12c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
ioctl$KVM_NMI(r7, 0xae9a)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f0000000000)={0x0, 0x8000})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="e4fd4be2", @ANYRES16=r9, @ANYBLOB="310300000000000000000900000006000300", @ANYRES32=0x0, @ANYBLOB='\x00\x00/\x00\x00\x00\x00\x00'], 0x28}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r10}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r11}, 0x2d)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r12 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r12, @ANYBLOB=',rootmode=00000000000000000010000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="dd0ea659db82a497b345071c9e9f50c4d87aed74c284cf76378aba7ff62c2afb55fb88701ff0e6e64bbf972954f3ad3f97a22c452360da7b6c000000809b24edf84524e19ea233adb915b126d904620d329bb132ec5fe5ccfc44bd146f28128e15e4e788e230e6f744aa9ba0baf81c3e8fad3d4e2fc9d5bee6980149f707995ce47a08d18f3c"])
read$FUSE(r12, &(0x7f0000002300)={0x2020}, 0x2020)

2m30.362788573s ago: executing program 1 (id=428):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000400)={{0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000006c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x80402e, &(0x7f00000003c0)={0x0, 0x80000, 0x200, 0x0, 0x2}, &(0x7f0000000640), &(0x7f0000000100)=<r5=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(0x0, r5, &(0x7f0000000600)=@IORING_OP_SENDMSG={0x9, 0xc, 0x0, r6, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000300)="b62ce4b376a0aa6be1543e589204a8c0cb557a8f21f72714b87dd95dde5a680bf56675d4246bc58e28f4abddc7a8", 0x2e}, {&(0x7f0000000440)="46d02672f6b295ec5e810c848393ed21c42576935345e4b23d46f461a41ec47c55faf800215d72cb874b2ebc4431dd00ddd7f55bb28f443c522e16f5236a6edfd589f05032fd60859d9114edae49d8555a26e3ac10a4a6d2917fa8f832353986539be4aea2fcaadc4b4805f4c525f116c4", 0x71}, {&(0x7f00000004c0)="78b986573e3cd4ad2693e2da6a668fb1c5c994ec46d54e1508b028fde2146c945c086ae689eda044dae699d1153964d2ab808c2563a2f4dec6f7e45dff236102bc9054302023b67e2839786874450a5546d4555e0e053350aaf66ed256a7e142a008cf7e1dd14a6d7670d92cbc0543a4ac0e91120a5ab8ddefbacbc1d2f87ce3f9b38f2a1b866c55b21f47d748db73e3ceb5e8e8993ec2c6e0eb5622367e417cfd62e18e05a6ee697ffc33aaef156ef55d3761649f6dd09291ac3967557484316951d0", 0xc3}], 0x3}, 0x0, 0x0, 0x1})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
gettid()
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r7, 0x0, 0x700)
io_uring_enter(r4, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000240)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x3}, &(0x7f00000001c0)=0x9c)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000), 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r9, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

2m28.451431284s ago: executing program 1 (id=431):
r0 = socket$inet6(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r1, 0xc0405668, &(0x7f0000000040)={0x7, 0x100, 0x0, {0x8000001, 0x0, 0xb, 0x4000}})
accept(r0, 0x0, 0x0)
shutdown(r0, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000040)={@ipv4={""/10, ""/2, @private}, <r2=>0x0}, &(0x7f0000000080)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'ip6gre0\x00', r2, 0x2f, 0x2, 0xb7, 0x2, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x8, 0x4, 0x7ff}})
mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f00000011c0)=""/109)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
r4 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15m.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8\t\x00\x00\x00\x00\x00\x00\x00\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\t\x00\x00\x00\x00\x00\x00\x00h\xe2!\x00\xb9z)\x19\xe3\xed\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,P\xfe\xe4\xfaN\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x9c\xb5K\x960?\x06]\x1eQ\x10\xe8\xed\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xab', 0x0)
ioctl$int_in(r3, 0x40000000af01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
memfd_create(&(0x7f0000000180)='+!/%:^\\\x00', 0x9)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)

2m12.799147571s ago: executing program 32 (id=431):
r0 = socket$inet6(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r1, 0xc0405668, &(0x7f0000000040)={0x7, 0x100, 0x0, {0x8000001, 0x0, 0xb, 0x4000}})
accept(r0, 0x0, 0x0)
shutdown(r0, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000040)={@ipv4={""/10, ""/2, @private}, <r2=>0x0}, &(0x7f0000000080)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'ip6gre0\x00', r2, 0x2f, 0x2, 0xb7, 0x2, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x8, 0x4, 0x7ff}})
mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f00000011c0)=""/109)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
r4 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15m.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8\t\x00\x00\x00\x00\x00\x00\x00\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\t\x00\x00\x00\x00\x00\x00\x00h\xe2!\x00\xb9z)\x19\xe3\xed\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,P\xfe\xe4\xfaN\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x9c\xb5K\x960?\x06]\x1eQ\x10\xe8\xed\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xab', 0x0)
ioctl$int_in(r3, 0x40000000af01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
memfd_create(&(0x7f0000000180)='+!/%:^\\\x00', 0x9)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)

15.238246843s ago: executing program 5 (id=945):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x28, r9, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r3, 0x1, 0x2000000, 0x0, {0x4}}, 0x14}, 0x1, 0xfcffffff00000000}, 0x0)

13.927059245s ago: executing program 5 (id=949):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x46bda60, @loopback, 0x4}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000002c0)="8047558f8a7f7e474851d271c4bd85d9bb4d499694ba3c9c2bab5f1556cf18beef687a7f1accdcf3f26b94d13a7966c9be210f74f212cd67d96d093abff49890428118a98a39861b7cfbb8a7cf3f8eedc66fcc7d4da16f9b02c41da6acfea98b854c94c35b4028a422b135cb5d2bbdcafb2146d8b8bf616edd1bd8f862d9d29c7579475c80bf9f67d2434f7dfa847656ffaf4d8c3730ceb346d679646aebe9aa79bf137f59c4f2e552d728349ac125d47f3c9d9f3f62a06c40bc38b6dd26a8c64233a2d2fc9425256604", 0xca}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000540)="434275a617c7c03e2fe8e61f54986624e03bccf1a1697fe226aa382ebbdd27527b2102da5c92529573d622850fe05aa266a8be0e0c594db7", 0x38}, {&(0x7f0000000580)="a5e0b298dce6375cda894f25333cfb6ca40bb491f27af306", 0x18}, {&(0x7f00000005c0)="64abbb6b8f8f9a7dd16b3fed845fbe0589e638e2b868da740de998b5e32d", 0x1e}, {&(0x7f0000000600)="606b379c169acc2749232117ed0945e56593937320c7eb27ebdcaac0884f1c689f3ec662a7e1b2977b460406fce1b022179758518a36ca06ff34df0078bb45b1f238c8d5bba429c240ce86b3d0fe44b1d9d4032e2427f40d40bf7d53e5b8aa99d666a9efbe84be25e5a1efab49117fcd94e8900f00cb4c1ebd447a98c694bb661d32", 0x82}, {&(0x7f00000006c0)="b9bef5f41326bed338705325c1c7dbdc630a99f22a1ac230a630a0b97f19dff3327ec8c870dc1355c5d8021b5a7a6aa90fb2fbca0167ccab49cef38bdb48760b589f73a4c60e2fac1b76bf1ada353932ef3e1b219b3b0ae0582a69c289c1033ed1a54e2d9c7eaee0a9704c0d590359776662591535c035daef4885", 0x7b}, {&(0x7f0000000740)="338bda9e3193c253032dc3f421bffd97e3fc2cf19c40071289916c2312c15886ff08f101658db59bcbcffc422f350717346be1a0a6300b89861fa66ce9a93313530931050a95ecfa4fc2f609e6218d3a8cf26251276ccc53d348935985da7ef7b45cef8420cb0bbb9f9abe716afa4543c5c8b6e697f8811668f2a5923f6dfbbad3", 0x81}, {&(0x7f0000000800)="d195144329e553ccec34d07887c2e024a9df9e8ce6d1529135450a139e0411fdcbbec6aa5660d0e6924125bfd618a90fa5708eb310b527c16c2841c07fc2223748cd58f25c0a234388a77fbf4219bcd4cfaae8e0b7a4280479ff5e1caae049b6fe595183222934f0908ea3c48ef5df3b25305346b6dc9c86979f887a0634d4f9b5ee880ce3bae9cfa2276dd640429834ece9db245f948cc552cc0d163dc3aec4ce827863ec12e091574ebdc42b0bbd83f4df81bbbee5ee61edeaa197a7cfe8b30ce61d8fe8", 0xc5}, {&(0x7f0000000900)="52228beb7c2e7d3fefa24ad027af29796a51582a5027bf8a9a4a8de341dd8d79bf196ef1187b471670fc76cc44efb7", 0x2f}, {&(0x7f0000000940)="c1a7eba67a4e62defd88134aa2c7aad6c54c450a2a85c505750abce52a04be24fda6342ceca3657765525de416046b0a483137c6f91e3e8b3c1a900f0a6abcf9eb157d5bd6cff5465f39fc2135f45554b851c14a0f41f48c47f0b8f1c58960ba58c83afcd8b2c9e2d1a7b4f0157b293ac63af90debe2a8297314b4c85ad5aa10a882b8c174a804960d669b7cb59ea2f21af32415e6cfc4b65555b72c89dd5a7e70e3e199e10bd9b2", 0xa8}], 0x9}}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000b40)="5d2f9c68553b6e46eefb0e0e3242c841a6536ad78daa3680a3bf7757ccafd2b2f64dfdeba44a3867e93b267d185bcaa25d1674ad00a03b179f6dfa097dada42598419b4031e65c17c0f612cd47217e6d6783a7b9b68b71ddea18557610341ab200c4ccb2ef11254b5f8999977d140f31cb399af13e9cdeea01fd8d274b19ea4a47dbb44e807465013cb0dd33426ec7765c", 0x91}, {&(0x7f0000002a80)="b37461510f8cb03f0fe0d609d071d60cbdb2be3133df8b1a208191686fb77907824bc1344e653f0a0bb6a16fd3ca7484aeec16cfcf7e9a62d0191892491d1cc23d21c7e3b299b5474c2e9c1ca9b25fdb701285d93db2fd9e6db1b6c193afaff97f834c3f49ab2791e2002337ece0ac7835cdd9f8a59fb6e238d63c03d8140c38eeeddaf7c1f42fe208e730514d890e53a630d1a456e3020f8bb998aed655e18ab1f616467d26fed441e6dd42064a29553f58eff8dbca79b88c728d25e157268aa21fd0feae68c5fb8053079bfd50c8cbe809adfcc96647d3b6ffd764822773f62c59627e76b0b05821185f9d140d16286bfdb54cdb1978d53ebb1660168bcb6b74901d26a927575882a44cc4ff7012ce6a5e4b269d5497dbc4d5e64b138c5701107cd7bbd7680c78bd86f9f7bacd9c900bed550a65862b38294942dd8963d97eef6be601e44cda7131c56078cc463f52b79375803573e4c48841bbe40d62a42564d1ccdda277afd55137948769479fc575a8be127a42b812748b29974ba0a8064ddfdd817a5d602a8a3c6c4a6a7490c1d790dff5eae60a15b1cc9e86a605b6973001ae4187387de41a656b90b9a7d0ecd69223188dc653009e27509bc44a8e65a09339ffb9dec72ac43d04eb557dbf7cc51066bff9bd77f73d4895aeef672756751f8951bc40be148389b2ceb17f13184064c04cb99d2dc9b4ecbabcb389ba17c9a61554b9d623f682e2e1aea2b2ccfd51d1a8de1cbbf49e790012b448a629c859db3b353ff3cba810de87e610e03f461236c836457100898cccb7c43155bedb2ce9d75707f2ad7651139489b93db159f3546d22b1c2801cdff83cbc40f8e8f2c619e5850de5b3f3a55e4a8c56e36e62d8230200bd2e91d056e29f033fe24e211036dd0c78b94cc4c915fafd61bf2557f363afad0015bf3044a3cfb6678736cee39e74928f9f2d57444ee9473806e027a9b5daebf485d7ea95d127ff4069a04f7022d16dc3b5573500c15f3c7b70c2c432798bde9e70c1ff000141dcff62b6ad69a00828b4299f7fde6e9ae238fdbacd8647c3e035be4f4acd1b3888249309c40f56aa3e73b8716fb0922ec106dcdefa70b89ff11f328eb0690f08c205c93d6e1c22d05647e2b774f1819c0f04107112d207d8049c86c782a8e843090e84d66ba075b43ee6f6c921a1ec69ccd1487e29d9e135b37080c7ec326874ab1584a926ea117a1649091b02c12cbc3b2d52c75251124083daa4c177c98baa5e18aee57fdeafdeda69c9a64f564fda59d0dc725a0f65414293a3f2750e0cf283613b3e14c2d96494f9da86f0f6a41b9cfca6daee62581fa9067364b5980033f6a9dd2c44f876937d63a45a282129599047df2e16f72e354caf7cc8ccc02a58aadd24760fa410fa063cff9b4c3b6d4bab5090248d3e4896f20ebe3f514c7df440e8ef95ebcf34894a18b2a36aaf39acf12ff47fe056336e3804c6b91096002df20b95427e8ea9b859cfe65d53ed6dfa5e40c445027f83e1ca14bed9f5bd86308b762c66e7315c5894455a9b4a0b5ab6f589219c16d061c16edb13bf7e0d5ca81d558c5f47d0ee36ef8a94774acf1316175de182faf893ef97d23ea79503d3e004e1561b212e8c477f76a54cd1565071ba3e58f4f8b6a6e5244c6953331b0d140baf8fb79f43e7bc4935411a4489a295acc11294326830fb16577af765e933615b94e599a00747de2c8fb9670914e38c89da183f0467fb7751abf574b10bc12d997396013f4dd53bad06fc4091e1ba27ba6a027b6a7353bdfa1cfc30dff00a23b233875f072cb2da25923b1584a035c42d47c8163fa1aa207ecff09d383cd738ec5ad043f00328a032ed5cfbbad2f53ca963ce5975f7198857ca91e65d542e49fac0f672afa387ab95f3b43eb8635769688931faec2ff43c8d5394a5686643e2da8993e5ab6d7b9f35264d826f103c1daffa3386d00070df55221944e05ad8d61ce19b509f1dc8ea36798ab399169fe3e5155368ed280691e4063e27f4b9995a803e14c4956d6ae4cc1a158af41f85d9e6532db99181789b2dc9fc2d4cacfe4dab316a397f43e3464520727db992a66f8eae5c38eab347cab8d150303095be42a537c0971db446d6e01a5144ca00e51afd75e6f011a58e17ce51f8724f9dd43e88f5a8173e43d8e8b7d5a3ed26840ba620590d75c1604b5ce098f6f0ae84d32c6e0a730d0eb6352784222a18bf62956780cc89e63b1e387450afb528bce42ba019cedadefe85f220c45665dd21ca9fda998be584b0f73979b95432068a35589851571e", 0x65e}], 0x2}}], 0x3, 0xc880)
recvfrom(r0, &(0x7f0000001a80)=""/4096, 0x1000, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x0, 0x0, 0x0)

13.459058904s ago: executing program 5 (id=954):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x2284, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0x1001}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000001240)=""/4091, &(0x7f0000001200)=0xffb)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a010800000000000000000000000020000000000a010200000000000000000aee068233c9fd79e1797a300000000030000000160a0102000000000000000002000000040003800900020073797a30000000000900010073797a30"], 0x8c}}, 0x0)

12.478696426s ago: executing program 5 (id=958):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtaction={0x74, 0x30, 0x709, 0x0, 0x0, {}, [{0x60, 0x1, [@m_vlan={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x2}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
clock_getres(0x5d2d578ddb601e47, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000340), r2)
writev(r1, &(0x7f0000000740)=[{&(0x7f0000000180)="580000001500192340834b80040d8c560a11820fffff5bab4e21000fff0058006f543bc2945f640094f96a0325010ebc000000000014008000f0fffeffe809004000fff5dd000000040002000400080004000000224e0000", 0x58}], 0x1)
r3 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r3, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f00000002c0)={'macvtap0\x00', {0x2, 0x0, @multicast1}})
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000000)='./file0\x00', 0x406)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000008b837209f99943a1000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x98, &(0x7f00000000c0)=""/152, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = mq_open(&(0x7f00000001c0)='eth0\xd2', 0x42, 0x0, 0x0)
r6 = dup2(r5, r5)
mq_notify(r6, 0x0)
bind$unix(r3, &(0x7f0000000140)=@file={0x1, './file1\x00'}, 0x6e)

12.438392096s ago: executing program 5 (id=960):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000000)={0x0, 0x3, 0x5c})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_usb_connect(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x4, 0x4f, 0x43, 0x40, 0x408, 0x4030, 0xfaf1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe, 0x1, 0x0, 0x0, [@cdc_ncm={{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x11bb}, {0x6}, [@mbim={0xc}]}]}}]}}]}}, 0x0)

10.108451784s ago: executing program 5 (id=972):
socket$kcm(0x10, 0x3, 0x10)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000440)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000600)=[{{&(0x7f0000000140)=@nfc_llcp, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/180, 0xb4}, {&(0x7f0000000280)=""/122, 0x7a}, {&(0x7f0000000800)=""/172, 0xac}, {&(0x7f00000004c0)=""/142, 0x8e}, {&(0x7f0000000640)=""/70, 0x46}, {&(0x7f00000006c0)=""/179, 0xb3}], 0x6, &(0x7f0000000580)=""/70, 0x46}}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pipe2(&(0x7f0000000680)={<r1=>0xffffffffffffffff}, 0x80880)
r2 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='auto_da_alloc', 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r3, &(0x7f0000000180)={0x16, 0x98, 0xfa00, {0x0, 0x4, 0xffffffffffffffff, 0x1c, 0x1, @ib={0x1b, 0x6, 0x1000, {"2afa614e4a92df979130b87e698ccd83"}, 0x1326, 0x7, 0x4}}}, 0xa0)
connect$vsock_stream(r1, &(0x7f00000006c0)={0x28, 0x0, 0xffffffff, @local}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00'})
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000000240)=0x800, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, 0x0, 0x4000)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x97, @void, @value}, 0x94)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000100)={0x1d, r7}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r10, {0xf, 0xc}, {0x6}, {0x0, 0xf}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
setsockopt$sock_int(r6, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)

9.322555961s ago: executing program 3 (id=973):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x281)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000140))

8.254135198s ago: executing program 3 (id=976):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x46bda60, @loopback, 0x4}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000002c0)="8047558f8a7f7e474851d271c4bd85d9bb4d499694ba3c9c2bab5f1556cf18beef687a7f1accdcf3f26b94d13a7966c9be210f74f212cd67d96d093abff49890428118a98a39861b7cfbb8a7cf3f8eedc66fcc7d4da16f9b02c41da6acfea98b854c94c35b4028a422b135cb5d2bbdcafb2146d8b8bf616edd1bd8f862d9d29c7579475c80bf9f67d2434f7dfa847656ffaf4d8c3730ceb346d679646aebe9aa79bf137f59c4f2e552d728349ac125d47f3c9d9f3f62a06c40bc38b6dd26a8c64233a2d2fc9425256604", 0xca}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000540)="434275a617c7c03e2fe8e61f54986624e03bccf1a1697fe226aa382ebbdd27527b2102da5c92529573d622850fe05aa266a8be0e0c594db7", 0x38}, {&(0x7f0000000580)="a5e0b298dce6375cda894f25333cfb6ca40bb491f27af306", 0x18}, {&(0x7f00000005c0)="64abbb6b8f8f9a7dd16b3fed845fbe0589e638e2b868da740de998b5e32d", 0x1e}, {&(0x7f0000000600)="606b379c169acc2749232117ed0945e56593937320c7eb27ebdcaac0884f1c689f3ec662a7e1b2977b460406fce1b022179758518a36ca06ff34df0078bb45b1f238c8d5bba429c240ce86b3d0fe44b1d9d4032e2427f40d40bf7d53e5b8aa99d666a9efbe84be25e5a1efab49117fcd94e8900f00cb4c1ebd447a98c694bb661d32", 0x82}, {&(0x7f00000006c0)="b9bef5f41326bed338705325c1c7dbdc630a99f22a1ac230a630a0b97f19dff3327ec8c870dc1355c5d8021b5a7a6aa90fb2fbca0167ccab49cef38bdb48760b589f73a4c60e2fac1b76bf1ada353932ef3e1b219b3b0ae0582a69c289c1033ed1a54e2d9c7eaee0a9704c0d590359776662591535c035daef4885", 0x7b}, {&(0x7f0000000740)="338bda9e3193c253032dc3f421bffd97e3fc2cf19c40071289916c2312c15886ff08f101658db59bcbcffc422f350717346be1a0a6300b89861fa66ce9a93313530931050a95ecfa4fc2f609e6218d3a8cf26251276ccc53d348935985da7ef7b45cef8420cb0bbb9f9abe716afa4543c5c8b6e697f8811668f2a5923f6dfbbad3", 0x81}, {&(0x7f0000000800)="d195144329e553ccec34d07887c2e024a9df9e8ce6d1529135450a139e0411fdcbbec6aa5660d0e6924125bfd618a90fa5708eb310b527c16c2841c07fc2223748cd58f25c0a234388a77fbf4219bcd4cfaae8e0b7a4280479ff5e1caae049b6fe595183222934f0908ea3c48ef5df3b25305346b6dc9c86979f887a0634d4f9b5ee880ce3bae9cfa2276dd640429834ece9db245f948cc552cc0d163dc3aec4ce827863ec12e091574ebdc42b0bbd83f4df81bbbee5ee61edeaa197a7cfe8b30ce61d8fe8", 0xc5}, {&(0x7f0000000900)="52228beb7c2e7d3fefa24ad027af29796a51582a5027bf8a9a4a8de341dd8d79bf196ef1187b471670fc76cc44efb7", 0x2f}, {&(0x7f0000000940)="c1a7eba67a4e62defd88134aa2c7aad6c54c450a2a85c505750abce52a04be24fda6342ceca3657765525de416046b0a483137c6f91e3e8b3c1a900f0a6abcf9eb157d5bd6cff5465f39fc2135f45554b851c14a0f41f48c47f0b8f1c58960ba58c83afcd8b2c9e2d1a7b4f0157b293ac63af90debe2a8297314b4c85ad5aa10a882b8c174a804960d669b7cb59ea2f21af32415e6cfc4b65555b72c89dd5a7e70e3e199e10bd9b2", 0xa8}], 0x9}}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000b40)="5d2f9c68553b6e46eefb0e0e3242c841a6536ad78daa3680a3bf7757ccafd2b2f64dfdeba44a3867e93b267d185bcaa25d1674ad00a03b179f6dfa097dada42598419b4031e65c17c0f612cd47217e6d6783a7b9b68b71ddea18557610341ab200c4ccb2ef11254b5f8999977d140f31cb399af13e9cdeea01fd8d274b19ea4a47dbb44e807465013cb0dd33426ec7765c", 0x91}, {&(0x7f0000002a80)="b37461510f8cb03f0fe0d609d071d60cbdb2be3133df8b1a208191686fb77907824bc1344e653f0a0bb6a16fd3ca7484aeec16cfcf7e9a62d0191892491d1cc23d21c7e3b299b5474c2e9c1ca9b25fdb701285d93db2fd9e6db1b6c193afaff97f834c3f49ab2791e2002337ece0ac7835cdd9f8a59fb6e238d63c03d8140c38eeeddaf7c1f42fe208e730514d890e53a630d1a456e3020f8bb998aed655e18ab1f616467d26fed441e6dd42064a29553f58eff8dbca79b88c728d25e157268aa21fd0feae68c5fb8053079bfd50c8cbe809adfcc96647d3b6ffd764822773f62c59627e76b0b05821185f9d140d16286bfdb54cdb1978d53ebb1660168bcb6b74901d26a927575882a44cc4ff7012ce6a5e4b269d5497dbc4d5e64b138c5701107cd7bbd7680c78bd86f9f7bacd9c900bed550a65862b38294942dd8963d97eef6be601e44cda7131c56078cc463f52b79375803573e4c48841bbe40d62a42564d1ccdda277afd55137948769479fc575a8be127a42b812748b29974ba0a8064ddfdd817a5d602a8a3c6c4a6a7490c1d790dff5eae60a15b1cc9e86a605b6973001ae4187387de41a656b90b9a7d0ecd69223188dc653009e27509bc44a8e65a09339ffb9dec72ac43d04eb557dbf7cc51066bff9bd77f73d4895aeef672756751f8951bc40be148389b2ceb17f13184064c04cb99d2dc9b4ecbabcb389ba17c9a61554b9d623f682e2e1aea2b2ccfd51d1a8de1cbbf49e790012b448a629c859db3b353ff3cba810de87e610e03f461236c836457100898cccb7c43155bedb2ce9d75707f2ad7651139489b93db159f3546d22b1c2801cdff83cbc40f8e8f2c619e5850de5b3f3a55e4a8c56e36e62d8230200bd2e91d056e29f033fe24e211036dd0c78b94cc4c915fafd61bf2557f363afad0015bf3044a3cfb6678736cee39e74928f9f2d57444ee9473806e027a9b5daebf485d7ea95d127ff4069a04f7022d16dc3b5573500c15f3c7b70c2c432798bde9e70c1ff000141dcff62b6ad69a00828b4299f7fde6e9ae238fdbacd8647c3e035be4f4acd1b3888249309c40f56aa3e73b8716fb0922ec106dcdefa70b89ff11f328eb0690f08c205c93d6e1c22d05647e2b774f1819c0f04107112d207d8049c86c782a8e843090e84d66ba075b43ee6f6c921a1ec69ccd1487e29d9e135b37080c7ec326874ab1584a926ea117a1649091b02c12cbc3b2d52c75251124083daa4c177c98baa5e18aee57fdeafdeda69c9a64f564fda59d0dc725a0f65414293a3f2750e0cf283613b3e14c2d96494f9da86f0f6a41b9cfca6daee62581fa9067364b5980033f6a9dd2c44f876937d63a45a282129599047df2e16f72e354caf7cc8ccc02a58aadd24760fa410fa063cff9b4c3b6d4bab5090248d3e4896f20ebe3f514c7df440e8ef95ebcf34894a18b2a36aaf39acf12ff47fe056336e3804c6b91096002df20b95427e8ea9b859cfe65d53ed6dfa5e40c445027f83e1ca14bed9f5bd86308b762c66e7315c5894455a9b4a0b5ab6f589219c16d061c16edb13bf7e0d5ca81d558c5f47d0ee36ef8a94774acf1316175de182faf893ef97d23ea79503d3e004e1561b212e8c477f76a54cd1565071ba3e58f4f8b6a6e5244c6953331b0d140baf8fb79f43e7bc4935411a4489a295acc11294326830fb16577af765e933615b94e599a00747de2c8fb9670914e38c89da183f0467fb7751abf574b10bc12d997396013f4dd53bad06fc4091e1ba27ba6a027b6a7353bdfa1cfc30dff00a23b233875f072cb2da25923b1584a035c42d47c8163fa1aa207ecff09d383cd738ec5ad043f00328a032ed5cfbbad2f53ca963ce5975f7198857ca91e65d542e49fac0f672afa387ab95f3b43eb8635769688931faec2ff43c8d5394a5686643e2da8993e5ab6d7b9f35264d826f103c1daffa3386d00070df55221944e05ad8d61ce19b509f1dc8ea36798ab399169fe3e5155368ed280691e4063e27f4b9995a803e14c4956d6ae4cc1a158af41f85d9e6532db99181789b2dc9fc2d4cacfe4dab316a397f43e3464520727db992a66f8eae5c38eab347cab8d150303095be42a537c0971db446d6e01a5144ca00e51afd75e6f011a58e17ce51f8724f9dd43e88f5a8173e43d8e8b7d5a3ed26840ba620590d75c1604b5ce098f6f0ae84d32c6e0a730d0eb6352784222a18bf62956780cc89e63b1e387450afb528bce42ba019cedadefe85f220c45665dd21ca9fda998be584b0f73979b95432068a35589851571e", 0x65e}], 0x2}}], 0x3, 0xc880)
recvfrom(r0, &(0x7f0000001a80)=""/4096, 0x1000, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x0, 0x0, 0x0)

7.647763433s ago: executing program 3 (id=977):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000400)={{0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000006c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x80402e, &(0x7f00000003c0)={0x0, 0x80000, 0x200, 0x0, 0x2}, &(0x7f0000000640), &(0x7f0000000100)=<r5=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(0x0, r5, &(0x7f0000000600)=@IORING_OP_SENDMSG={0x9, 0xc, 0x0, r6, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000300)="b62ce4b376a0aa6be1543e589204a8c0cb557a8f21f72714b87dd95dde5a680bf56675d4246bc58e28f4abddc7a8", 0x2e}, {&(0x7f0000000440)="46d02672f6b295ec5e810c848393ed21c42576935345e4b23d46f461a41ec47c55faf800215d72cb874b2ebc4431dd00ddd7f55bb28f443c522e16f5236a6edfd589f05032fd60859d9114edae49d8555a26e3ac10a4a6d2917fa8f832353986539be4aea2fcaadc4b4805f4c525f116c4", 0x71}, {&(0x7f00000004c0)="78b986573e3cd4ad2693e2da6a668fb1c5c994ec46d54e1508b028fde2146c945c086ae689eda044dae699d1153964d2ab808c2563a2f4dec6f7e45dff236102bc9054302023b67e2839786874450a5546d4555e0e053350aaf66ed256a7e142a008cf7e1dd14a6d7670d92cbc0543a4ac0e91120a5ab8ddefbacbc1d2f87ce3f9b38f2a1b866c55b21f47d748db73e3ceb5e8e8993ec2c6e0eb5622367e417cfd62e18e05a6ee697ffc33aaef156ef55d3761649f6dd09291ac3967557484316951d0", 0xc3}], 0x3}, 0x0, 0x0, 0x1})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r8 = gettid()
wait4(r8, 0x0, 0x80000000, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r7, 0x0, 0x700)
io_uring_enter(r4, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000240)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x3}, &(0x7f00000001c0)=0x9c)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000), 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r10 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r10, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

6.704751687s ago: executing program 3 (id=982):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x20200007)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e1c, @empty}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xd6, &(0x7f0000000080), &(0x7f0000000000)=0x4)

5.718761772s ago: executing program 2 (id=984):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f00000001c0)={0x18, 0x0, {0x9, @multicast, 'vxcan1\x00'}}, 0x1e)
r5 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x4380000, @remote}, 0x1c)
sendmmsg$alg(r5, &(0x7f0000001840)=[{0x20000000, 0xff00, 0x0}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)
r7 = dup(r6)
read$dsp(r7, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32=r8, @ANYRES64=r1], 0x1c}}, 0x0)

5.716796831s ago: executing program 4 (id=985):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = eventfd2(0x8001, 0x80801)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000080)={0x1, 0x0, [{0x0, 0x4}]})
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000000c0)={0x0, 0xfffffffe})
read$eventfd(r0, &(0x7f00000024c0), 0x8)

5.638148967s ago: executing program 4 (id=986):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000400)={{0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000006c0)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x80402e, &(0x7f00000003c0)={0x0, 0x80000, 0x200, 0x0, 0x2}, &(0x7f0000000640), &(0x7f0000000100)=<r4=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(0x0, r4, &(0x7f0000000600)=@IORING_OP_SENDMSG={0x9, 0xc, 0x0, r5, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000300)="b62ce4b376a0aa6be1543e589204a8c0cb557a8f21f72714b87dd95dde5a680bf56675d4246bc58e28f4abddc7a8", 0x2e}, {&(0x7f0000000440)="46d02672f6b295ec5e810c848393ed21c42576935345e4b23d46f461a41ec47c55faf800215d72cb874b2ebc4431dd00ddd7f55bb28f443c522e16f5236a6edfd589f05032fd60859d9114edae49d8555a26e3ac10a4a6d2917fa8f832353986539be4aea2fcaadc4b4805f4c525f116c4", 0x71}, {&(0x7f00000004c0)="78b986573e3cd4ad2693e2da6a668fb1c5c994ec46d54e1508b028fde2146c945c086ae689eda044dae699d1153964d2ab808c2563a2f4dec6f7e45dff236102bc9054302023b67e2839786874450a5546d4555e0e053350aaf66ed256a7e142a008cf7e1dd14a6d7670d92cbc0543a4ac0e91120a5ab8ddefbacbc1d2f87ce3f9b38f2a1b866c55b21f47d748db73e3ceb5e8e8993ec2c6e0eb5622367e417cfd62e18e05a6ee697ffc33aaef156ef55d3761649f6dd09291ac3967557484316951d0", 0xc3}], 0x3}, 0x0, 0x0, 0x1})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r7 = gettid()
wait4(r7, 0x0, 0x80000000, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r6, 0x0, 0x700)
io_uring_enter(r3, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000240)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x3}, &(0x7f00000001c0)=0x9c)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000), 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r9, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

5.430819016s ago: executing program 3 (id=987):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x46bda60, @loopback, 0x4}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000002c0)="8047558f8a7f7e474851d271c4bd85d9bb4d499694ba3c9c2bab5f1556cf18beef687a7f1accdcf3f26b94d13a7966c9be210f74f212cd67d96d093abff49890428118a98a39861b7cfbb8a7cf3f8eedc66fcc7d4da16f9b02c41da6acfea98b854c94c35b4028a422b135cb5d2bbdcafb2146d8b8bf616edd1bd8f862d9d29c7579475c80bf9f67d2434f7dfa847656ffaf4d8c3730ceb346d679646aebe9aa79bf137f59c4f2e552d728349ac125d47f3c9d9f3f62a06c40bc38b6dd26a8c64233a2d2fc9425256604", 0xca}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000540)="434275a617c7c03e2fe8e61f54986624e03bccf1a1697fe226aa382ebbdd27527b2102da5c92529573d622850fe05aa266a8be0e0c594db748610b91", 0x3c}, {&(0x7f0000000580)="a5e0b298dce6375cda894f25333cfb6ca40bb491f27af306", 0x18}, {&(0x7f00000005c0)="64abbb6b8f8f9a7dd16b3fed845fbe0589e638e2b868da740de998b5e32d", 0x1e}, {&(0x7f0000000600)="606b379c169acc2749232117ed0945e56593937320c7eb27ebdcaac0884f1c689f3ec662a7e1b2977b460406fce1b022179758518a36ca06ff34df0078bb45b1f238c8d5bba429c240ce86b3d0fe44b1d9d4032e2427f40d40bf7d53e5b8aa99d666a9efbe84be25e5a1efab49117fcd94e8900f00cb4c1ebd447a98c694bb661d32", 0x82}, {&(0x7f00000006c0)="b9bef5f41326bed338705325c1c7dbdc630a99f22a1ac230a630a0b97f19dff3327ec8c870dc1355c5d8021b5a7a6aa90fb2fbca0167ccab49cef38bdb48760b589f73a4c60e2fac1b76bf1ada353932ef3e1b219b3b0ae0582a69c289c1033ed1a54e2d9c7eaee0a9704c0d590359776662591535c035daef4885", 0x7b}, {&(0x7f0000000740)="338bda9e3193c253032dc3f421bffd97e3fc2cf19c40071289916c2312c15886ff08f101658db59bcbcffc422f350717346be1a0a6300b89861fa66ce9a93313530931050a95ecfa4fc2f609e6218d3a8cf26251276ccc53d348935985da7ef7b45cef8420cb0bbb9f9abe716afa4543c5c8b6e697f8811668f2a5923f6dfbbad3", 0x81}, {&(0x7f0000000800)="d195144329e553ccec34d07887c2e024a9df9e8ce6d1529135450a139e0411fdcbbec6aa5660d0e6924125bfd618a90fa5708eb310b527c16c2841c07fc2223748cd58f25c0a234388a77fbf4219bcd4cfaae8e0b7a4280479ff5e1caae049b6fe595183222934f0908ea3c48ef5df3b25305346b6dc9c86979f887a0634d4f9b5ee880ce3bae9cfa2276dd640429834ece9db245f948cc552cc0d163dc3aec4ce827863ec12e091574ebdc42b0bbd83f4df81bbbee5ee61edeaa197a7cfe8b30ce61d8fe8", 0xc5}, {&(0x7f0000000900)="52228beb7c2e7d3fefa24ad027af29796a51582a5027bf8a9a4a8de341dd8d79bf196ef1187b471670fc76cc44efb7", 0x2f}, {&(0x7f0000000940)="c1a7eba67a4e62defd88134aa2c7aad6c54c450a2a85c505750abce52a04be24fda6342ceca3657765525de416046b0a483137c6f91e3e8b3c1a900f0a6abcf9eb157d5bd6cff5465f39fc2135f45554b851c14a0f41f48c47f0b8f1c58960ba58c83afcd8b2c9e2d1a7b4f0157b293ac63af90debe2a8297314b4c85ad5aa10a882b8c174a804960d669b7cb59ea2f21af32415e6cfc4b65555b72c89dd5a7e70e3e199e10bd9b2", 0xa8}], 0x9}}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000b40)="5d2f9c68553b6e46eefb0e0e3242c841a6536ad78daa3680a3bf7757ccafd2b2f64dfdeba44a3867e93b267d185bcaa25d1674ad00a03b179f6dfa097dada42598419b4031e65c17c0f612cd47217e6d6783a7b9b68b71ddea18557610341ab200c4ccb2ef11254b5f8999977d140f31cb399af13e9cdeea01fd8d274b19ea4a47dbb44e807465013cb0dd33426ec7765c", 0x91}, {&(0x7f0000002a80)="b37461510f8cb03f0fe0d609d071d60cbdb2be3133df8b1a208191686fb77907824bc1344e653f0a0bb6a16fd3ca7484aeec16cfcf7e9a62d0191892491d1cc23d21c7e3b299b5474c2e9c1ca9b25fdb701285d93db2fd9e6db1b6c193afaff97f834c3f49ab2791e2002337ece0ac7835cdd9f8a59fb6e238d63c03d8140c38eeeddaf7c1f42fe208e730514d890e53a630d1a456e3020f8bb998aed655e18ab1f616467d26fed441e6dd42064a29553f58eff8dbca79b88c728d25e157268aa21fd0feae68c5fb8053079bfd50c8cbe809adfcc96647d3b6ffd764822773f62c59627e76b0b05821185f9d140d16286bfdb54cdb1978d53ebb1660168bcb6b74901d26a927575882a44cc4ff7012ce6a5e4b269d5497dbc4d5e64b138c5701107cd7bbd7680c78bd86f9f7bacd9c900bed550a65862b38294942dd8963d97eef6be601e44cda7131c56078cc463f52b79375803573e4c48841bbe40d62a42564d1ccdda277afd55137948769479fc575a8be127a42b812748b29974ba0a8064ddfdd817a5d602a8a3c6c4a6a7490c1d790dff5eae60a15b1cc9e86a605b6973001ae4187387de41a656b90b9a7d0ecd69223188dc653009e27509bc44a8e65a09339ffb9dec72ac43d04eb557dbf7cc51066bff9bd77f73d4895aeef672756751f8951bc40be148389b2ceb17f13184064c04cb99d2dc9b4ecbabcb389ba17c9a61554b9d623f682e2e1aea2b2ccfd51d1a8de1cbbf49e790012b448a629c859db3b353ff3cba810de87e610e03f461236c836457100898cccb7c43155bedb2ce9d75707f2ad7651139489b93db159f3546d22b1c2801cdff83cbc40f8e8f2c619e5850de5b3f3a55e4a8c56e36e62d8230200bd2e91d056e29f033fe24e211036dd0c78b94cc4c915fafd61bf2557f363afad0015bf3044a3cfb6678736cee39e74928f9f2d57444ee9473806e027a9b5daebf485d7ea95d127ff4069a04f7022d16dc3b5573500c15f3c7b70c2c432798bde9e70c1ff000141dcff62b6ad69a00828b4299f7fde6e9ae238fdbacd8647c3e035be4f4acd1b3888249309c40f56aa3e73b8716fb0922ec106dcdefa70b89ff11f328eb0690f08c205c93d6e1c22d05647e2b774f1819c0f04107112d207d8049c86c782a8e843090e84d66ba075b43ee6f6c921a1ec69ccd1487e29d9e135b37080c7ec326874ab1584a926ea117a1649091b02c12cbc3b2d52c75251124083daa4c177c98baa5e18aee57fdeafdeda69c9a64f564fda59d0dc725a0f65414293a3f2750e0cf283613b3e14c2d96494f9da86f0f6a41b9cfca6daee62581fa9067364b5980033f6a9dd2c44f876937d63a45a282129599047df2e16f72e354caf7cc8ccc02a58aadd24760fa410fa063cff9b4c3b6d4bab5090248d3e4896f20ebe3f514c7df440e8ef95ebcf34894a18b2a36aaf39acf12ff47fe056336e3804c6b91096002df20b95427e8ea9b859cfe65d53ed6dfa5e40c445027f83e1ca14bed9f5bd86308b762c66e7315c5894455a9b4a0b5ab6f589219c16d061c16edb13bf7e0d5ca81d558c5f47d0ee36ef8a94774acf1316175de182faf893ef97d23ea79503d3e004e1561b212e8c477f76a54cd1565071ba3e58f4f8b6a6e5244c6953331b0d140baf8fb79f43e7bc4935411a4489a295acc11294326830fb16577af765e933615b94e599a00747de2c8fb9670914e38c89da183f0467fb7751abf574b10bc12d997396013f4dd53bad06fc4091e1ba27ba6a027b6a7353bdfa1cfc30dff00a23b233875f072cb2da25923b1584a035c42d47c8163fa1aa207ecff09d383cd738ec5ad043f00328a032ed5cfbbad2f53ca963ce5975f7198857ca91e65d542e49fac0f672afa387ab95f3b43eb8635769688931faec2ff43c8d5394a5686643e2da8993e5ab6d7b9f35264d826f103c1daffa3386d00070df55221944e05ad8d61ce19b509f1dc8ea36798ab399169fe3e5155368ed280691e4063e27f4b9995a803e14c4956d6ae4cc1a158af41f85d9e6532db99181789b2dc9fc2d4cacfe4dab316a397f43e3464520727db992a66f8eae5c38eab347cab8d150303095be42a537c0971db446d6e01a5144ca00e51afd75e6f011a58e17ce51f8724f9dd43e88f5a8173e43d8e8b7d5a3ed26840ba620590d75c1604b5ce098f6f0ae84d32c6e0a730d0eb6352784222a18bf62956780cc89e63b1e387450afb528bce42ba019cedadefe85f220c45665dd21ca9fda998be584b0f73979b95432068a35589851571e", 0x65e}], 0x2}}], 0x3, 0xc880)
recvfrom(r0, &(0x7f0000001a80)=""/4096, 0x1000, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x0, 0x0, 0x0)

5.430481147s ago: executing program 2 (id=988):
r0 = epoll_create(0x7)
r1 = epoll_create1(0x0)
r2 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)={0x6000200b, 0x900})

5.148825258s ago: executing program 2 (id=990):
r0 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
shmat(r0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
rename(&(0x7f0000000e00)='./bus\x00', &(0x7f0000001080)='./file0\x00')
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$caif_stream(0x25, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x300, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)=r3}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r3}, 0x57)
shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
shmdt(0x0)

5.13890873s ago: executing program 3 (id=991):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}, 0x5}], 0x40002ff, 0x2, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, &(0x7f0000001800)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)

3.746020258s ago: executing program 2 (id=994):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f7010203010902240001000000f9c55a3846314a0f966acf74000904fb00026c5d650009050402100000fa00090582024000000000"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x5, @ipv4={'\x00', '\xff\xff', @remote}, 0xd}, 0x1c)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) (async)
sendfile(r1, r2, 0x0, 0x8000002b) (async)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000380)={0x40, 0x14, 0x6, "2a58eb6554aa"}, 0x0, 0x0, 0x0, 0x0}) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0) (async)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/74, 0x32a000, 0x800}, 0x20) (async)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
sendto$inet6(r3, &(0x7f00000003c0)='?', 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c) (async)
setsockopt(r3, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r4, 0x560f, 0x0) (async)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000a40)={0x2c, &(0x7f00000008c0)=ANY=[@ANYBLOB="400e4100000008"], 0x0, 0x0, 0x0, 0x0})

3.030508885s ago: executing program 0 (id=996):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000005e000100000003000000000000000000", @ANYRES32=r2, @ANYRES64=r1], 0x1c}}, 0x0)

2.891870972s ago: executing program 0 (id=997):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getrandom(&(0x7f0000000580)=""/296, 0x128, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
io_uring_setup(0x16fe, &(0x7f0000000000)={0x0, 0xe147, 0x0, 0x0, 0xae})
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, 0x52, 0x1, 0x10, 0x0, {0x2}}, 0x14}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000014c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xfff7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r4, 0x400448ca, 0x0)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x6)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, 0x0, 0x0, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r7, 0x0, 0x2e, 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, &(0x7f00000009c0)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3a8294f2a1d79fe4ce69f036a4800000000030000000000000000000000000000000000000000000000000000000000000000000000000000006e6000000000000000000000000000000000000000000000b1de36a40ec3eaa9f4181f4873646fc54cc8159edbdf1c80c9e34df8afd7080a73516958d122cf22bac6b8e5d6b3ff955c3b65d67816c82d9c03107cfd9d2e1073f88764314bc44b56cc53bd2e9a4b3b9c29ef743d6d0e9034ac6904306766017c395e9f4060bc14c90a46556aa16e3491644bf5c8e0c7a0c651dfa2886c68dd6ada5a794bf3852c74d1aa9ddb90b67fa3c28dd1c7d292863c8d8d907d6a585f29344692cb398436bb2a3a639755cc89af1f2cfe9fa50d8fc4792bc5b82eefe363d48570e443b2"], 0x190)

2.443691079s ago: executing program 4 (id=998):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
syz_emit_ethernet(0x6a, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaf301d4db80ab94f54500005c0000000000119078000000000000000000004e20001f90780300000000e600006d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8ddec71c45d16822e5e02be61c7a5f5a06b8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c0b23b301258d6b2f84c636062b9eb636911ee7b6e91a9ebc0cb6"], 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}, @NFT_MSG_NEWCHAIN={0x14}], {0x14}}, 0x90}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000000c0)=0x40000)
r5 = socket(0x2a, 0x2, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x0, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff1}, {0xb, 0xfff2}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_timeval(r7, 0x1, 0x43, 0x0, &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newtfilter={0x2a4, 0x2c, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {}, {}, {0x2}}, [@filter_kind_options=@f_u32={{0x8}, {0x278, 0x2, [@TCA_U32_SEL={0x264, 0x5, {0xd, 0x40, 0x25, 0x5, 0x3661, 0x8, 0x3, 0xfffffffa, [{0x3, 0x80, 0x3fe, 0x7fff}, {0xffff5a44, 0x9, 0x4, 0xe561}, {0x8, 0x9, 0x10001, 0x915f}, {0x2, 0x42890131, 0x6, 0x9}, {0x64b3, 0x7, 0x3, 0x9d46}, {0x401, 0xc, 0x7, 0x4}, {0x8, 0x7, 0xffffffff, 0x6}, {0x6de, 0x5, 0x4, 0x2}, {0xdb7, 0x0, 0x0, 0x2}, {0x7fffffff, 0xa49d, 0x6}, {0x5, 0xfffffffb, 0x8, 0xbd9}, {0xfffffffa, 0x9, 0x3, 0x2}, {0xffff, 0x800, 0x0, 0x4}, {0xffff, 0xfb6, 0x7, 0x9}, {0x2, 0x40, 0x6, 0x2}, {0x8, 0xd1a, 0x12, 0x1}, {0x9, 0xd5d2, 0x3, 0x7c}, {0xf7f, 0xffff, 0x10001, 0xb5}, {0xd, 0x100, 0x401, 0x6}, {0x4, 0x6, 0x10000, 0x81}, {0x8, 0x1, 0x4, 0x202}, {0x0, 0xfffffff8, 0x8000000, 0x9e2c}, {0x8, 0xfff, 0xfffffffc, 0x802}, {0x0, 0x4, 0x4, 0x6}, {0x6, 0x3, 0x81, 0x2bf60442}, {0x0, 0x80000000, 0xd7, 0x7fffffff}, {0x14003, 0x6687, 0x0, 0xf}, {0x1, 0x7, 0x7b33, 0x4}, {0x10000004, 0x8, 0x0, 0xa649}, {0x1, 0x59, 0xe6cd, 0x4}, {0x6, 0x3, 0xd158, 0x6}, {0x7, 0x8004, 0x2, 0x2}, {0x8, 0x5, 0x8, 0xffff}, {0xe124, 0x9, 0xc, 0x3ff}, {0x28, 0x8, 0x5, 0x69cb8113}, {0xfffffffe, 0x1, 0x9, 0x76}, {0x3, 0x7, 0x7, 0x7}]}}, @TCA_U32_MARK={0x10, 0xa, {0x8000, 0x7}}]}}]}, 0x2a4}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2.070711044s ago: executing program 2 (id=999):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='\x00', 0x89101)
fchdir(r4)
close(r4)
socket$unix(0x1, 0x1, 0x0)
connect$unix(r4, &(0x7f0000000140)=@file={0x2f, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1.929755721s ago: executing program 0 (id=1000):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000140))

1.541216142s ago: executing program 0 (id=1001):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x46bda60, @loopback, 0x4}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000002c0)="8047558f8a7f7e474851d271c4bd85d9bb4d499694ba3c9c2bab5f1556cf18beef687a7f1accdcf3f26b94d13a7966c9be210f74f212cd67d96d093abff49890428118a98a39861b7cfbb8a7cf3f8eedc66fcc7d4da16f9b02c41da6acfea98b854c94c35b4028a422b135cb5d2bbdcafb2146d8b8bf616edd1bd8f862d9d29c7579475c80bf9f67d2434f7dfa847656ffaf4d8c3730ceb346d679646aebe9aa79bf137f59c4f2e552d728349ac125d47f3c9d9f3f62a06c40bc38b6dd26a8c64233a2d2fc9425256604", 0xca}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000540)="434275a617c7c03e2fe8e61f54986624e03bccf1a1697fe226aa382ebbdd27527b2102da5c92529573d622850fe05aa266a8be0e0c594db748610b91", 0x3c}, {&(0x7f0000000580)="a5e0b298dce6375cda894f25333cfb6ca40bb491f27af306", 0x18}, {&(0x7f00000005c0)="64abbb6b8f8f9a7dd16b3fed845fbe0589e638e2b868da740de998b5e32d", 0x1e}, {&(0x7f0000000600)="606b379c169acc2749232117ed0945e56593937320c7eb27ebdcaac0884f1c689f3ec662a7e1b2977b460406fce1b022179758518a36ca06ff34df0078bb45b1f238c8d5bba429c240ce86b3d0fe44b1d9d4032e2427f40d40bf7d53e5b8aa99d666a9efbe84be25e5a1efab49117fcd94e8900f00cb4c1ebd447a98c694bb661d32", 0x82}, {&(0x7f00000006c0)="b9bef5f41326bed338705325c1c7dbdc630a99f22a1ac230a630a0b97f19dff3327ec8c870dc1355c5d8021b5a7a6aa90fb2fbca0167ccab49cef38bdb48760b589f73a4c60e2fac1b76bf1ada353932ef3e1b219b3b0ae0582a69c289c1033ed1a54e2d9c7eaee0a9704c0d590359776662591535c035daef4885", 0x7b}, {&(0x7f0000000740)="338bda9e3193c253032dc3f421bffd97e3fc2cf19c40071289916c2312c15886ff08f101658db59bcbcffc422f350717346be1a0a6300b89861fa66ce9a93313530931050a95ecfa4fc2f609e6218d3a8cf26251276ccc53d348935985da7ef7b45cef8420cb0bbb9f9abe716afa4543c5c8b6e697f8811668f2a5923f6dfbbad3", 0x81}, {&(0x7f0000000800)="d195144329e553ccec34d07887c2e024a9df9e8ce6d1529135450a139e0411fdcbbec6aa5660d0e6924125bfd618a90fa5708eb310b527c16c2841c07fc2223748cd58f25c0a234388a77fbf4219bcd4cfaae8e0b7a4280479ff5e1caae049b6fe595183222934f0908ea3c48ef5df3b25305346b6dc9c86979f887a0634d4f9b5ee880ce3bae9cfa2276dd640429834ece9db245f948cc552cc0d163dc3aec4ce827863ec12e091574ebdc42b0bbd83f4df81bbbee5ee61edeaa197a7cfe8b30ce61d8fe8", 0xc5}, {&(0x7f0000000900)="52228beb7c2e7d3fefa24ad027af29796a51582a5027bf8a9a4a8de341dd8d79bf196ef1187b471670fc76cc44efb7", 0x2f}, {&(0x7f0000000940)="c1a7eba67a4e62defd88134aa2c7aad6c54c450a2a85c505750abce52a04be24fda6342ceca3657765525de416046b0a483137c6f91e3e8b3c1a900f0a6abcf9eb157d5bd6cff5465f39fc2135f45554b851c14a0f41f48c47f0b8f1c58960ba58c83afcd8b2c9e2d1a7b4f0157b293ac63af90debe2a8297314b4c85ad5aa10a882b8c174a804960d669b7cb59ea2f21af32415e6cfc4b65555b72c89dd5a7e70e3e199e10bd9b2", 0xa8}], 0x9}}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000b40)="5d2f9c68553b6e46eefb0e0e3242c841a6536ad78daa3680a3bf7757ccafd2b2f64dfdeba44a3867e93b267d185bcaa25d1674ad00a03b179f6dfa097dada42598419b4031e65c17c0f612cd47217e6d6783a7b9b68b71ddea18557610341ab200c4ccb2ef11254b5f8999977d140f31cb399af13e9cdeea01fd8d274b19ea4a47dbb44e807465013cb0dd33426ec7765c", 0x91}, {&(0x7f0000002a80)="b37461510f8cb03f0fe0d609d071d60cbdb2be3133df8b1a208191686fb77907824bc1344e653f0a0bb6a16fd3ca7484aeec16cfcf7e9a62d0191892491d1cc23d21c7e3b299b5474c2e9c1ca9b25fdb701285d93db2fd9e6db1b6c193afaff97f834c3f49ab2791e2002337ece0ac7835cdd9f8a59fb6e238d63c03d8140c38eeeddaf7c1f42fe208e730514d890e53a630d1a456e3020f8bb998aed655e18ab1f616467d26fed441e6dd42064a29553f58eff8dbca79b88c728d25e157268aa21fd0feae68c5fb8053079bfd50c8cbe809adfcc96647d3b6ffd764822773f62c59627e76b0b05821185f9d140d16286bfdb54cdb1978d53ebb1660168bcb6b74901d26a927575882a44cc4ff7012ce6a5e4b269d5497dbc4d5e64b138c5701107cd7bbd7680c78bd86f9f7bacd9c900bed550a65862b38294942dd8963d97eef6be601e44cda7131c56078cc463f52b79375803573e4c48841bbe40d62a42564d1ccdda277afd55137948769479fc575a8be127a42b812748b29974ba0a8064ddfdd817a5d602a8a3c6c4a6a7490c1d790dff5eae60a15b1cc9e86a605b6973001ae4187387de41a656b90b9a7d0ecd69223188dc653009e27509bc44a8e65a09339ffb9dec72ac43d04eb557dbf7cc51066bff9bd77f73d4895aeef672756751f8951bc40be148389b2ceb17f13184064c04cb99d2dc9b4ecbabcb389ba17c9a61554b9d623f682e2e1aea2b2ccfd51d1a8de1cbbf49e790012b448a629c859db3b353ff3cba810de87e610e03f461236c836457100898cccb7c43155bedb2ce9d75707f2ad7651139489b93db159f3546d22b1c2801cdff83cbc40f8e8f2c619e5850de5b3f3a55e4a8c56e36e62d8230200bd2e91d056e29f033fe24e211036dd0c78b94cc4c915fafd61bf2557f363afad0015bf3044a3cfb6678736cee39e74928f9f2d57444ee9473806e027a9b5daebf485d7ea95d127ff4069a04f7022d16dc3b5573500c15f3c7b70c2c432798bde9e70c1ff000141dcff62b6ad69a00828b4299f7fde6e9ae238fdbacd8647c3e035be4f4acd1b3888249309c40f56aa3e73b8716fb0922ec106dcdefa70b89ff11f328eb0690f08c205c93d6e1c22d05647e2b774f1819c0f04107112d207d8049c86c782a8e843090e84d66ba075b43ee6f6c921a1ec69ccd1487e29d9e135b37080c7ec326874ab1584a926ea117a1649091b02c12cbc3b2d52c75251124083daa4c177c98baa5e18aee57fdeafdeda69c9a64f564fda59d0dc725a0f65414293a3f2750e0cf283613b3e14c2d96494f9da86f0f6a41b9cfca6daee62581fa9067364b5980033f6a9dd2c44f876937d63a45a282129599047df2e16f72e354caf7cc8ccc02a58aadd24760fa410fa063cff9b4c3b6d4bab5090248d3e4896f20ebe3f514c7df440e8ef95ebcf34894a18b2a36aaf39acf12ff47fe056336e3804c6b91096002df20b95427e8ea9b859cfe65d53ed6dfa5e40c445027f83e1ca14bed9f5bd86308b762c66e7315c5894455a9b4a0b5ab6f589219c16d061c16edb13bf7e0d5ca81d558c5f47d0ee36ef8a94774acf1316175de182faf893ef97d23ea79503d3e004e1561b212e8c477f76a54cd1565071ba3e58f4f8b6a6e5244c6953331b0d140baf8fb79f43e7bc4935411a4489a295acc11294326830fb16577af765e933615b94e599a00747de2c8fb9670914e38c89da183f0467fb7751abf574b10bc12d997396013f4dd53bad06fc4091e1ba27ba6a027b6a7353bdfa1cfc30dff00a23b233875f072cb2da25923b1584a035c42d47c8163fa1aa207ecff09d383cd738ec5ad043f00328a032ed5cfbbad2f53ca963ce5975f7198857ca91e65d542e49fac0f672afa387ab95f3b43eb8635769688931faec2ff43c8d5394a5686643e2da8993e5ab6d7b9f35264d826f103c1daffa3386d00070df55221944e05ad8d61ce19b509f1dc8ea36798ab399169fe3e5155368ed280691e4063e27f4b9995a803e14c4956d6ae4cc1a158af41f85d9e6532db99181789b2dc9fc2d4cacfe4dab316a397f43e3464520727db992a66f8eae5c38eab347cab8d150303095be42a537c0971db446d6e01a5144ca00e51afd75e6f011a58e17ce51f8724f9dd43e88f5a8173e43d8e8b7d5a3ed26840ba620590d75c1604b5ce098f6f0ae84d32c6e0a730d0eb6352784222a18bf62956780cc89e63b1e387450afb528bce42ba019cedadefe85f220c45665dd21ca9fda998be584b0f73979b95432068a35589851571e", 0x65e}], 0x2}}], 0x3, 0xc880)
recvfrom(r0, &(0x7f0000001a80)=""/4096, 0x1000, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x0, 0x0, 0x0)

1.363124917s ago: executing program 4 (id=1002):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000040)=0x8004, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[], 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}, 0x5}], 0x40002ff, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141607089f034d2f87e5940c05ab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
close(0xffffffffffffffff)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@dev={0xfe, 0x80, '\x00', 0x42}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x87, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x40000000000000, 0x800}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x2b}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x3, 0x0, 0xb7}}, 0xe8)
sendmmsg$inet6(r1, &(0x7f0000001800)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)

1.349385412s ago: executing program 0 (id=1003):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0xc000, 0x0)
r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x6c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x0)
listen(r1, 0x9)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.074885882s ago: executing program 4 (id=1004):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4, 0x10}}]}, 0x34}}, 0x8000)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(0x0, r4)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T1(r5, 0x103, 0x2, &(0x7f0000000080), 0x4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x8040)
r6 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x0)
r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = socket$kcm(0x29, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r10, 0x89e1, &(0x7f00000000c0)={r0})
r11 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r11, 0x107, 0xe, &(0x7f0000000080)=0x2, 0x4)
r12 = socket$netlink(0x10, 0x3, 0x4)
write(r12, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
ioctl$FBIOPUT_CON2FBMAP(r9, 0x4610, &(0x7f0000000040)={0x28, 0x2})
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000010000000180001801400020008000600010400000800"/54], 0x3c}}, 0x0)

722.78456ms ago: executing program 2 (id=1005):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010300000100fddbdf2526"], 0x14}}, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)

174.860983ms ago: executing program 0 (id=1006):
socket$can_raw(0x1d, 0x3, 0x1)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_DESTROY$ioas(r4, 0x3b80, &(0x7f0000000180)={0x8})
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'})
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x40000003, 0x0, 0x3}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x6cb6]}, 0x8)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=1007):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4}, 0xe)
shutdown(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x70}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0x10, &(0x7f0000000580)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @private2}}}}, &(0x7f0000000080)=0xb0)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c460000000000000000000000000300060000000000000000003800002ef37b900000191bda0000200001"], 0x69)
socket$can_j1939(0x1d, 0x2, 0x7)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

] Call Trace:
[  476.269768][ T7532]  <TASK>
[  476.272709][ T7532]  dump_stack_lvl+0x241/0x360
[  476.277411][ T7532]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.282620][ T7532]  ? __pfx__printk+0x10/0x10
[  476.287230][ T7532]  should_fail_ex+0x3b0/0x4e0
[  476.291925][ T7532]  prepare_alloc_pages+0x1da/0x5b0
[  476.297080][ T7532]  __alloc_pages_noprof+0x16f/0x710
[  476.302322][ T7532]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  476.308082][ T7532]  ? rep_movs_alternative+0x4a/0x70
[  476.313304][ T7532]  ? __virt_addr_valid+0x183/0x530
[  476.318437][ T7532]  alloc_pages_mpol_noprof+0x3e8/0x680
[  476.323933][ T7532]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  476.329961][ T7532]  ? __virt_addr_valid+0x183/0x530
[  476.335178][ T7532]  ? __virt_addr_valid+0x45f/0x530
[  476.340300][ T7532]  ? __check_object_size+0x48e/0x900
[  476.345604][ T7532]  ? alloc_pages_noprof+0xef/0x170
[  476.350724][ T7532]  af_alg_sendmsg+0x1420/0x2650
[  476.355606][ T7532]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  476.360820][ T7532]  ? __pfx_lock_release+0x10/0x10
[  476.365866][ T7532]  ? __import_iovec+0x590/0x870
[  476.370726][ T7532]  ? skcipher_sendmsg+0x28/0xf0
[  476.375591][ T7532]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  476.381060][ T7532]  __sock_sendmsg+0x221/0x270
[  476.385762][ T7532]  ____sys_sendmsg+0x52a/0x7e0
[  476.390554][ T7532]  ? __pfx_____sys_sendmsg+0x10/0x10
[  476.395869][ T7532]  __sys_sendmmsg+0x3ab/0x730
[  476.400564][ T7532]  ? __pfx___sys_sendmmsg+0x10/0x10
[  476.405790][ T7532]  ? __pfx_lock_release+0x10/0x10
[  476.410918][ T7532]  ? kstrtouint_from_user+0x128/0x190
[  476.416321][ T7532]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  476.422223][ T7532]  ? ksys_write+0x229/0x2b0
[  476.426731][ T7532]  ? __pfx_lock_release+0x10/0x10
[  476.431796][ T7532]  ? vfs_write+0x730/0xd30
[  476.436363][ T7532]  ? __mutex_unlock_slowpath+0x21d/0x750
[  476.442033][ T7532]  ? __fget_files+0x3f3/0x470
[  476.446834][ T7532]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  476.452836][ T7532]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  476.459186][ T7532]  ? do_syscall_64+0x100/0x230
[  476.464056][ T7532]  __x64_sys_sendmmsg+0xa0/0xb0
[  476.468926][ T7532]  do_syscall_64+0xf3/0x230
[  476.473450][ T7532]  ? clear_bhb_loop+0x35/0x90
[  476.478136][ T7532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.484036][ T7532] RIP: 0033:0x7faeb4d7e719
[  476.488452][ T7532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.508166][ T7532] RSP: 002b:00007faeb5acc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  476.516600][ T7532] RAX: ffffffffffffffda RBX: 00007faeb4f35f80 RCX: 00007faeb4d7e719
[  476.524577][ T7532] RDX: 04924924924924b9 RSI: 0000000020000400 RDI: 0000000000000004
[  476.532554][ T7532] RBP: 00007faeb5acc090 R08: 0000000000000000 R09: 0000000000000000
[  476.540532][ T7532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.548527][ T7532] R13: 0000000000000000 R14: 00007faeb4f35f80 R15: 00007ffd675bba28
[  476.556515][ T7532]  </TASK>
[  476.644987][   T51] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  476.967819][   T25] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  476.981305][   T51] usb 3-1: config 2 has an invalid interface number: 174 but max is 0
[  476.989658][   T51] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  476.999808][   T51] usb 3-1: config 2 has no interface number 0
[  477.013254][   T51] usb 3-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e
[  477.022403][   T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.030542][   T51] usb 3-1: Product: syz
[  477.034940][   T51] usb 3-1: Manufacturer: syz
[  477.039690][   T51] usb 3-1: SerialNumber: syz
[  477.125223][   T25] usb 4-1: Using ep0 maxpacket: 8
[  477.144667][   T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  477.350590][   T25] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  477.505394][   T25] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  477.761247][   T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  477.770621][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.779027][   T25] usb 4-1: Product: 墔๛뢂燜擰ꉿ�廙鯜罛饬ꣶײ霬ջ嗱��颹掋딉�⭞ᒬ峖௮ꩱȲ᨜ᪧᆿ땜㕈診柘휀军빘諭伩෎픫�ꋶ路ﺤ��ꬲᓠ㬜穽풦��뜎�檨鶠ཷ��쬊痜墳㤺䅎혟娋䧾≴ꦡ暚ꞗ�㔩䄿犚媖ݿƓ䗩摫ꪽ∇➂䒤ꢒ𧻓〼惢′蘵�秊͈類顋
[  477.819119][   T25] usb 4-1: Manufacturer: ﱟ絷ᇈG꧸긭箢譽
[  477.865368][   T25] usb 4-1: SerialNumber: 闿䳨⇨䖜膶弳ᦪ૜뼴
[  477.920074][ T7543] FAULT_INJECTION: forcing a failure.
[  477.920074][ T7543] name failslab, interval 1, probability 0, space 0, times 0
[  477.954798][ T7543] CPU: 0 UID: 0 PID: 7543 Comm: syz.4.449 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  477.965458][ T7543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  477.975550][ T7543] Call Trace:
[  477.978847][ T7543]  <TASK>
[  477.981792][ T7543]  dump_stack_lvl+0x241/0x360
[  477.986518][ T7543]  ? __pfx_dump_stack_lvl+0x10/0x10
[  477.991785][ T7543]  ? __pfx__printk+0x10/0x10
[  477.996407][ T7543]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  478.002494][ T7543]  ? __pfx___might_resched+0x10/0x10
[  478.007820][ T7543]  should_fail_ex+0x3b0/0x4e0
[  478.012548][ T7543]  should_failslab+0xac/0x100
[  478.017271][ T7543]  ? __alloc_skb+0x1c3/0x440
[  478.021881][ T7543]  kmem_cache_alloc_node_noprof+0x71/0x320
[  478.027733][ T7543]  __alloc_skb+0x1c3/0x440
[  478.032196][ T7543]  ? __pfx___alloc_skb+0x10/0x10
[  478.037163][ T7543]  ? preempt_schedule+0xe1/0xf0
[  478.042039][ T7543]  ? __pfx_schedule_preempt_disabled+0x10/0x10
[  478.048232][ T7543]  ? __mutex_trylock_common+0x183/0x2e0
[  478.053828][ T7543]  netlink_dump+0x2cd/0xd80
[  478.058385][ T7543]  ? preempt_schedule_thunk+0x1a/0x30
[  478.063793][ T7543]  ? __pfx_netlink_dump+0x10/0x10
[  478.068877][ T7543]  ? __pfx_nfnl_acct_start+0x10/0x10
[  478.074200][ T7543]  __netlink_dump_start+0x5a2/0x790
[  478.079424][ T7543]  nfnl_acct_get+0x27c/0x580
[  478.084045][ T7543]  ? __pfx_nfnl_acct_get+0x10/0x10
[  478.089175][ T7543]  ? __pfx_nfnl_acct_start+0x10/0x10
[  478.094479][ T7543]  ? __pfx_nfnl_acct_dump+0x10/0x10
[  478.099700][ T7543]  ? __pfx_nfnl_acct_done+0x10/0x10
[  478.104936][ T7543]  ? nfnetlink_rcv_msg+0x225/0x1180
[  478.110160][ T7543]  nfnetlink_rcv_msg+0xbec/0x1180
[  478.115218][ T7543]  ? nfnetlink_rcv_msg+0x225/0x1180
[  478.120452][ T7543]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  478.125964][ T7543]  ? __pfx___schedule+0x10/0x10
[  478.130840][ T7543]  netlink_rcv_skb+0x1e3/0x430
[  478.135629][ T7543]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  478.141112][ T7543]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  478.146434][ T7543]  ? cap_capable+0x1b4/0x250
[  478.151046][ T7543]  ? safesetid_security_capable+0xb2/0x1d0
[  478.156893][ T7543]  ? bpf_lsm_capable+0x9/0x10
[  478.161582][ T7543]  ? security_capable+0x7e/0x2d0
[  478.166530][ T7543]  nfnetlink_rcv+0x297/0x2ab0
[  478.171225][ T7543]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  478.177231][ T7543]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  478.183585][ T7543]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  478.189505][ T7543]  ? lockdep_hardirqs_on+0x99/0x150
[  478.194717][ T7543]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  478.199843][ T7543]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  478.205747][ T7543]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  478.212096][ T7543]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  478.218710][ T7543]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  478.225662][ T7543]  ? rcu_is_watching+0x15/0xb0
[  478.230438][ T7543]  ? rcu_read_unlock_special+0x497/0x570
[  478.236100][ T7543]  ? netlink_deliver_tap+0x2e/0x1b0
[  478.241304][ T7543]  ? skb_clone+0x240/0x390
[  478.245733][ T7543]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  478.251755][ T7543]  ? __netlink_deliver_tap+0x77e/0x7c0
[  478.257269][ T7543]  ? __rcu_read_unlock+0xa1/0x110
[  478.262320][ T7543]  netlink_unicast+0x7f6/0x990
[  478.267097][ T7543]  ? __pfx_netlink_unicast+0x10/0x10
[  478.272391][ T7543]  ? __virt_addr_valid+0x183/0x530
[  478.277519][ T7543]  ? __check_object_size+0x48e/0x900
[  478.282847][ T7543]  netlink_sendmsg+0x8e4/0xcb0
[  478.287656][ T7543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  478.292969][ T7543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  478.298277][ T7543]  __sock_sendmsg+0x221/0x270
[  478.302996][ T7543]  ____sys_sendmsg+0x52a/0x7e0
[  478.307786][ T7543]  ? __pfx_____sys_sendmsg+0x10/0x10
[  478.313116][ T7543]  __sys_sendmsg+0x292/0x380
[  478.317723][ T7543]  ? __pfx___sys_sendmsg+0x10/0x10
[  478.322861][ T7543]  ? __pfx_vfs_write+0x10/0x10
[  478.327669][ T7543]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  478.334030][ T7543]  ? do_syscall_64+0x100/0x230
[  478.338809][ T7543]  ? do_syscall_64+0xb6/0x230
[  478.343492][ T7543]  do_syscall_64+0xf3/0x230
[  478.348006][ T7543]  ? clear_bhb_loop+0x35/0x90
[  478.352711][ T7543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.358625][ T7543] RIP: 0033:0x7ff4fe37e719
[  478.363052][ T7543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.382663][ T7543] RSP: 002b:00007ff4ff13c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  478.391097][ T7543] RAX: ffffffffffffffda RBX: 00007ff4fe535f80 RCX: 00007ff4fe37e719
[  478.399092][ T7543] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: 0000000000000005
[  478.407072][ T7543] RBP: 00007ff4ff13c090 R08: 0000000000000000 R09: 0000000000000000
[  478.415063][ T7543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  478.423064][ T7543] R13: 0000000000000000 R14: 00007ff4fe535f80 R15: 00007ffc4eb48b38
[  478.431095][ T7543]  </TASK>
[  479.017793][ T7534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.073585][ T7534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.111079][   T51] usb 3-1: probing VID:PID(0424:012C)   
[  479.118054][   T51] usb 3-1: Could not find two sets of bulk-in/out endpoint pairs
[  479.176408][   T51] vub300 3-1:2.174: probe with driver vub300 failed with error -22
[  479.195389][ T7534] random: crng reseeded on system resumption
[  479.358420][   T25] cdc_ncm 4-1:1.0: bind() failure
[  479.363881][   T51] usb 3-1: USB disconnect, device number 10
[  479.377502][ T7550] FAULT_INJECTION: forcing a failure.
[  479.377502][ T7550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  479.382341][   T25] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  479.400192][   T25] cdc_ncm 4-1:1.1: bind() failure
[  479.409312][   T25] usb 4-1: USB disconnect, device number 16
[  479.495250][ T7550] CPU: 1 UID: 0 PID: 7550 Comm: syz.2.451 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  479.505914][ T7550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  479.515999][ T7550] Call Trace:
[  479.519302][ T7550]  <TASK>
[  479.522250][ T7550]  dump_stack_lvl+0x241/0x360
[  479.526964][ T7550]  ? __pfx_dump_stack_lvl+0x10/0x10
[  479.532193][ T7550]  ? __pfx__printk+0x10/0x10
[  479.536830][ T7550]  ? __pfx_lock_release+0x10/0x10
[  479.541897][ T7550]  should_fail_ex+0x3b0/0x4e0
[  479.546605][ T7550]  _copy_from_user+0x2f/0xc0
[  479.551237][ T7550]  do_fcntl+0x98e/0x1a60
[  479.555515][ T7550]  ? smack_file_fcntl+0x14e/0x360
[  479.560576][ T7550]  ? __pfx_do_fcntl+0x10/0x10
[  479.565288][ T7550]  ? __pfx_smack_file_fcntl+0x10/0x10
[  479.570718][ T7550]  ? tomoyo_file_fcntl+0x7d/0x200
[  479.575787][ T7550]  __se_sys_fcntl+0xd2/0x1e0
[  479.580414][ T7550]  do_syscall_64+0xf3/0x230
[  479.584955][ T7550]  ? clear_bhb_loop+0x35/0x90
[  479.589672][ T7550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.595600][ T7550] RIP: 0033:0x7fdffd57e719
[  479.600042][ T7550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.619710][ T7550] RSP: 002b:00007fdffe333038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  479.628187][ T7550] RAX: ffffffffffffffda RBX: 00007fdffd735f80 RCX: 00007fdffd57e719
[  479.636182][ T7550] RDX: 00000000200000c0 RSI: 0000000000000005 RDI: 0000000000000003
[  479.644172][ T7550] RBP: 00007fdffe333090 R08: 0000000000000000 R09: 0000000000000000
[  479.652168][ T7550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.660166][ T7550] R13: 0000000000000000 R14: 00007fdffd735f80 R15: 00007ffed2047cf8
[  479.668180][ T7550]  </TASK>
[  481.122098][ T7567] FAULT_INJECTION: forcing a failure.
[  481.122098][ T7567] name failslab, interval 1, probability 0, space 0, times 0
[  481.205180][ T7567] CPU: 0 UID: 0 PID: 7567 Comm: syz.4.455 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  481.215847][ T7567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  481.226259][ T7567] Call Trace:
[  481.229578][ T7567]  <TASK>
[  481.232538][ T7567]  dump_stack_lvl+0x241/0x360
[  481.237235][ T7567]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.242443][ T7567]  ? __pfx__printk+0x10/0x10
[  481.247053][ T7567]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  481.252552][ T7567]  ? __pfx___might_resched+0x10/0x10
[  481.257884][ T7567]  should_fail_ex+0x3b0/0x4e0
[  481.262680][ T7567]  should_failslab+0xac/0x100
[  481.267395][ T7567]  ? shrinker_alloc+0x5a/0x9d0
[  481.272196][ T7567]  __kmalloc_cache_noprof+0x6c/0x2c0
[  481.277512][ T7567]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  481.283371][ T7567]  shrinker_alloc+0x5a/0x9d0
[  481.287994][ T7567]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  481.293867][ T7567]  ? __raw_spin_lock_init+0x45/0x100
[  481.299201][ T7567]  alloc_super+0x6c0/0x9d0
[  481.303669][ T7567]  sget_fc+0x34c/0x9c0
[  481.307783][ T7567]  ? __pfx_set_anon_super_fc+0x10/0x10
[  481.313296][ T7567]  ? __pfx_mqueue_fill_super+0x10/0x10
[  481.318796][ T7567]  get_tree_nodev+0x2a/0x140
[  481.323431][ T7567]  vfs_get_tree+0x90/0x2b0
[  481.327882][ T7567]  fc_mount+0x1b/0xb0
[  481.331897][ T7567]  mq_init_ns+0x3ce/0x540
[  481.336273][ T7567]  copy_ipcs+0x321/0x530
[  481.340557][ T7567]  create_new_namespaces+0x221/0x7b0
[  481.345885][ T7567]  ? bpf_lsm_capable+0x9/0x10
[  481.350594][ T7567]  ? security_capable+0x7e/0x2d0
[  481.355566][ T7567]  unshare_nsproxy_namespaces+0x124/0x180
[  481.361322][ T7567]  ksys_unshare+0x57d/0xa70
[  481.365855][ T7567]  ? __pfx_ksys_unshare+0x10/0x10
[  481.370903][ T7567]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  481.377268][ T7567]  ? do_syscall_64+0x100/0x230
[  481.382064][ T7567]  __x64_sys_unshare+0x38/0x40
[  481.386845][ T7567]  do_syscall_64+0xf3/0x230
[  481.391372][ T7567]  ? clear_bhb_loop+0x35/0x90
[  481.396085][ T7567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.402007][ T7567] RIP: 0033:0x7ff4fe37e719
[  481.406443][ T7567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.426071][ T7567] RSP: 002b:00007ff4ff11b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  481.434517][ T7567] RAX: ffffffffffffffda RBX: 00007ff4fe536058 RCX: 00007ff4fe37e719
[  481.442513][ T7567] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000068040200
[  481.450509][ T7567] RBP: 00007ff4ff11b090 R08: 0000000000000000 R09: 0000000000000000
[  481.458511][ T7567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.466514][ T7567] R13: 0000000000000000 R14: 00007ff4fe536058 R15: 00007ffc4eb48b38
[  481.474534][ T7567]  </TASK>
[  483.576042][ T7582] netlink: 8 bytes leftover after parsing attributes in process `syz.4.460'.
[  483.877498][ T7607] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  483.886128][ T7607] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  483.895114][ T7607] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  483.903017][ T7607] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  490.015011][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  490.024594][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  490.041310][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  490.050531][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  490.059252][   T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  490.066714][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  490.540575][ T5989] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  491.120176][ T5989] usb 3-1: device descriptor read/64, error -71
[  491.303587][ T7655] chnl_net:caif_netlink_parms(): no params data found
[  491.365271][ T5989] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  491.437398][ T7655] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.448537][ T7655] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.461811][ T7655] bridge_slave_0: entered allmulticast mode
[  491.472322][ T7655] bridge_slave_0: entered promiscuous mode
[  491.488474][ T7655] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.500202][ T7655] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.505183][ T5989] usb 3-1: device descriptor read/64, error -71
[  491.509729][ T7655] bridge_slave_1: entered allmulticast mode
[  491.530175][ T7655] bridge_slave_1: entered promiscuous mode
[  491.572140][ T7655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  491.592437][ T7655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  491.615345][ T5989] usb usb3-port1: attempt power cycle
[  491.638907][ T7655] team0: Port device team_slave_0 added
[  491.647388][ T7655] team0: Port device team_slave_1 added
[  491.692692][ T7655] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.706457][ T7655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.739654][ T7655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  491.758153][ T7655] batman_adv: batadv0: Adding interface: batadv_slave_1
[  491.765407][ T7655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.791881][ T7655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  491.834975][ T7655] hsr_slave_0: entered promiscuous mode
[  491.845998][ T7655] hsr_slave_1: entered promiscuous mode
[  491.854817][ T7655] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  491.863606][ T7655] Cannot create hsr debugfs directory
[  491.965324][ T5989] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  491.995638][ T5989] usb 3-1: device descriptor read/8, error -71
[  492.051914][ T7655] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  492.066429][ T7655] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  492.075757][ T7655] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  492.085624][ T7655] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  492.115319][   T54] Bluetooth: hci5: command tx timeout
[  492.115928][ T7655] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.128751][ T7655] bridge0: port 2(bridge_slave_1) entered forwarding state
[  492.136228][ T7655] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.143395][ T7655] bridge0: port 1(bridge_slave_0) entered forwarding state
[  492.213289][ T7655] 8021q: adding VLAN 0 to HW filter on device bond0
[  492.234626][ T6072] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.244064][ T6072] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.255117][ T5989] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  492.278808][ T7655] 8021q: adding VLAN 0 to HW filter on device team0
[  492.286270][ T5989] usb 3-1: device descriptor read/8, error -71
[  492.301696][ T6127] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.308848][ T6127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  492.324551][ T6127] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.331779][ T6127] bridge0: port 2(bridge_slave_1) entered forwarding state
[  492.405543][ T5989] usb usb3-port1: unable to enumerate USB device
[  492.524853][ T7655] 8021q: adding VLAN 0 to HW filter on device batadv0
[  492.978898][ T7655] veth0_vlan: entered promiscuous mode
[  493.371339][ T7655] veth1_vlan: entered promiscuous mode
[  493.605828][ T7655] veth0_macvtap: entered promiscuous mode
[  493.630755][ T7655] veth1_macvtap: entered promiscuous mode
[  493.659042][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.684967][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.702948][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.713694][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.723591][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.734094][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.744003][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.754513][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.764402][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.774979][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.786260][ T7655] batman_adv: batadv0: Interface activated: batadv_slave_0
[  493.927596][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  493.941546][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.004317][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.186979][   T54] Bluetooth: hci5: command tx timeout
[  494.439913][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.663708][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.775060][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.786290][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.797877][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.808721][ T7655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.832564][ T7655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.844552][ T7655] batman_adv: batadv0: Interface activated: batadv_slave_1
[  494.997492][ T7655] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  495.021482][ T7655] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  495.055359][ T7655] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  495.075136][ T7655] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.286433][   T54] Bluetooth: hci5: command tx timeout
[  497.218633][ T6174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.234063][ T6174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.314800][ T5903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.334662][ T5903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.455385][   T25] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  497.635232][   T25] usb 3-1: Using ep0 maxpacket: 32
[  497.701707][   T25] usb 3-1: unable to get BOS descriptor or descriptor too short
[  497.907288][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  498.369025][   T54] Bluetooth: hci5: command tx timeout
[  499.287458][   T25] usb 3-1: New USB device found, idVendor=0123, idProduct=0001, bcdDevice=4a.fe
[  499.296583][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.304568][   T25] usb 3-1: Product: syz
[  499.315033][   T25] usb 3-1: Manufacturer: syz
[  499.319680][   T25] usb 3-1: SerialNumber: syz
[  499.398512][   T25] usb 3-1: config 0 descriptor??
[  499.841277][   T25] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input22
[  499.860846][ T7766] netlink: 4 bytes leftover after parsing attributes in process `syz.5.503'.
[  499.929224][ T5989] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  500.013519][ T5976] usb 3-1: USB disconnect, device number 15
[  500.095105][ T5989] usb 5-1: Using ep0 maxpacket: 8
[  500.102737][ T5989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  500.114519][ T5989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  500.125186][ T5989] usb 5-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  500.134400][ T5989] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.146035][ T5989] usb 5-1: config 0 descriptor??
[  500.585974][ T5989] glorious 0003:258A:0036.0009: unknown main item tag 0x4
[  500.594266][ T5989] glorious 0003:258A:0036.0009: item fetching failed at offset 4/5
[  500.767795][ T5989] glorious 0003:258A:0036.0009: probe with driver glorious failed with error -22
[  500.799220][ T5989] usb 5-1: USB disconnect, device number 12
[  501.665424][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.673516][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  503.255096][ T5989] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  503.425787][ T5989] usb 5-1: Using ep0 maxpacket: 32
[  503.439367][ T5989] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  503.488216][ T5989] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.701758][ T5989] usb 5-1: config 0 descriptor??
[  503.959707][ T5989] gspca_main: nw80x-2.14.0 probing 055f:d001
[  504.466108][ T5989] gspca_nw80x: reg_w err -71
[  504.470837][ T5989] nw80x 5-1:0.0: probe with driver nw80x failed with error -71
[  504.508814][ T5989] usb 5-1: USB disconnect, device number 13
[  505.147559][ T5989] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  505.307241][ T5989] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  505.317972][ T5989] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  505.343079][ T5989] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  505.352978][ T5989] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  505.385209][ T5989] usb 5-1: SerialNumber: syz
[  505.837073][ T7867] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  505.853194][ T7867] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  506.045065][ T5976] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  506.132640][ T7871] No such timeout policy "syz0"
[  506.149106][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  506.149126][   T29] audit: type=1107 audit(1730686234.576:1897): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='1Ìøî{kë’p¢Ó—l‡•+I%7ͤmç¦Î[‘4þøðýGç„gž¼Ï³˜~ª'
[  506.213237][ T5989] usb 5-1: 0:2 : does not exist
[  506.220695][ T5976] usb 4-1: Using ep0 maxpacket: 16
[  506.226122][ T5989] usb 5-1: unit 55 not found!
[  506.232835][ T5976] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  506.248823][ T5976] usb 4-1: New USB device found, idVendor=6161, idProduct=4d11, bcdDevice= 0.00
[  506.260915][ T5989] usb 5-1: USB disconnect, device number 14
[  506.269742][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.288447][ T5976] usb 4-1: config 0 descriptor??
[  506.571133][    T8] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  507.059916][   T51] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  507.295087][   T51] usb 6-1: Using ep0 maxpacket: 32
[  507.335539][   T51] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  507.355765][   T51] usb 6-1: config 0 has no interface number 0
[  507.362090][   T51] usb 6-1: config 0 interface 12 has no altsetting 0
[  507.396891][   T51] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  507.421812][   T51] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.423023][    T8] usb 3-1: Using ep0 maxpacket: 8
[  507.434679][   T51] usb 6-1: Product: syz
[  507.444646][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  507.445986][   T51] usb 6-1: Manufacturer: syz
[  507.456303][    T8] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  507.460671][   T51] usb 6-1: SerialNumber: syz
[  507.466360][   T51] usb 6-1: config 0 descriptor??
[  507.477393][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.543176][    T8] usb 3-1: config 0 descriptor??
[  507.795291][ T7879] netlink: 20 bytes leftover after parsing attributes in process `syz.2.536'.
[  507.842750][    T8] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  508.043182][   T25] usb 3-1: USB disconnect, device number 16
[  508.059858][   T25] iowarrior 3-1:0.0: I/O-Warror #0 now disconnected
[  508.155575][   T51] f81534 6-1:0.12: f81534_set_register: reg: 1003 data: e0 failed: -71
[  508.167131][   T51] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  508.174597][   T51] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  508.182786][   T51] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[  508.195286][   T51] usb 6-1: USB disconnect, device number 2
[  508.395050][    T8] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  508.555163][    T8] usb 5-1: device descriptor read/64, error -71
[  508.800225][ T5989] usb 4-1: USB disconnect, device number 17
[  508.806667][    T8] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  509.765012][   T51] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  509.777093][ T7911] QAT: failed to copy from user cfg_data.
[  509.824992][    T8] usb 5-1: device descriptor read/64, error -71
[  509.930814][   T51] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  509.946819][   T51] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  509.947284][    T8] usb usb5-port1: attempt power cycle
[  509.961255][   T51] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  509.980669][   T51] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  509.990761][   T51] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  510.013507][   T51] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.023714][   T51] usb 6-1: config 0 descriptor??
[  510.251768][ T7907] syz.5.545 (7907): attempted to duplicate a private mapping with mremap.  This is not supported.
[  510.325108][    T8] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  510.348338][    T8] usb 5-1: device descriptor read/8, error -71
[  510.427389][   T51] hdpvr 6-1:0.0: firmware version 0x0 dated 
[  510.434279][   T51] hdpvr 6-1:0.0: untested firmware, the driver might not work.
[  510.668227][    T8] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  510.709779][    T8] usb 5-1: device descriptor read/8, error -71
[  510.836441][    T8] usb usb5-port1: unable to enumerate USB device
[  511.729994][   T51] hdpvr 6-1:0.0: Could not setup controls
[  511.875410][   T51] hdpvr 6-1:0.0: registering videodev failed
[  511.889340][ T7946] netlink: 40 bytes leftover after parsing attributes in process `syz.3.556'.
[  511.946269][   T51] hdpvr 6-1:0.0: probe with driver hdpvr failed with error -71
[  512.007890][   T51] usb 6-1: USB disconnect, device number 3
[  512.329309][ T7949] netlink: 'syz.3.558': attribute type 10 has an invalid length.
[  512.372468][ T7949] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  512.392227][ T7951] netlink: 24 bytes leftover after parsing attributes in process `syz.5.559'.
[  512.781139][ T7970] netlink: 'syz.0.566': attribute type 1 has an invalid length.
[  512.797567][ T7970] netlink: 9348 bytes leftover after parsing attributes in process `syz.0.566'.
[  512.830703][   T54] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  513.125518][ T7970] netlink: 'syz.0.566': attribute type 1 has an invalid length.
[  514.320240][ T7970] netlink: 20 bytes leftover after parsing attributes in process `syz.0.566'.
[  514.361578][ T7984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.569'.
[  514.864279][ T7989] netlink: 'syz.3.567': attribute type 11 has an invalid length.
[  514.872200][ T7989] FAULT_INJECTION: forcing a failure.
[  514.872200][ T7989] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  514.885581][ T7989] CPU: 0 UID: 0 PID: 7989 Comm: syz.3.567 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  514.896225][ T7989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  514.906294][ T7989] Call Trace:
[  514.909583][ T7989]  <TASK>
[  514.912534][ T7989]  dump_stack_lvl+0x241/0x360
[  514.917234][ T7989]  ? __pfx_dump_stack_lvl+0x10/0x10
[  514.922446][ T7989]  ? __pfx__printk+0x10/0x10
[  514.927052][ T7989]  ? _prb_read_valid+0xa39/0xac0
[  514.932010][ T7989]  should_fail_ex+0x3b0/0x4e0
[  514.936721][ T7989]  prepare_alloc_pages+0x1da/0x5b0
[  514.941880][ T7989]  __alloc_pages_noprof+0x16f/0x710
[  514.947152][ T7989]  ? mark_lock+0x9a/0x360
[  514.951493][ T7989]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  514.957229][ T7989]  ? __lock_acquire+0x1384/0x2050
[  514.962314][ T7989]  ? mark_lock+0x9a/0x360
[  514.966656][ T7989]  ___kmalloc_large_node+0x8b/0x1d0
[  514.971883][ T7989]  __kmalloc_large_node_noprof+0x1a/0x80
[  514.977524][ T7989]  ? wiphy_new_nm+0x625/0x19a0
[  514.982298][ T7989]  __kmalloc_noprof+0x2ae/0x400
[  514.987155][ T7989]  wiphy_new_nm+0x625/0x19a0
[  514.991751][ T7989]  ? ieee80211_alloc_hw_nm+0x8f9/0x1ea0
[  514.997310][ T7989]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  515.003838][ T7989]  ieee80211_alloc_hw_nm+0x3d4/0x1ea0
[  515.009231][ T7989]  ? __pfx_vprintk_emit+0x10/0x10
[  515.014267][ T7989]  ? mac80211_hwsim_new_radio+0xf7/0x4a90
[  515.020007][ T7989]  mac80211_hwsim_new_radio+0x1db/0x4a90
[  515.025745][ T7989]  ? _printk+0xd5/0x120
[  515.029913][ T7989]  ? __nla_validate_parse+0x15e5/0x3090
[  515.035470][ T7989]  ? __pfx__printk+0x10/0x10
[  515.040074][ T7989]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  515.046163][ T7989]  hwsim_new_radio_nl+0xece/0x2290
[  515.051286][ T7989]  ? __pfx___nla_validate_parse+0x10/0x10
[  515.057016][ T7989]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  515.062588][ T7989]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  515.068936][ T7989]  genl_rcv_msg+0xb14/0xec0
[  515.073457][ T7989]  ? mark_lock+0x9a/0x360
[  515.077830][ T7989]  ? __pfx_genl_rcv_msg+0x10/0x10
[  515.082925][ T7989]  ? __pfx_lock_acquire+0x10/0x10
[  515.087965][ T7989]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  515.093513][ T7989]  ? __pfx___might_resched+0x10/0x10
[  515.098818][ T7989]  netlink_rcv_skb+0x1e3/0x430
[  515.103588][ T7989]  ? __pfx_genl_rcv_msg+0x10/0x10
[  515.108625][ T7989]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  515.113926][ T7989]  ? __netlink_deliver_tap+0x77e/0x7c0
[  515.119427][ T7989]  genl_rcv+0x28/0x40
[  515.123418][ T7989]  netlink_unicast+0x7f6/0x990
[  515.128213][ T7989]  ? __pfx_netlink_unicast+0x10/0x10
[  515.133496][ T7989]  ? __virt_addr_valid+0x183/0x530
[  515.138628][ T7989]  ? __check_object_size+0x48e/0x900
[  515.143933][ T7989]  netlink_sendmsg+0x8e4/0xcb0
[  515.148716][ T7989]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.154080][ T7989]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.159385][ T7989]  __sock_sendmsg+0x221/0x270
[  515.164075][ T7989]  ____sys_sendmsg+0x52a/0x7e0
[  515.168864][ T7989]  ? __pfx_____sys_sendmsg+0x10/0x10
[  515.174186][ T7989]  __sys_sendmsg+0x292/0x380
[  515.178787][ T7989]  ? __pfx___sys_sendmsg+0x10/0x10
[  515.183915][ T7989]  ? __pfx_vfs_write+0x10/0x10
[  515.188708][ T7989]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  515.195074][ T7989]  ? do_syscall_64+0x100/0x230
[  515.199853][ T7989]  ? do_syscall_64+0xb6/0x230
[  515.204545][ T7989]  do_syscall_64+0xf3/0x230
[  515.209065][ T7989]  ? clear_bhb_loop+0x35/0x90
[  515.213761][ T7989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.219654][ T7989] RIP: 0033:0x7f1f7417e719
[  515.224071][ T7989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.243683][ T7989] RSP: 002b:00007f1f73bde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  515.252105][ T7989] RAX: ffffffffffffffda RBX: 00007f1f74336058 RCX: 00007f1f7417e719
[  515.260098][ T7989] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  515.268098][ T7989] RBP: 00007f1f73bde090 R08: 0000000000000000 R09: 0000000000000000
[  515.276110][ T7989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.284104][ T7989] R13: 0000000000000000 R14: 00007f1f74336058 R15: 00007fff1dcbecc8
[  515.292098][ T7989]  </TASK>
[  516.145432][ T5989] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  516.778617][ T5989] usb 6-1: device descriptor read/64, error -71
[  516.815156][ T5976] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  516.965138][ T5976] usb 3-1: Using ep0 maxpacket: 8
[  516.978341][ T5976] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  516.992284][ T5976] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  517.009787][ T5976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.023745][ T5976] usb 3-1: config 0 descriptor??
[  517.031349][ T5989] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  517.063724][ T5976] gspca_main: vc032x-2.14.0 probing 046d:0892
[  517.205178][ T5989] usb 6-1: device descriptor read/64, error -71
[  517.325656][ T5989] usb usb6-port1: attempt power cycle
[  518.354064][ T5976] gspca_vc032x: reg_w err -71
[  518.359610][ T5976] vc032x 3-1:0.0: probe with driver vc032x failed with error -71
[  518.369032][ T5976] usb 3-1: USB disconnect, device number 17
[  519.558200][ T8041] FAULT_INJECTION: forcing a failure.
[  519.558200][ T8041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  519.667917][ T8041] CPU: 1 UID: 0 PID: 8041 Comm: syz.2.588 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  519.678585][ T8041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  519.688685][ T8041] Call Trace:
[  519.691999][ T8041]  <TASK>
[  519.694971][ T8041]  dump_stack_lvl+0x241/0x360
[  519.699694][ T8041]  ? __pfx_dump_stack_lvl+0x10/0x10
[  519.704929][ T8041]  ? __pfx__printk+0x10/0x10
[  519.709562][ T8041]  ? __pfx_lock_release+0x10/0x10
[  519.714639][ T8041]  should_fail_ex+0x3b0/0x4e0
[  519.719348][ T8041]  _copy_from_user+0x2f/0xc0
[  519.723991][ T8041]  kstrtouint_from_user+0xc6/0x190
[  519.729144][ T8041]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  519.734908][ T8041]  ? __pfx_lock_acquire+0x10/0x10
[  519.740018][ T8041]  proc_fail_nth_write+0xaa/0x2d0
[  519.745085][ T8041]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  519.751013][ T8041]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  519.756700][ T8041]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  519.762375][ T8041]  vfs_write+0x2a3/0xd30
[  519.766662][ T8041]  ? fdget_pos+0x24e/0x320
[  519.771133][ T8041]  ? __pfx_vfs_write+0x10/0x10
[  519.775956][ T8041]  ? __fget_files+0x3f3/0x470
[  519.780687][ T8041]  ? fdget_pos+0x24e/0x320
[  519.785155][ T8041]  ksys_write+0x183/0x2b0
[  519.789539][ T8041]  ? __pfx_ksys_write+0x10/0x10
[  519.794458][ T8041]  do_syscall_64+0xf3/0x230
[  519.799004][ T8041]  ? clear_bhb_loop+0x35/0x90
[  519.803721][ T8041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.809655][ T8041] RIP: 0033:0x7fdffd57d1ff
[  519.814117][ T8041] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  519.833761][ T8041] RSP: 002b:00007fdffe333030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  519.842215][ T8041] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdffd57d1ff
[  519.850203][ T8041] RDX: 0000000000000001 RSI: 00007fdffe3330a0 RDI: 0000000000000005
[  519.858178][ T8041] RBP: 00007fdffe333090 R08: 0000000000000000 R09: 0000000000000000
[  519.866154][ T8041] R10: 0000000000000007 R11: 0000000000000293 R12: 0000000000000001
[  519.874125][ T8041] R13: 0000000000000000 R14: 00007fdffd735f80 R15: 00007ffed2047cf8
[  519.882108][ T8041]  </TASK>
[  521.562972][ T8066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.597'.
[  521.935415][ T5989] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  522.107960][ T5989] usb 3-1: unable to get BOS descriptor or descriptor too short
[  522.118617][ T5989] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.130370][ T5989] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  522.145819][ T5989] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  522.164918][ T5989] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  522.175249][    T8] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  522.196725][ T5989] usb 3-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  522.217742][ T5989] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.240035][ T5989] usb 3-1: Product: syz
[  522.244254][ T5989] usb 3-1: Manufacturer: syz
[  522.263938][ T5989] usb 3-1: SerialNumber: syz
[  522.296477][ T5989] usb 3-1: config 0 descriptor??
[  522.311709][ T8078] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  522.322040][ T5989] pn533_usb 3-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  522.330725][    T8] usb 5-1: Using ep0 maxpacket: 32
[  522.340442][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.390610][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  522.405174][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  522.417985][    T8] usb 5-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=8e.57
[  522.427644][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.435785][    T8] usb 5-1: Product: syz
[  522.509986][   T29] audit: type=1326 audit(1730686250.936:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8089 comm="syz.3.605" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f7417e719 code=0x0
[  522.599233][ T8093] netlink: 16 bytes leftover after parsing attributes in process `syz.3.605'.
[  522.635663][ T8093] REæ6G: entered promiscuous mode
[  523.239626][    T8] usb 5-1: Manufacturer: syz
[  523.244284][    T8] usb 5-1: SerialNumber: syz
[  523.251918][    T8] usb 5-1: config 0 descriptor??
[  523.260030][    T8] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  523.444229][ T8104] syz.3.609: attempt to access beyond end of device
[  523.444229][ T8104] loop3: rw=0, sector=6, nr_sectors = 2 limit=0
[  523.458451][ T8104] ADFS-fs (loop3): error: unable to read block 3, try 0
[  523.533114][ T8109] 9pnet_fd: Insufficient options for proto=fd
[  523.568087][ T8111] FAULT_INJECTION: forcing a failure.
[  523.568087][ T8111] name failslab, interval 1, probability 0, space 0, times 0
[  523.580959][ T8111] CPU: 1 UID: 0 PID: 8111 Comm: syz.5.611 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  523.591609][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  523.601685][ T8111] Call Trace:
[  523.604980][ T8111]  <TASK>
[  523.607909][ T8111]  dump_stack_lvl+0x241/0x360
[  523.612594][ T8111]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.617820][ T8111]  ? __pfx__printk+0x10/0x10
[  523.622448][ T8111]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  523.628017][ T8111]  ? __pfx___might_resched+0x10/0x10
[  523.633318][ T8111]  should_fail_ex+0x3b0/0x4e0
[  523.638029][ T8111]  ? getname_flags+0xb7/0x540
[  523.642736][ T8111]  should_failslab+0xac/0x100
[  523.647475][ T8111]  ? getname_flags+0xb7/0x540
[  523.652156][ T8111]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  523.657544][ T8111]  getname_flags+0xb7/0x540
[  523.662050][ T8111]  ? _copy_from_user+0x99/0xc0
[  523.666835][ T8111]  user_path_at+0x24/0x60
[  523.671188][ T8111]  __se_sys_mount+0x297/0x3c0
[  523.675882][ T8111]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  523.681886][ T8111]  ? __pfx___se_sys_mount+0x10/0x10
[  523.687126][ T8111]  ? do_syscall_64+0x100/0x230
[  523.691923][ T8111]  ? __x64_sys_mount+0x20/0xc0
[  523.696732][ T8111]  do_syscall_64+0xf3/0x230
[  523.701272][ T8111]  ? clear_bhb_loop+0x35/0x90
[  523.705984][ T8111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.711909][ T8111] RIP: 0033:0x7ffb4a57e719
[  523.716344][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.735970][ T8111] RSP: 002b:00007ffb4b3f0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  523.744407][ T8111] RAX: ffffffffffffffda RBX: 00007ffb4a735f80 RCX: 00007ffb4a57e719
[  523.752378][ T8111] RDX: 00000000200002c0 RSI: 0000000020000280 RDI: 0000000020000040
[  523.760350][ T8111] RBP: 00007ffb4b3f0090 R08: 0000000000000000 R09: 0000000000000000
[  523.768326][ T8111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.776309][ T8111] R13: 0000000000000000 R14: 00007ffb4a735f80 R15: 00007ffd7163e7d8
[  523.784294][ T8111]  </TASK>
[  523.809880][ T5938] usb 5-1: USB disconnect, device number 19
[  524.506845][ T5989] usb 3-1: USB disconnect, device number 18
[  526.608668][ T8136] qnx4: no qnx4 filesystem (no root dir).
[  528.037472][ T8158] netlink: 'syz.5.623': attribute type 14 has an invalid length.
[  528.045602][ T8158] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (204)
[  528.170399][ T5989] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  528.212923][   T29] audit: type=1326 audit(1730686257.632:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.235095][   T29] audit: type=1326 audit(1730686257.632:1900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.257574][   T29] audit: type=1326 audit(1730686257.632:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.300432][ T8166] syz.5.628 uses old SIOCAX25GETINFO
[  528.324943][   T29] audit: type=1326 audit(1730686257.648:1902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.351014][ T5989] usb 4-1: unable to get BOS descriptor or descriptor too short
[  528.368316][ T5989] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  528.395145][ T5989] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  528.414940][ T5989] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  528.425013][   T29] audit: type=1326 audit(1730686257.648:1903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.455531][ T5989] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  528.466126][   T29] audit: type=1326 audit(1730686257.648:1904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.489107][   T29] audit: type=1326 audit(1730686257.648:1905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8163 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeb4d7e719 code=0x7ffc0000
[  528.514162][ T5989] usb 4-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  528.581631][ T5989] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.846697][ T5989] usb 4-1: Product: syz
[  528.881872][ T8175] syz.5.632: attempt to access beyond end of device
[  528.881872][ T8175] nbd5: rw=0, sector=64, nr_sectors = 1 limit=0
[  528.896780][ T8175] syz.5.632: attempt to access beyond end of device
[  528.896780][ T8175] nbd5: rw=0, sector=256, nr_sectors = 1 limit=0
[  528.910692][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  528.922590][ T8175] syz.5.632: attempt to access beyond end of device
[  528.922590][ T8175] nbd5: rw=0, sector=512, nr_sectors = 1 limit=0
[  528.936481][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  528.946210][ T8175] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  528.953883][ T8175] UDF-fs: Scanning with blocksize 512 failed
[  528.975162][ T8175] syz.5.632: attempt to access beyond end of device
[  528.975162][ T8175] nbd5: rw=0, sector=64, nr_sectors = 2 limit=0
[  528.993250][ T8175] syz.5.632: attempt to access beyond end of device
[  528.993250][ T8175] nbd5: rw=0, sector=512, nr_sectors = 2 limit=0
[  529.006966][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  529.020215][ T8175] syz.5.632: attempt to access beyond end of device
[  529.020215][ T8175] nbd5: rw=0, sector=1024, nr_sectors = 2 limit=0
[  529.034767][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  529.044448][ T8175] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  529.052273][ T8175] UDF-fs: Scanning with blocksize 1024 failed
[  529.069666][ T8175] syz.5.632: attempt to access beyond end of device
[  529.069666][ T8175] nbd5: rw=0, sector=64, nr_sectors = 4 limit=0
[  529.089128][ T8175] syz.5.632: attempt to access beyond end of device
[  529.089128][ T8175] nbd5: rw=0, sector=1024, nr_sectors = 4 limit=0
[  529.102920][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  529.115624][ T8175] syz.5.632: attempt to access beyond end of device
[  529.115624][ T8175] nbd5: rw=0, sector=2048, nr_sectors = 4 limit=0
[  529.130175][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  529.139887][ T8175] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  529.148306][ T8175] UDF-fs: Scanning with blocksize 2048 failed
[  529.155027][ T8175] syz.5.632: attempt to access beyond end of device
[  529.155027][ T8175] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[  529.168268][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  529.178037][ T8175] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  529.187583][ T8175] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  529.195197][ T8175] UDF-fs: Scanning with blocksize 4096 failed
[  529.201292][ T8175] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[  529.469386][ T5989] usb 4-1: Manufacturer: syz
[  529.475765][ T5989] usb 4-1: SerialNumber: syz
[  529.523199][ T8181] netlink: 12 bytes leftover after parsing attributes in process `syz.5.632'.
[  529.548891][ T5989] usb 4-1: config 0 descriptor??
[  529.746004][ T8150] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  529.796533][ T5938] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  529.851652][ T8184] vcan0: tx drop: invalid da for name 0x0000000000000003
[  529.968383][ T5938] usb 5-1: Using ep0 maxpacket: 16
[  529.995545][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  530.018057][ T5938] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[  530.035050][ T5938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.043633][ T5938] usb 5-1: Product: syz
[  530.054973][ T5938] usb 5-1: Manufacturer: syz
[  530.059607][ T5938] usb 5-1: SerialNumber: syz
[  530.190387][ T5989] pn533_usb 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  530.255109][ T5976] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  530.282911][ T5938] usb 5-1: config 0 descriptor??
[  530.346721][ T5938] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  530.407814][ T5976] usb 3-1: device descriptor read/64, error -71
[  530.519910][ T5938] usb 5-1: USB disconnect, device number 20
[  530.545480][   T71] usb 5-1: Failed to submit usb control message: -71
[  530.567155][   T71] usb 5-1: unable to send the bmi data to the device: -71
[  530.956738][   T71] usb 5-1: unable to get target info from device
[  530.974956][   T71] usb 5-1: could not get target info (-71)
[  530.981034][   T71] usb 5-1: could not probe fw (-71)
[  531.024985][ T5976] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  531.189010][ T5976] usb 3-1: device descriptor read/64, error -71
[  531.315157][ T5976] usb usb3-port1: attempt power cycle
[  531.338981][   T51] usb 4-1: USB disconnect, device number 18
[  531.735658][   T29] audit: type=1326 audit(1730686262.154:1906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4fe37e719 code=0x7ffc0000
[  531.825093][   T29] audit: type=1326 audit(1730686262.154:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4fe37e719 code=0x7ffc0000
[  531.922846][   T29] audit: type=1326 audit(1730686262.154:1908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff4fe37e719 code=0x7ffc0000
[  532.026672][ T5989] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  532.876848][ T5989] usb 5-1: Using ep0 maxpacket: 16
[  532.917262][ T5989] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  533.040202][ T5989] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.095207][ T5989] usb 5-1: Product: syz
[  533.099442][ T5989] usb 5-1: Manufacturer: syz
[  533.103137][ T8230] netlink: 'syz.3.645': attribute type 3 has an invalid length.
[  533.104051][ T5989] usb 5-1: SerialNumber: syz
[  533.913882][ T5989] usb 5-1: config 0 descriptor??
[  533.932574][ T5989] visor 5-1:0.0: Sony Clie 3.5 converter detected
[  533.939877][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  533.939894][   T29] audit: type=1326 audit(1730686264.354:1936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff4fe37e31b code=0x7ffc0000
[  533.969381][   T29] audit: type=1326 audit(1730686264.354:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff4fe37e31b code=0x7ffc0000
[  533.990956][   T29] audit: type=1326 audit(1730686264.354:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff4fe37e31b code=0x7ffc0000
[  534.012638][   T29] audit: type=1326 audit(1730686264.394:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff4fe3b0805 code=0x7ffc0000
[  534.165687][   T29] audit: type=1326 audit(1730686264.594:1940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4fe37e719 code=0x7ffc0000
[  534.174126][ T5989] usb 5-1: clie_3_5_startup: get config number failed: -71
[  534.194758][ T5989] visor 5-1:0.0: probe with driver visor failed with error -71
[  534.220516][ T5989] usb 5-1: USB disconnect, device number 21
[  534.269720][   T29] audit: type=1326 audit(1730686264.594:1941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8212 comm="syz.4.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4fe37e719 code=0x7ffc0000
[  534.828170][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  535.037328][    T9] usb 4-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=a6.78
[  535.046646][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.075759][    T9] usb 4-1: Product: syz
[  535.080156][    T9] usb 4-1: Manufacturer: syz
[  535.089344][    T9] usb 4-1: SerialNumber: syz
[  535.112811][    T9] usb 4-1: config 0 descriptor??
[  535.165548][    T9] cytherm 4-1:0.0: Cypress thermometer device now attached
[  535.345622][ T5989] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  535.541315][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.575083][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  535.601081][ T5989] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  535.799110][ T8257] netlink: 28 bytes leftover after parsing attributes in process `syz.4.655'.
[  535.814485][ T5989] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.868444][ T5989] usb 6-1: config 0 descriptor??
[  536.892451][ T5989] usb 6-1: language id specifier not provided by device, defaulting to English
[  537.181263][ T5976] usb 4-1: USB disconnect, device number 19
[  537.195930][ T5976] cytherm 4-1:0.0: Cypress thermometer now disconnected
[  537.205525][ T5989] uclogic 0003:256C:006D.000A: failed retrieving string descriptor #200: -71
[  537.232503][ T5989] uclogic 0003:256C:006D.000A: failed retrieving pen parameters: -71
[  537.254279][ T5989] uclogic 0003:256C:006D.000A: failed probing pen v2 parameters: -71
[  537.272836][ T5989] uclogic 0003:256C:006D.000A: failed probing parameters: -71
[  537.292396][ T5989] uclogic 0003:256C:006D.000A: probe with driver uclogic failed with error -71
[  537.414782][ T8280] bio_check_eod: 2 callbacks suppressed
[  537.414805][ T8280] syz.4.662: attempt to access beyond end of device
[  537.414805][ T8280] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[  537.521818][ T8280] SQUASHFS error: Failed to read block 0x0: -5
[  537.549573][ T8280] unable to read squashfs_super_block
[  537.810918][ T5989] usb 6-1: USB disconnect, device number 7
[  537.912733][ T8290] netlink: 28 bytes leftover after parsing attributes in process `syz.2.666'.
[  538.018428][ T8292] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  538.029839][ T8292] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  538.203255][ T8302] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  538.635115][   T51] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  539.335138][   T51] usb 3-1: Using ep0 maxpacket: 16
[  539.342497][   T51] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  539.354694][   T51] usb 3-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  539.364855][   T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.373708][   T51] usb 3-1: Product: syz
[  539.377980][   T51] usb 3-1: Manufacturer: syz
[  539.382619][   T51] usb 3-1: SerialNumber: syz
[  539.393217][   T51] usb 3-1: config 0 descriptor??
[  539.449274][ T8320] FAULT_INJECTION: forcing a failure.
[  539.449274][ T8320] name failslab, interval 1, probability 0, space 0, times 0
[  539.462256][ T8320] CPU: 1 UID: 0 PID: 8320 Comm: syz.5.678 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  539.472902][ T8320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  539.483014][ T8320] Call Trace:
[  539.486329][ T8320]  <TASK>
[  539.489303][ T8320]  dump_stack_lvl+0x241/0x360
[  539.494043][ T8320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.499277][ T8320]  ? __pfx__printk+0x10/0x10
[  539.503902][ T8320]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  539.509933][ T8320]  ? __pfx___might_resched+0x10/0x10
[  539.515283][ T8320]  should_fail_ex+0x3b0/0x4e0
[  539.519990][ T8320]  should_failslab+0xac/0x100
[  539.524689][ T8320]  ? __alloc_skb+0x1c3/0x440
[  539.529303][ T8320]  kmem_cache_alloc_node_noprof+0x71/0x320
[  539.535135][ T8320]  __alloc_skb+0x1c3/0x440
[  539.539564][ T8320]  ? __pfx___alloc_skb+0x10/0x10
[  539.544605][ T8320]  ? netlink_ack_tlv_len+0x6e/0x200
[  539.549827][ T8320]  netlink_ack+0x13f/0xa30
[  539.554254][ T8320]  ? ____sys_sendmsg+0x52a/0x7e0
[  539.559212][ T8320]  ? __sys_sendmsg+0x292/0x380
[  539.563993][ T8320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.570087][ T8320]  netlink_rcv_skb+0x262/0x430
[  539.574880][ T8320]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  539.580398][ T8320]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  539.585710][ T8320]  ? cap_capable+0x1b4/0x250
[  539.590322][ T8320]  ? safesetid_security_capable+0xb2/0x1d0
[  539.596168][ T8320]  ? bpf_lsm_capable+0x9/0x10
[  539.600875][ T8320]  ? security_capable+0x7e/0x2d0
[  539.605848][ T8320]  nfnetlink_rcv+0x297/0x2ab0
[  539.610552][ T8320]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  539.616309][ T8320]  ? __dev_queue_xmit+0x2da/0x3ed0
[  539.621445][ T8320]  ? __dev_queue_xmit+0x171d/0x3ed0
[  539.626661][ T8320]  ? kasan_save_track+0x51/0x80
[  539.631536][ T8320]  ? do_syscall_64+0xf3/0x230
[  539.636231][ T8320]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  539.641351][ T8320]  ? __dev_queue_xmit+0x2da/0x3ed0
[  539.646474][ T8320]  ? __pfx___dev_queue_xmit+0x10/0x10
[  539.651870][ T8320]  ? ref_tracker_free+0x643/0x7e0
[  539.656914][ T8320]  ? __asan_memcpy+0x40/0x70
[  539.661536][ T8320]  ? __pfx_ref_tracker_free+0x10/0x10
[  539.666934][ T8320]  ? netlink_deliver_tap+0x2e/0x1b0
[  539.672143][ T8320]  ? skb_clone+0x240/0x390
[  539.676579][ T8320]  ? __pfx_lock_release+0x10/0x10
[  539.681622][ T8320]  ? __netlink_deliver_tap+0x77e/0x7c0
[  539.687102][ T8320]  ? netlink_deliver_tap+0x2e/0x1b0
[  539.692319][ T8320]  netlink_unicast+0x7f6/0x990
[  539.697097][ T8320]  ? __pfx_netlink_unicast+0x10/0x10
[  539.702387][ T8320]  ? __virt_addr_valid+0x183/0x530
[  539.707522][ T8320]  ? __check_object_size+0x48e/0x900
[  539.712846][ T8320]  netlink_sendmsg+0x8e4/0xcb0
[  539.717648][ T8320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  539.722964][ T8320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  539.728262][ T8320]  __sock_sendmsg+0x221/0x270
[  539.732965][ T8320]  ____sys_sendmsg+0x52a/0x7e0
[  539.737750][ T8320]  ? __pfx_____sys_sendmsg+0x10/0x10
[  539.743058][ T8320]  __sys_sendmsg+0x292/0x380
[  539.747680][ T8320]  ? __pfx___sys_sendmsg+0x10/0x10
[  539.752813][ T8320]  ? __pfx_vfs_write+0x10/0x10
[  539.757624][ T8320]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  539.763983][ T8320]  ? do_syscall_64+0x100/0x230
[  539.768761][ T8320]  ? do_syscall_64+0xb6/0x230
[  539.773473][ T8320]  do_syscall_64+0xf3/0x230
[  539.777990][ T8320]  ? clear_bhb_loop+0x35/0x90
[  539.782674][ T8320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.788579][ T8320] RIP: 0033:0x7ffb4a57e719
[  539.793007][ T8320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.812622][ T8320] RSP: 002b:00007ffb4b3f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  539.821053][ T8320] RAX: ffffffffffffffda RBX: 00007ffb4a735f80 RCX: 00007ffb4a57e719
[  539.829034][ T8320] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  539.837012][ T8320] RBP: 00007ffb4b3f0090 R08: 0000000000000000 R09: 0000000000000000
[  539.844996][ T8320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  539.852972][ T8320] R13: 0000000000000000 R14: 00007ffb4a735f80 R15: 00007ffd7163e7d8
[  539.860965][ T8320]  </TASK>
[  539.869325][ T5902] usb 3-1: USB disconnect, device number 22
[  539.918209][ T8321] netlink: 24 bytes leftover after parsing attributes in process `syz.3.677'.
[  539.979275][ T8326] netlink: 28 bytes leftover after parsing attributes in process `syz.5.680'.
[  540.128711][ T8328] FAULT_INJECTION: forcing a failure.
[  540.128711][ T8328] name failslab, interval 1, probability 0, space 0, times 0
[  540.141817][ T8328] CPU: 0 UID: 0 PID: 8328 Comm: syz.4.681 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  540.152464][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  540.162543][ T8328] Call Trace:
[  540.165841][ T8328]  <TASK>
[  540.168777][ T8328]  dump_stack_lvl+0x241/0x360
[  540.173482][ T8328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.178696][ T8328]  ? __pfx__printk+0x10/0x10
[  540.183348][ T8328]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  540.188838][ T8328]  ? __pfx___might_resched+0x10/0x10
[  540.194144][ T8328]  should_fail_ex+0x3b0/0x4e0
[  540.198831][ T8328]  should_failslab+0xac/0x100
[  540.203537][ T8328]  ? snd_pcm_oss_change_params_locked+0x823/0x3d60
[  540.210052][ T8328]  __kmalloc_cache_noprof+0x6c/0x2c0
[  540.215349][ T8328]  snd_pcm_oss_change_params_locked+0x823/0x3d60
[  540.221680][ T8328]  ? __pfx___might_resched+0x10/0x10
[  540.226984][ T8328]  ? __pfx___mutex_trylock_common+0x10/0x10
[  540.232906][ T8328]  ? trace_contention_end+0x3c/0x120
[  540.238241][ T8328]  ? mark_lock+0x9a/0x360
[  540.242573][ T8328]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  540.249349][ T8328]  ? __pfx___mutex_lock+0x10/0x10
[  540.255839][ T8328]  snd_pcm_oss_read+0x246/0x940
[  540.260737][ T8328]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  540.266133][ T8328]  vfs_read+0x1fc/0xb70
[  540.270311][ T8328]  ? __pfx_vfs_read+0x10/0x10
[  540.275001][ T8328]  ? __fget_files+0x29/0x470
[  540.279605][ T8328]  ? __fget_files+0x3f3/0x470
[  540.284291][ T8328]  ? __fget_files+0x29/0x470
[  540.288899][ T8328]  ? fdget_pos+0x19a/0x320
[  540.293332][ T8328]  ksys_read+0x183/0x2b0
[  540.297605][ T8328]  ? __pfx_ksys_read+0x10/0x10
[  540.302395][ T8328]  ? do_syscall_64+0x100/0x230
[  540.307221][ T8328]  ? do_syscall_64+0xb6/0x230
[  540.311926][ T8328]  do_syscall_64+0xf3/0x230
[  540.316452][ T8328]  ? clear_bhb_loop+0x35/0x90
[  540.321159][ T8328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.327064][ T8328] RIP: 0033:0x7ff4fe37e719
[  540.331504][ T8328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.351149][ T8328] RSP: 002b:00007ff4ff13c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  540.359595][ T8328] RAX: ffffffffffffffda RBX: 00007ff4fe535f80 RCX: 00007ff4fe37e719
[  540.367579][ T8328] RDX: 0000000000002020 RSI: 0000000020004380 RDI: 0000000000000006
[  540.375563][ T8328] RBP: 00007ff4ff13c090 R08: 0000000000000000 R09: 0000000000000000
[  540.383607][ T8328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.391592][ T8328] R13: 0000000000000000 R14: 00007ff4fe535f80 R15: 00007ffc4eb48b38
[  540.399587][ T8328]  </TASK>
[  540.402664][    C0] vkms_vblank_simulate: vblank timer overrun
[  540.770236][ T8347] FAULT_INJECTION: forcing a failure.
[  540.770236][ T8347] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  540.784546][ T8347] CPU: 0 UID: 0 PID: 8347 Comm: syz.2.689 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  540.795184][ T8347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  540.805273][ T8347] Call Trace:
[  540.808582][ T8347]  <TASK>
[  540.811638][ T8347]  dump_stack_lvl+0x241/0x360
[  540.816365][ T8347]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.821601][ T8347]  ? __pfx__printk+0x10/0x10
[  540.826324][ T8347]  ? snprintf+0xda/0x120
[  540.830615][ T8347]  should_fail_ex+0x3b0/0x4e0
[  540.835338][ T8347]  _copy_to_user+0x31/0xb0
[  540.839792][ T8347]  simple_read_from_buffer+0xca/0x150
[  540.845217][ T8347]  proc_fail_nth_read+0x1e9/0x250
[  540.850297][ T8347]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  540.855891][ T8347]  ? rw_verify_area+0x55e/0x6f0
[  540.860785][ T8347]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  540.866402][ T8347]  vfs_read+0x1fc/0xb70
[  540.870631][ T8347]  ? fdget_pos+0x24e/0x320
[  540.875070][ T8347]  ? __pfx_vfs_read+0x10/0x10
[  540.879758][ T8347]  ? __fget_files+0x3f3/0x470
[  540.884478][ T8347]  ? fdget_pos+0x24e/0x320
[  540.888904][ T8347]  ksys_read+0x183/0x2b0
[  540.893161][ T8347]  ? __pfx_ksys_read+0x10/0x10
[  540.897935][ T8347]  ? do_syscall_64+0x100/0x230
[  540.902729][ T8347]  ? do_syscall_64+0xb6/0x230
[  540.907427][ T8347]  do_syscall_64+0xf3/0x230
[  540.911946][ T8347]  ? clear_bhb_loop+0x35/0x90
[  540.916635][ T8347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.922535][ T8347] RIP: 0033:0x7fdffd57d15c
[  540.926960][ T8347] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  540.946577][ T8347] RSP: 002b:00007fdffe333030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  540.955003][ T8347] RAX: ffffffffffffffda RBX: 00007fdffd735f80 RCX: 00007fdffd57d15c
[  540.962978][ T8347] RDX: 000000000000000f RSI: 00007fdffe3330a0 RDI: 0000000000000004
[  540.970954][ T8347] RBP: 00007fdffe333090 R08: 0000000000000000 R09: 0000000000000000
[  540.978931][ T8347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.986910][ T8347] R13: 0000000000000000 R14: 00007fdffd735f80 R15: 00007ffed2047cf8
[  540.994918][ T8347]  </TASK>
[  540.998020][    C0] vkms_vblank_simulate: vblank timer overrun
[  541.429514][ T8353] netlink: 28 bytes leftover after parsing attributes in process `syz.3.692'.
[  541.459267][ T8357] netlink: 'syz.2.691': attribute type 10 has an invalid length.
[  541.499329][ T8357] netlink: 2 bytes leftover after parsing attributes in process `syz.2.691'.
[  541.514964][ T8357] bridge0: entered promiscuous mode
[  542.339650][ T8362] netlink: 'syz.4.694': attribute type 7 has an invalid length.
[  542.347580][ T8362] netlink: 'syz.4.694': attribute type 8 has an invalid length.
[  542.355394][ T8362] netlink: 224 bytes leftover after parsing attributes in process `syz.4.694'.
[  542.935271][ T8382] Non-string source
[  543.101970][   T51] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  544.229028][   T51] usb 4-1: Using ep0 maxpacket: 16
[  544.236120][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.247294][   T51] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  544.260911][   T51] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  544.272056][   T51] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.321027][   T51] usb 4-1: config 0 descriptor??
[  544.482435][ T8398] netlink: 'syz.0.706': attribute type 3 has an invalid length.
[  544.496406][ T8398] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.706'.
[  544.509346][ T8398] netlink: 12 bytes leftover after parsing attributes in process `syz.0.706'.
[  545.435811][ T8405] FAULT_INJECTION: forcing a failure.
[  545.435811][ T8405] name failslab, interval 1, probability 0, space 0, times 0
[  545.448617][ T8405] CPU: 0 UID: 0 PID: 8405 Comm: syz.3.700 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  545.459240][ T8405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  545.469330][ T8405] Call Trace:
[  545.472635][ T8405]  <TASK>
[  545.475596][ T8405]  dump_stack_lvl+0x241/0x360
[  545.480318][ T8405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  545.485553][ T8405]  ? __pfx__printk+0x10/0x10
[  545.490178][ T8405]  ? fs_reclaim_acquire+0x93/0x130
[  545.495329][ T8405]  ? __pfx___might_resched+0x10/0x10
[  545.500656][ T8405]  should_fail_ex+0x3b0/0x4e0
[  545.505375][ T8405]  ? tomoyo_encode+0x26f/0x540
[  545.510180][ T8405]  should_failslab+0xac/0x100
[  545.514898][ T8405]  ? tomoyo_encode+0x26f/0x540
[  545.519708][ T8405]  __kmalloc_noprof+0xd8/0x400
[  545.524503][ T8405]  tomoyo_encode+0x26f/0x540
[  545.529142][ T8405]  tomoyo_realpath_from_path+0x59e/0x5e0
[  545.534819][ T8405]  tomoyo_path_number_perm+0x23a/0x880
[  545.540314][ T8405]  ? tomoyo_path_number_perm+0x208/0x880
[  545.545997][ T8405]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  545.552054][ T8405]  ? __fget_files+0x29/0x470
[  545.556682][ T8405]  ? __fget_files+0x3f3/0x470
[  545.561420][ T8405]  security_file_ioctl+0xc6/0x2a0
[  545.566490][ T8405]  __se_sys_ioctl+0x47/0x170
[  545.571153][ T8405]  do_syscall_64+0xf3/0x230
[  545.575706][ T8405]  ? clear_bhb_loop+0x35/0x90
[  545.580423][ T8405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.586484][ T8405] RIP: 0033:0x7f1f7417e31b
[  545.590930][ T8405] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  545.610578][ T8405] RSP: 002b:00007f1f73bdcf70 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  545.619035][ T8405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1f7417e31b
[  545.627032][ T8405] RDX: 00007f1f73bdcff0 RSI: 0000000040085507 RDI: 0000000000000003
[  545.635013][ T8405] RBP: 0000000000000003 R08: 00007f1f74460320 R09: 0000000000000000
[  545.642988][ T8405] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000020000000
[  545.650966][ T8405] R13: 0000000000000000 R14: 00007f1f74336058 R15: 00007fff1dcbecc8
[  545.658967][ T8405]  </TASK>
[  545.662021][    C0] vkms_vblank_simulate: vblank timer overrun
[  545.669644][ T8405] ERROR: Out of memory at tomoyo_realpath_from_path.
[  546.846479][ T7382] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  547.192714][   T51] usbhid 4-1:0.0: can't add hid device: -71
[  547.199417][   T51] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  547.207137][ T8424] FAULT_INJECTION: forcing a failure.
[  547.207137][ T8424] name failslab, interval 1, probability 0, space 0, times 0
[  547.207221][ T8424] CPU: 0 UID: 0 PID: 8424 Comm: syz.0.715 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  547.207264][ T8424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  547.240539][ T8424] Call Trace:
[  547.243850][ T8424]  <TASK>
[  547.246808][ T8424]  dump_stack_lvl+0x241/0x360
[  547.251531][ T8424]  ? __pfx_dump_stack_lvl+0x10/0x10
[  547.255228][ T7382] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  547.256748][ T8424]  ? __pfx__printk+0x10/0x10
[  547.256783][ T8424]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  547.276927][ T8424]  ? __pfx___might_resched+0x10/0x10
[  547.282269][ T8424]  should_fail_ex+0x3b0/0x4e0
[  547.286227][ T7382] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  547.286964][ T8424]  should_failslab+0xac/0x100
[  547.300692][ T8424]  ? ip6_setup_cork+0x1c3/0xfb0
[  547.305590][ T8424]  __kmalloc_cache_noprof+0x6c/0x2c0
[  547.310903][ T8424]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  547.312368][   T51] usb 4-1: USB disconnect, device number 20
[  547.317267][ T8424]  ip6_setup_cork+0x1c3/0xfb0
[  547.317311][ T8424]  ip6_append_data+0x20f/0x3a0
[  547.323356][ T7382] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  547.327896][ T8424]  ? __pfx_raw6_getfrag+0x10/0x10
[  547.327931][ T8424]  rawv6_sendmsg+0x18f1/0x23c0
[  547.327977][ T8424]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  547.332816][ T7382] usb 3-1: SerialNumber: syz
[  547.340705][ T8424]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  547.340754][ T8424]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  547.340813][ T8424]  ? inet_sendmsg+0x330/0x390
[  547.373944][ T7382] cdc_ether 3-1:1.0: skipping garbage
[  547.377180][ T8424]  __sock_sendmsg+0x1a6/0x270
[  547.377221][ T8424]  ____sys_sendmsg+0x52a/0x7e0
[  547.377255][ T8424]  ? __pfx_____sys_sendmsg+0x10/0x10
[  547.377285][ T8424]  ? rcu_is_watching+0x15/0xb0
[  547.377315][ T8424]  ? __might_fault+0xaa/0x120
[  547.393054][ T7382] usb 3-1: bad CDC descriptors
[  547.397420][ T8424]  __sys_sendmmsg+0x3ab/0x730
[  547.397468][ T8424]  ? __pfx___sys_sendmmsg+0x10/0x10
[  547.397510][ T8424]  ? __pfx_lock_release+0x10/0x10
[  547.397541][ T8424]  ? kstrtouint_from_user+0x128/0x190
[  547.397594][ T8424]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  547.438079][ T8424]  ? ksys_write+0x229/0x2b0
[  547.442652][ T8424]  ? __pfx_lock_release+0x10/0x10
[  547.447735][ T8424]  ? vfs_write+0x730/0xd30
[  547.452204][ T8424]  ? __mutex_unlock_slowpath+0x21d/0x750
[  547.457889][ T8424]  ? __fget_files+0x3f3/0x470
[  547.462630][ T8424]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  547.468752][ T8424]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  547.475128][ T8424]  ? do_syscall_64+0x100/0x230
[  547.479956][ T8424]  __x64_sys_sendmmsg+0xa0/0xb0
[  547.484861][ T8424]  do_syscall_64+0xf3/0x230
[  547.489397][ T8424]  ? clear_bhb_loop+0x35/0x90
[  547.494082][ T8424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.500006][ T8424] RIP: 0033:0x7faeb4d7e719
[  547.504442][ T8424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.524063][ T8424] RSP: 002b:00007faeb5acc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  547.532502][ T8424] RAX: ffffffffffffffda RBX: 00007faeb4f35f80 RCX: 00007faeb4d7e719
[  547.540505][ T8424] RDX: 0000000000000062 RSI: 0000000020002940 RDI: 0000000000000003
[  547.548491][ T8424] RBP: 00007faeb5acc090 R08: 0000000000000000 R09: 0000000000000000
[  547.556481][ T8424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  547.564455][ T8424] R13: 0000000000000000 R14: 00007faeb4f35f80 R15: 00007ffd675bba28
[  547.572443][ T8424]  </TASK>
[  547.575613][    C0] vkms_vblank_simulate: vblank timer overrun
[  548.249638][   T51] usb 3-1: USB disconnect, device number 23
[  548.286404][ T8435] overlayfs: missing 'lowerdir'
[  551.831348][ T8471] netlink: 28 bytes leftover after parsing attributes in process `syz.3.729'.
[  554.087113][ T7382] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  554.238943][ T7382] usb 4-1: device descriptor read/64, error -71
[  554.528540][ T8506] netlink: 24 bytes leftover after parsing attributes in process `syz.4.738'.
[  554.537655][ T8506] netlink: 24 bytes leftover after parsing attributes in process `syz.4.738'.
[  555.054993][ T7382] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  555.595058][ T7382] usb 4-1: device descriptor read/64, error -71
[  555.620431][ T8514] netlink: 28 bytes leftover after parsing attributes in process `syz.4.740'.
[  556.082846][ T7382] usb usb4-port1: attempt power cycle
[  556.156031][ T5976] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  556.404827][ T5976] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  556.414574][ T5976] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.422819][ T5976] usb 3-1: Product: syz
[  556.427174][ T5976] usb 3-1: Manufacturer: syz
[  556.431915][ T5976] usb 3-1: SerialNumber: syz
[  556.450737][ T5976] usb 3-1: config 0 descriptor??
[  556.649012][ T8535] netlink: 'syz.4.748': attribute type 10 has an invalid length.
[  556.767198][ T5976] usb 3-1: USB disconnect, device number 24
[  556.984785][ T8541] netlink: 28 bytes leftover after parsing attributes in process `syz.5.751'.
[  558.745911][ T8562] openvswitch: netlink: Actions may not be safe on all matching packets
[  558.791603][ T8561] netlink: 20 bytes leftover after parsing attributes in process `syz.3.754'.
[  558.940171][ T8564] bridge0: port 3(erspan0) entered blocking state
[  558.946788][ T8564] bridge0: port 3(erspan0) entered disabled state
[  558.953395][ T8564] erspan0: entered allmulticast mode
[  558.959897][ T8564] erspan0: entered promiscuous mode
[  558.965764][ T8564] bridge0: port 3(erspan0) entered blocking state
[  558.972287][ T8564] bridge0: port 3(erspan0) entered forwarding state
[  560.092171][    T8] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  560.323255][ T8593] netlink: 28 bytes leftover after parsing attributes in process `syz.2.762'.
[  560.940075][    T8] usb 5-1: unable to get BOS descriptor or descriptor too short
[  560.950401][    T8] usb 5-1: not running at top speed; connect to a high speed hub
[  560.961821][    T8] usb 5-1: config 2 has an invalid interface number: 112 but max is 0
[  560.970306][    T8] usb 5-1: config 2 has no interface number 0
[  561.672004][ T8605] cgroup: fork rejected by pids controller in /syz3
[  561.765321][    T8] usb 5-1: config 2 interface 112 has no altsetting 0
[  562.525393][ T5902] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  562.827556][    T8] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice=30.0e
[  562.836818][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  562.847106][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.856324][    T8] usb 5-1: can't set config #2, error -71
[  562.865463][    T8] usb 5-1: USB disconnect, device number 22
[  562.905814][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.917597][ T5902] usb 4-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  562.977387][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.999616][ T5902] usb 4-1: config 0 descriptor??
[  563.095708][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  563.102259][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  563.817869][ T5902] saitek 0003:06A3:0621.000B: unknown main item tag 0x0
[  563.825141][ T5902] saitek 0003:06A3:0621.000B: unknown main item tag 0x0
[  563.832143][ T5902] saitek 0003:06A3:0621.000B: unknown main item tag 0x0
[  563.866398][ T5902] saitek 0003:06A3:0621.000B: unknown main item tag 0x0
[  563.873452][ T5902] saitek 0003:06A3:0621.000B: unknown main item tag 0x0
[  563.889015][ T8808] netlink: 28 bytes leftover after parsing attributes in process `syz.5.774'.
[  563.922405][ T5902] saitek 0003:06A3:0621.000B: hidraw0: USB HID v0.00 Device [HID 06a3:0621] on usb-dummy_hcd.3-1/input0
[  564.020565][    T8] usb 4-1: USB disconnect, device number 24
[  565.463160][ T8829] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  566.983223][   T54] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  566.995762][   T54] Bluetooth: hci5: Injecting HCI hardware error event
[  567.018090][   T54] Bluetooth: hci5: hardware error 0x00
[  567.361240][ T8846] netlink: 28 bytes leftover after parsing attributes in process `syz.4.788'.
[  568.205057][ T5902] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  568.739709][ T5902] usb 6-1: Using ep0 maxpacket: 16
[  568.757296][ T5902] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  568.770620][ T5902] usb 6-1: New USB device found, idVendor=1e71, idProduct=200e, bcdDevice= 0.00
[  569.326960][ T5902] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.346660][ T5902] usb 6-1: config 0 descriptor??
[  569.841614][   T54] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  570.625103][ T5902] usb 6-1: string descriptor 0 read error: -71
[  570.633680][ T5902] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  570.642798][ T5902] usb 6-1: USB disconnect, device number 8
[  570.815516][    T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  570.816952][ T8884] sctp: [Deprecated]: syz.5.799 (pid 8884) Use of struct sctp_assoc_value in delayed_ack socket option.
[  570.816952][ T8884] Use struct sctp_sack_info instead
[  570.945471][    T9] usb 5-1: device descriptor read/64, error -71
[  571.195153][    T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  571.244706][ T8894] netlink: 'syz.3.793': attribute type 5 has an invalid length.
[  571.345025][    T9] usb 5-1: device descriptor read/64, error -71
[  571.474515][    T9] usb usb5-port1: attempt power cycle
[  571.510902][   T51] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  571.552725][ T8902] FAULT_INJECTION: forcing a failure.
[  571.552725][ T8902] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  571.566773][ T8902] CPU: 1 UID: 0 PID: 8902 Comm: syz.5.803 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  571.577413][ T8902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  571.587499][ T8902] Call Trace:
[  571.590810][ T8902]  <TASK>
[  571.593772][ T8902]  dump_stack_lvl+0x241/0x360
[  571.598490][ T8902]  ? __pfx_dump_stack_lvl+0x10/0x10
[  571.603724][ T8902]  ? __pfx__printk+0x10/0x10
[  571.608368][ T8902]  ? __lock_acquire+0x1384/0x2050
[  571.613445][ T8902]  should_fail_ex+0x3b0/0x4e0
[  571.618189][ T8902]  prepare_alloc_pages+0x1da/0x5b0
[  571.623333][ T8902]  __alloc_pages_noprof+0x16f/0x710
[  571.628583][ T8902]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  571.634372][ T8902]  alloc_pages_mpol_noprof+0x3e8/0x680
[  571.639871][ T8902]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  571.645873][ T8902]  ? __pfx_lock_release+0x10/0x10
[  571.650916][ T8902]  folio_alloc_mpol_noprof+0x36/0x50
[  571.656221][ T8902]  shmem_alloc_and_add_folio+0x49b/0x13d0
[  571.661959][ T8902]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  571.668134][ T8902]  ? shmem_allowable_huge_orders+0x1f2/0x3d0
[  571.674135][ T8902]  shmem_get_folio_gfp+0x5a9/0x20a0
[  571.679364][ T8902]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  571.685029][ T8902]  shmem_write_begin+0x17e/0x460
[  571.690014][ T8902]  ? __pfx_shmem_write_begin+0x10/0x10
[  571.695496][ T8902]  ? fault_in_iov_iter_readable+0x236/0x280
[  571.701424][ T8902]  generic_perform_write+0x344/0x6d0
[  571.706732][ T8902]  ? __pfx_generic_perform_write+0x10/0x10
[  571.712559][ T8902]  ? __pfx_generic_write_checks+0x10/0x10
[  571.718293][ T8902]  ? file_update_time+0x2a0/0x430
[  571.723353][ T8902]  shmem_file_write_iter+0xf9/0x120
[  571.728571][ T8902]  iter_file_splice_write+0xbfa/0x1510
[  571.734086][ T8902]  ? __pfx_iter_file_splice_write+0x10/0x10
[  571.740021][ T8902]  ? rcu_read_lock_any_held+0xb7/0x160
[  571.745524][ T8902]  ? __pfx_iter_file_splice_write+0x10/0x10
[  571.751427][ T8902]  direct_splice_actor+0x11b/0x220
[  571.756550][ T8902]  splice_direct_to_actor+0x586/0xc80
[  571.761926][ T8902]  ? __lock_acquire+0x1384/0x2050
[  571.766967][ T8902]  ? __pfx_direct_splice_actor+0x10/0x10
[  571.772605][ T8902]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  571.778532][ T8902]  do_splice_direct+0x289/0x3e0
[  571.783402][ T8902]  ? __pfx_do_splice_direct+0x10/0x10
[  571.788790][ T8902]  ? rcu_read_lock_any_held+0xb7/0x160
[  571.794254][ T8902]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  571.800167][ T8902]  vfs_copy_file_range+0xd1f/0x1510
[  571.805396][ T8902]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  571.811045][ T8902]  ? __fget_files+0x3f3/0x470
[  571.815748][ T8902]  ? __might_fault+0xc6/0x120
[  571.820438][ T8902]  __se_sys_copy_file_range+0x3f2/0x5d0
[  571.826000][ T8902]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  571.832073][ T8902]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  571.838436][ T8902]  ? do_syscall_64+0x100/0x230
[  571.843251][ T8902]  ? __x64_sys_copy_file_range+0x21/0xf0
[  571.848978][ T8902]  do_syscall_64+0xf3/0x230
[  571.853489][ T8902]  ? clear_bhb_loop+0x35/0x90
[  571.858178][ T8902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.864082][ T8902] RIP: 0033:0x7ffb4a57e719
[  571.868508][ T8902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.888123][ T8902] RSP: 002b:00007ffb4b3f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  571.896563][ T8902] RAX: ffffffffffffffda RBX: 00007ffb4a735f80 RCX: 00007ffb4a57e719
[  571.904537][ T8902] RDX: 0000000000000003 RSI: 00000000200001c0 RDI: 0000000000000004
[  571.912515][ T8902] RBP: 00007ffb4b3f0090 R08: fffffff7a003e45c R09: 0010000000000000
[  571.920498][ T8902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  571.928477][ T8902] R13: 0000000000000000 R14: 00007ffb4a735f80 R15: 00007ffd7163e7d8
[  571.936472][ T8902]  </TASK>
[  571.939516][    C1] vkms_vblank_simulate: vblank timer overrun
[  572.004982][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  572.023428][ T8906] kvm: kvm [8905]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000003b) = 0x0
[  572.025271][   T51] usb 4-1: Using ep0 maxpacket: 16
[  572.034951][    T9] usb 5-1: device descriptor read/8, error -71
[  572.042856][   T51] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  572.053583][   T51] usb 4-1: config 0 has no interface number 0
[  572.063860][   T51] usb 4-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  572.094901][   T51] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  572.124918][   T51] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  572.137658][   T51] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.04
[  572.155026][   T51] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  572.173479][   T51] usb 4-1: Product: syz
[  572.177805][   T51] usb 4-1: SerialNumber: syz
[  572.195469][   T51] usb 4-1: config 0 descriptor??
[  572.203429][   T51] cm109 4-1:0.8: invalid payload size 0, expected 4
[  572.241057][   T51] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input24
[  572.402361][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.411960][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.419210][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.428402][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.435626][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.443271][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.450600][   T51] usb 4-1: USB disconnect, device number 25
[  572.457086][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  572.457114][    C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  572.486657][    T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  572.529435][    T9] usb 5-1: device descriptor read/8, error -71
[  572.728239][    T9] usb usb5-port1: unable to enumerate USB device
[  573.479352][ T8919] batman_adv: batadv0: Adding interface: ip6gretap0
[  573.565301][ T8919] batman_adv: batadv0: The MTU of interface ip6gretap0 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  573.824223][ T8919] batman_adv: batadv0: Not using interface ip6gretap0 (retrying later): interface not active
[  574.203720][   T51] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  574.301338][ T8937] FAULT_INJECTION: forcing a failure.
[  574.301338][ T8937] name failslab, interval 1, probability 0, space 0, times 0
[  574.321539][ T8937] CPU: 1 UID: 0 PID: 8937 Comm: syz.3.814 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  574.332200][ T8937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  574.342282][ T8937] Call Trace:
[  574.345585][ T8937]  <TASK>
[  574.348542][ T8937]  dump_stack_lvl+0x241/0x360
[  574.353256][ T8937]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.358463][ T8937]  ? __pfx__printk+0x10/0x10
[  574.363057][ T8937]  ? fs_reclaim_acquire+0x93/0x130
[  574.368172][ T8937]  ? __pfx___might_resched+0x10/0x10
[  574.373460][ T8937]  should_fail_ex+0x3b0/0x4e0
[  574.378149][ T8937]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  574.383871][ T8937]  should_failslab+0xac/0x100
[  574.388566][ T8937]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  574.394313][ T8937]  __kmalloc_noprof+0xd8/0x400
[  574.399081][ T8937]  tomoyo_realpath_from_path+0xcf/0x5e0
[  574.404655][ T8937]  tomoyo_path_number_perm+0x23a/0x880
[  574.410130][ T8937]  ? tomoyo_path_number_perm+0x208/0x880
[  574.415775][ T8937]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  574.421808][ T8937]  ? __fget_files+0x29/0x470
[  574.426420][ T8937]  ? __fget_files+0x3f3/0x470
[  574.431115][ T8937]  security_file_ioctl+0xc6/0x2a0
[  574.436209][ T8937]  __se_sys_ioctl+0x47/0x170
[  574.440801][ T8937]  do_syscall_64+0xf3/0x230
[  574.445311][ T8937]  ? clear_bhb_loop+0x35/0x90
[  574.450015][ T8937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.455929][ T8937] RIP: 0033:0x7f1f7417e719
[  574.460345][ T8937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.479972][ T8937] RSP: 002b:00007f1f73bff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  574.488415][ T8937] RAX: ffffffffffffffda RBX: 00007f1f74335f80 RCX: 00007f1f7417e719
[  574.496419][ T8937] RDX: 0000000020000080 RSI: 000000008008af00 RDI: 0000000000000005
[  574.504412][ T8937] RBP: 00007f1f73bff090 R08: 0000000000000000 R09: 0000000000000000
[  574.512393][ T8937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  574.520371][ T8937] R13: 0000000000000000 R14: 00007f1f74335f80 R15: 00007fff1dcbecc8
[  574.528364][ T8937]  </TASK>
[  574.549746][ T8937] ERROR: Out of memory at tomoyo_realpath_from_path.
[  574.558151][ T8936] FAULT_INJECTION: forcing a failure.
[  574.558151][ T8936] name failslab, interval 1, probability 0, space 0, times 0
[  574.572337][ T8936] CPU: 1 UID: 0 PID: 8936 Comm: syz.2.813 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  574.582981][ T8936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  574.593081][ T8936] Call Trace:
[  574.596383][ T8936]  <TASK>
[  574.599333][ T8936]  dump_stack_lvl+0x241/0x360
[  574.604063][ T8936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.609295][ T8936]  ? __pfx__printk+0x10/0x10
[  574.613892][ T8936]  ? fs_reclaim_acquire+0x93/0x130
[  574.619014][ T8936]  ? __pfx___might_resched+0x10/0x10
[  574.624317][ T8936]  should_fail_ex+0x3b0/0x4e0
[  574.629010][ T8936]  ? security_inode_alloc+0x37/0x310
[  574.634310][ T8936]  should_failslab+0xac/0x100
[  574.639001][ T8936]  ? security_inode_alloc+0x37/0x310
[  574.644294][ T8936]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  574.649688][ T8936]  security_inode_alloc+0x37/0x310
[  574.654815][ T8936]  inode_init_always_gfp+0x988/0xcd0
[  574.660136][ T8936]  ? __pfx_sock_alloc_inode+0x10/0x10
[  574.665523][ T8936]  alloc_inode+0x9f/0x1a0
[  574.669872][ T8936]  do_accept+0x168/0x6b0
[  574.674139][ T8936]  ? __pfx_do_accept+0x10/0x10
[  574.678929][ T8936]  __sys_accept4+0x11e/0x1c0
[  574.683533][ T8936]  ? __pfx___sys_accept4+0x10/0x10
[  574.688656][ T8936]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  574.695011][ T8936]  ? do_syscall_64+0x100/0x230
[  574.699800][ T8936]  __x64_sys_accept4+0x9a/0xb0
[  574.704571][ T8936]  do_syscall_64+0xf3/0x230
[  574.709088][ T8936]  ? clear_bhb_loop+0x35/0x90
[  574.713776][ T8936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.719667][ T8936] RIP: 0033:0x7fdffd57e719
[  574.724087][ T8936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.743727][ T8936] RSP: 002b:00007fdffe333038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  574.752154][ T8936] RAX: ffffffffffffffda RBX: 00007fdffd735f80 RCX: 00007fdffd57e719
[  574.760143][ T8936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  574.768155][ T8936] RBP: 00007fdffe333090 R08: 0000000000000000 R09: 0000000000000000
[  574.776141][ T8936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  574.784127][ T8936] R13: 0000000000000000 R14: 00007fdffd735f80 R15: 00007ffed2047cf8
[  574.792127][ T8936]  </TASK>
[  574.868584][ T8942] input: syz0 as /devices/virtual/input/input25
[  581.404994][ T5989] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  581.665499][ T5989] usb 5-1: Using ep0 maxpacket: 16
[  581.677368][ T5989] usb 5-1: config 0 has an invalid interface number: 133 but max is 0
[  581.686429][ T5989] usb 5-1: config 0 has no interface number 0
[  581.692577][ T5989] usb 5-1: config 0 interface 133 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  581.726622][ T5989] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  581.751399][ T5989] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  581.866326][ T5989] usb 5-1: Product: syz
[  581.958063][ T5989] usb 5-1: Manufacturer: syz
[  582.114447][ T5989] usb 5-1: SerialNumber: syz
[  582.233067][ T5989] usb 5-1: config 0 descriptor??
[  582.388536][ T8983] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  582.450460][ T5989] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected
[  582.483679][ T5989] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81
[  582.535159][ T5989] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1
[  582.584023][ T5989] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2
[  582.666506][ T5989] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  582.732381][ T5989] usb 5-1: USB disconnect, device number 27
[  582.785886][ T5989] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  582.839115][ T5989] keyspan 5-1:0.133: device disconnected
[  585.207790][ T9059] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0)
[  585.209266][ T7382] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  585.234462][ T9059] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  585.270537][ T9059] IPVS: set_ctl: invalid protocol: 51 172.30.4.5:20004
[  585.292615][ T9059] netlink: 800 bytes leftover after parsing attributes in process `syz.4.849'.
[  585.318590][ T9059] netlink: 1301 bytes leftover after parsing attributes in process `syz.4.849'.
[  585.426909][ T7382] usb 4-1: config 0 has an invalid interface number: 4 but max is 0
[  585.454029][ T7382] usb 4-1: config 0 has no interface number 0
[  585.479446][ T7382] usb 4-1: New USB device found, idVendor=058f, idProduct=3820, bcdDevice=bf.93
[  585.723800][ T7382] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.731901][ T7382] usb 4-1: Product: syz
[  585.743620][ T7382] usb 4-1: Manufacturer: syz
[  585.748268][ T7382] usb 4-1: SerialNumber: syz
[  585.814005][ T7382] usb 4-1: config 0 descriptor??
[  586.098497][ T7382] usb 4-1: USB disconnect, device number 26
[  588.007178][ T9077] netlink: 'syz.2.855': attribute type 1 has an invalid length.
[  588.054265][ T9077] netlink: 112 bytes leftover after parsing attributes in process `syz.2.855'.
[  588.172992][ T9108] 9pnet_fd: Insufficient options for proto=fd
[  588.381306][ T9114] FAULT_INJECTION: forcing a failure.
[  588.381306][ T9114] name failslab, interval 1, probability 0, space 0, times 0
[  588.433135][ T9114] CPU: 0 UID: 0 PID: 9114 Comm: syz.5.866 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  588.443797][ T9114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  588.453900][ T9114] Call Trace:
[  588.457214][ T9114]  <TASK>
[  588.460191][ T9114]  dump_stack_lvl+0x241/0x360
[  588.464918][ T9114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  588.470163][ T9114]  ? __pfx__printk+0x10/0x10
[  588.474792][ T9114]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  588.480314][ T9114]  ? __pfx___might_resched+0x10/0x10
[  588.485650][ T9114]  should_fail_ex+0x3b0/0x4e0
[  588.490376][ T9114]  should_failslab+0xac/0x100
[  588.495103][ T9114]  ? snd_seq_port_connect+0x6a/0x490
[  588.500432][ T9114]  __kmalloc_cache_noprof+0x6c/0x2c0
[  588.506113][ T9114]  snd_seq_port_connect+0x6a/0x490
[  588.511256][ T9114]  ? do_raw_read_unlock+0x3c/0x80
[  588.516327][ T9114]  ? _raw_read_unlock+0x28/0x50
[  588.521225][ T9114]  snd_seq_ioctl_subscribe_port+0x31e/0x780
[  588.527176][ T9114]  ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10
[  588.533631][ T9114]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  588.540044][ T9114]  snd_seq_oss_midi_open+0x423/0x9d0
[  588.545384][ T9114]  ? __pfx_snd_seq_oss_midi_open+0x10/0x10
[  588.551334][ T9114]  ? __pfx_lock_release+0x10/0x10
[  588.556414][ T9114]  snd_seq_oss_process_event+0xce0/0x2af0
[  588.562179][ T9114]  snd_seq_oss_write+0x538/0xbb0
[  588.567182][ T9114]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  588.572689][ T9114]  ? bpf_lsm_file_permission+0x9/0x10
[  588.578094][ T9114]  ? security_file_permission+0x74/0x280
[  588.583780][ T9114]  odev_write+0x5b/0x80
[  588.587974][ T9114]  ? __pfx_odev_write+0x10/0x10
[  588.592863][ T9114]  vfs_write+0x2a3/0xd30
[  588.597154][ T9114]  ? __pfx_vfs_write+0x10/0x10
[  588.601953][ T9114]  ? __fget_files+0x29/0x470
[  588.606564][ T9114]  ? __fget_files+0x3f3/0x470
[  588.611258][ T9114]  ? __fget_files+0x29/0x470
[  588.615909][ T9114]  ? fdget_pos+0x19a/0x320
[  588.620348][ T9114]  ksys_write+0x183/0x2b0
[  588.624698][ T9114]  ? __pfx_ksys_write+0x10/0x10
[  588.629581][ T9114]  ? do_syscall_64+0x100/0x230
[  588.634361][ T9114]  ? do_syscall_64+0xb6/0x230
[  588.639047][ T9114]  do_syscall_64+0xf3/0x230
[  588.643578][ T9114]  ? clear_bhb_loop+0x35/0x90
[  588.648268][ T9114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.654222][ T9114] RIP: 0033:0x7ffb4a57e719
[  588.658655][ T9114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  588.678267][ T9114] RSP: 002b:00007ffb4b3f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  588.686714][ T9114] RAX: ffffffffffffffda RBX: 00007ffb4a735f80 RCX: 00007ffb4a57e719
[  588.694687][ T9114] RDX: 0000000000000233 RSI: 0000000020000080 RDI: 0000000000000003
[  588.702667][ T9114] RBP: 00007ffb4b3f0090 R08: 0000000000000000 R09: 0000000000000000
[  588.710647][ T9114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.718624][ T9114] R13: 0000000000000000 R14: 00007ffb4a735f80 R15: 00007ffd7163e7d8
[  588.726606][ T9114]  </TASK>
[  588.729836][    C0] vkms_vblank_simulate: vblank timer overrun
[  589.000934][ T9120] overlayfs: missing 'lowerdir'
[  589.246876][ T7382] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  589.462133][ T9131] deleting an unspecified loop device is not supported.
[  589.521679][ T9133] FAULT_INJECTION: forcing a failure.
[  589.521679][ T9133] name failslab, interval 1, probability 0, space 0, times 0
[  589.644701][ T9133] CPU: 0 UID: 0 PID: 9133 Comm: syz.2.872 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  589.655353][ T9133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  589.665492][ T9133] Call Trace:
[  589.668806][ T9133]  <TASK>
[  589.671765][ T9133]  dump_stack_lvl+0x241/0x360
[  589.676494][ T9133]  ? __pfx_dump_stack_lvl+0x10/0x10
[  589.681737][ T9133]  ? __pfx__printk+0x10/0x10
[  589.686374][ T9133]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  589.691873][ T9133]  ? __pfx___might_resched+0x10/0x10
[  589.697199][ T9133]  should_fail_ex+0x3b0/0x4e0
[  589.701918][ T9133]  should_failslab+0xac/0x100
[  589.706638][ T9133]  ? netlbl_mgmt_add_common+0x794/0x1320
[  589.712313][ T9133]  __kmalloc_cache_noprof+0x6c/0x2c0
[  589.717632][ T9133]  netlbl_mgmt_add_common+0x794/0x1320
[  589.723142][ T9133]  netlbl_mgmt_add+0x312/0x3a0
[  589.727956][ T9133]  ? __nla_parse+0x40/0x60
[  589.732402][ T9133]  ? __pfx_netlbl_mgmt_add+0x10/0x10
[  589.737723][ T9133]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  589.744106][ T9133]  genl_rcv_msg+0xb14/0xec0
[  589.748651][ T9133]  ? mark_lock+0x9a/0x360
[  589.753034][ T9133]  ? __pfx_genl_rcv_msg+0x10/0x10
[  589.758131][ T9133]  ? __pfx_lock_acquire+0x10/0x10
[  589.763221][ T9133]  ? __pfx_netlbl_mgmt_add+0x10/0x10
[  589.768556][ T9133]  ? __pfx___might_resched+0x10/0x10
[  589.773990][ T9133]  netlink_rcv_skb+0x1e3/0x430
[  589.778800][ T9133]  ? __pfx_genl_rcv_msg+0x10/0x10
[  589.783878][ T9133]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  589.789251][ T9133]  genl_rcv+0x28/0x40
[  589.789271][ T7382] usb 4-1: Using ep0 maxpacket: 32
[  589.798405][ T9133]  netlink_unicast+0x7f6/0x990
[  589.800398][ T7382] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  589.803204][ T9133]  ? __pfx_netlink_unicast+0x10/0x10
[  589.803257][ T9133]  ? __virt_addr_valid+0x183/0x530
[  589.803286][ T9133]  ? __check_object_size+0x48e/0x900
[  589.803326][ T9133]  netlink_sendmsg+0x8e4/0xcb0
[  589.803365][ T9133]  ? __pfx_netlink_sendmsg+0x10/0x10
[  589.803405][ T9133]  ? __pfx_netlink_sendmsg+0x10/0x10
[  589.803430][ T9133]  __sock_sendmsg+0x221/0x270
[  589.803471][ T9133]  ____sys_sendmsg+0x52a/0x7e0
[  589.853648][ T9133]  ? __pfx_____sys_sendmsg+0x10/0x10
[  589.858971][ T9133]  __sys_sendmsg+0x292/0x380
[  589.863582][ T9133]  ? __pfx___sys_sendmsg+0x10/0x10
[  589.868724][ T9133]  ? __pfx_vfs_write+0x10/0x10
[  589.873530][ T9133]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  589.879878][ T9133]  ? do_syscall_64+0x100/0x230
[  589.884659][ T9133]  ? do_syscall_64+0xb6/0x230
[  589.889351][ T9133]  do_syscall_64+0xf3/0x230
[  589.893866][ T9133]  ? clear_bhb_loop+0x35/0x90
[  589.898561][ T9133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.904459][ T9133] RIP: 0033:0x7fdffd57e719
[  589.908902][ T9133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.928521][ T9133] RSP: 002b:00007fdffe333038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  589.937047][ T9133] RAX: ffffffffffffffda RBX: 00007fdffd735f80 RCX: 00007fdffd57e719
[  589.945061][ T9133] RDX: 0000000000000000 RSI: 0000000020000d80 RDI: 0000000000000004
[  589.953083][ T9133] RBP: 00007fdffe333090 R08: 0000000000000000 R09: 0000000000000000
[  589.961067][ T9133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  589.969051][ T9133] R13: 0000000000000000 R14: 00007fdffd735f80 R15: 00007ffed2047cf8
[  589.977049][ T9133]  </TASK>
[  589.980123][    C0] vkms_vblank_simulate: vblank timer overrun
[  589.986627][ T7382] usb 4-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[  590.008354][ T7382] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.040602][ T7382] usb 4-1: config 0 descriptor??
[  590.243564][ T9152] random: crng reseeded on system resumption
[  590.698400][ T7382] lenovo 0003:17EF:60EE.000C: hidraw0: USB HID v0.00 Device [HID 17ef:60ee] on usb-dummy_hcd.3-1/input0
[  590.933416][ T9112] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  590.958040][ T5976] usb 4-1: USB disconnect, device number 27
[  591.369432][ T9179] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  593.268749][ T9216] netlink: 44 bytes leftover after parsing attributes in process `syz.4.888'.
[  593.355373][ T9219] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma?
[  593.636449][ T9221] netlink: 12 bytes leftover after parsing attributes in process `syz.3.891'.
[  594.466713][ T7382] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  594.776649][ T7382] usb 4-1: unable to get BOS descriptor or descriptor too short
[  595.349387][ T7382] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  595.361924][ T7382] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  595.372097][ T7382] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  595.381930][ T7382] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  595.393783][ T7382] usb 4-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  595.402857][ T7382] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.411490][ T7382] usb 4-1: Product: syz
[  595.416087][ T7382] usb 4-1: Manufacturer: syz
[  595.420712][ T7382] usb 4-1: SerialNumber: syz
[  595.440539][ T7382] usb 4-1: config 0 descriptor??
[  595.446181][ T9224] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  595.454985][ T7382] pn533_usb 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  596.953970][    T9] usb 4-1: USB disconnect, device number 28
[  597.133669][ T9254] usb usb8: usbfs: process 9254 (syz.0.900) did not claim interface 0 before use
[  597.530972][ T9270] netlink: 209840 bytes leftover after parsing attributes in process `syz.4.904'.
[  598.843829][ T9284] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  601.103023][ T7382] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  601.292162][ T7382] usb 6-1: unable to get BOS descriptor or descriptor too short
[  601.306588][ T7382] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  601.325270][ T7382] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  601.335151][ T7382] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  601.344916][ T7382] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  601.377150][ T7382] usb 6-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  601.394767][ T7382] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.413545][ T7382] usb 6-1: Product: syz
[  601.423646][ T7382] usb 6-1: Manufacturer: syz
[  601.433769][ T7382] usb 6-1: SerialNumber: syz
[  601.441692][ T5976] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  601.450841][ T7382] usb 6-1: config 0 descriptor??
[  601.462815][ T9309] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  601.480298][ T7382] pn533_usb 6-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  601.744732][ T9323] FAULT_INJECTION: forcing a failure.
[  601.744732][ T9323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  601.758196][ T9323] CPU: 0 UID: 0 PID: 9323 Comm: syz.0.923 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  601.768841][ T9323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  601.778925][ T9323] Call Trace:
[  601.782243][ T9323]  <TASK>
[  601.785212][ T9323]  dump_stack_lvl+0x241/0x360
[  601.790201][ T9323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  601.795447][ T9323]  ? __pfx__printk+0x10/0x10
[  601.800105][ T9323]  should_fail_ex+0x3b0/0x4e0
[  601.804827][ T9323]  _copy_from_user+0x2f/0xc0
[  601.809465][ T9323]  move_addr_to_kernel+0x82/0x150
[  601.814537][ T9323]  __sys_connect+0xc1/0x300
[  601.819079][ T9323]  ? __pfx___sys_connect+0x10/0x10
[  601.824233][ T9323]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  601.830603][ T9323]  ? do_syscall_64+0x100/0x230
[  601.835415][ T9323]  __x64_sys_connect+0x7a/0x90
[  601.840223][ T9323]  do_syscall_64+0xf3/0x230
[  601.844778][ T9323]  ? clear_bhb_loop+0x35/0x90
[  601.849502][ T9323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.855441][ T9323] RIP: 0033:0x7faeb4d7e719
[  601.859895][ T9323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.879570][ T9323] RSP: 002b:00007faeb5aab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  601.888006][ T9323] RAX: ffffffffffffffda RBX: 00007faeb4f36058 RCX: 00007faeb4d7e719
[  601.895986][ T9323] RDX: 0000000000000032 RSI: 0000000020000980 RDI: 0000000000000006
[  601.903963][ T9323] RBP: 00007faeb5aab090 R08: 0000000000000000 R09: 0000000000000000
[  601.911954][ T9323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.919952][ T9323] R13: 0000000000000000 R14: 00007faeb4f36058 R15: 00007ffd675bba28
[  601.927973][ T9323]  </TASK>
[  601.939314][ T5976] usb 5-1: unable to get BOS descriptor or descriptor too short
[  601.951457][ T5976] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  601.962047][ T5976] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  601.978044][ T5976] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  601.993176][ T5976] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  602.033969][ T5976] usb 5-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  602.060874][ T5976] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.081388][ T5976] usb 5-1: Product: syz
[  602.092815][ T5976] usb 5-1: Manufacturer: syz
[  602.097473][ T5976] usb 5-1: SerialNumber: syz
[  602.114309][ T5976] usb 5-1: config 0 descriptor??
[  602.120051][ T9316] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  602.140853][ T5976] pn533_usb 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  602.475658][ T5976] usb 6-1: USB disconnect, device number 9
[  603.676157][ T5938] usb 5-1: USB disconnect, device number 28
[  603.957785][ T9354] FAULT_INJECTION: forcing a failure.
[  603.957785][ T9354] name failslab, interval 1, probability 0, space 0, times 0
[  603.970712][ T9354] CPU: 1 UID: 0 PID: 9354 Comm: syz.3.934 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  603.981369][ T9354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  603.991471][ T9354] Call Trace:
[  603.994778][ T9354]  <TASK>
[  603.997733][ T9354]  dump_stack_lvl+0x241/0x360
[  604.002458][ T9354]  ? __pfx_dump_stack_lvl+0x10/0x10
[  604.007691][ T9354]  ? __pfx__printk+0x10/0x10
[  604.012295][ T9354]  ? fs_reclaim_acquire+0x93/0x130
[  604.017421][ T9354]  ? __pfx___might_resched+0x10/0x10
[  604.022724][ T9354]  should_fail_ex+0x3b0/0x4e0
[  604.027433][ T9354]  ? tomoyo_encode+0x26f/0x540
[  604.032206][ T9354]  should_failslab+0xac/0x100
[  604.036894][ T9354]  ? tomoyo_encode+0x26f/0x540
[  604.041680][ T9354]  __kmalloc_noprof+0xd8/0x400
[  604.046480][ T9354]  tomoyo_encode+0x26f/0x540
[  604.051099][ T9354]  tomoyo_realpath_from_path+0x59e/0x5e0
[  604.056764][ T9354]  tomoyo_path_number_perm+0x23a/0x880
[  604.062249][ T9354]  ? tomoyo_path_number_perm+0x208/0x880
[  604.067901][ T9354]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  604.073945][ T9354]  ? __fget_files+0x29/0x470
[  604.078563][ T9354]  ? __fget_files+0x3f3/0x470
[  604.083290][ T9354]  security_file_ioctl+0xc6/0x2a0
[  604.088354][ T9354]  __se_sys_ioctl+0x47/0x170
[  604.092990][ T9354]  do_syscall_64+0xf3/0x230
[  604.097539][ T9354]  ? clear_bhb_loop+0x35/0x90
[  604.102314][ T9354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.108248][ T9354] RIP: 0033:0x7f1f7417e719
[  604.112670][ T9354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  604.132278][ T9354] RSP: 002b:00007f1f73bff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  604.140705][ T9354] RAX: ffffffffffffffda RBX: 00007f1f74335f80 RCX: 00007f1f7417e719
[  604.148688][ T9354] RDX: 00000000200004c0 RSI: 0000000000004b72 RDI: 0000000000000003
[  604.156668][ T9354] RBP: 00007f1f73bff090 R08: 0000000000000000 R09: 0000000000000000
[  604.164652][ T9354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  604.172654][ T9354] R13: 0000000000000000 R14: 00007f1f74335f80 R15: 00007fff1dcbecc8
[  604.180744][ T9354]  </TASK>
[  604.241027][ T9354] ERROR: Out of memory at tomoyo_realpath_from_path.
[  605.292876][ T5938] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  605.475693][ T5938] usb 4-1: unable to get BOS descriptor or descriptor too short
[  605.488267][ T5938] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  605.505022][ T5938] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  605.535480][ T5938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  605.566931][ T5938] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  605.600724][ T5938] usb 4-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  605.632833][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.640898][ T5938] usb 4-1: Product: syz
[  605.652834][ T5938] usb 4-1: Manufacturer: syz
[  605.657778][ T5938] usb 4-1: SerialNumber: syz
[  605.669209][ T5938] usb 4-1: config 0 descriptor??
[  605.692942][ T9362] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  605.720745][ T5938] pn533_usb 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  606.153317][ T9384] netlink: 9412 bytes leftover after parsing attributes in process `syz.4.942'.
[  606.194393][ T9391] netlink: 36 bytes leftover after parsing attributes in process `syz.5.945'.
[  606.213796][ T9391] netlink: 16 bytes leftover after parsing attributes in process `syz.5.945'.
[  606.227104][ T9391] netlink: 36 bytes leftover after parsing attributes in process `syz.5.945'.
[  606.246880][ T9391] netlink: 36 bytes leftover after parsing attributes in process `syz.5.945'.
[  606.594860][ T5938] usb 4-1: USB disconnect, device number 29
[  607.545264][ T5938] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  607.827111][ T9413] netlink: 24 bytes leftover after parsing attributes in process `syz.2.953'.
[  607.854026][ T9413] tc_dump_action: action bad kind
[  607.874271][ T5938] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  607.934374][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  607.993213][ T5938] usb 4-1: Product: syz
[  607.997452][ T5938] usb 4-1: Manufacturer: syz
[  608.005905][ T5938] usb 4-1: SerialNumber: syz
[  608.036399][ T5938] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  608.418717][ T7382] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  608.502932][   T51] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  608.662910][   T51] usb 3-1: device descriptor read/64, error -71
[  608.783422][ T5976] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  608.854328][    T9] usb 4-1: USB disconnect, device number 30
[  608.933637][   T51] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  608.963547][ T5976] usb 5-1: unable to get BOS descriptor or descriptor too short
[  608.988188][ T5976] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  608.996919][ T9432] program syz.5.960 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  609.005881][ T5976] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[  609.032627][ T5976] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  609.051233][ T5976] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  609.063853][ T5976] usb 5-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  609.073345][ T5976] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.081407][ T5976] usb 5-1: Product: syz
[  609.085686][ T5976] usb 5-1: Manufacturer: syz
[  609.090320][ T5976] usb 5-1: SerialNumber: syz
[  609.098467][ T5976] usb 5-1: config 0 descriptor??
[  609.104295][ T9428] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  609.112192][ T5976] pn533_usb 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  609.112918][   T51] usb 3-1: device descriptor read/64, error -71
[  609.244150][   T51] usb usb3-port1: attempt power cycle
[  609.282968][ T5902] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  609.448324][ T5902] usb 6-1: New USB device found, idVendor=0408, idProduct=4030, bcdDevice=fa.f1
[  609.470683][ T5902] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.479053][ T5902] usb 6-1: Product: syz
[  609.486655][ T5902] usb 6-1: Manufacturer: syz
[  609.496919][ T5902] usb 6-1: SerialNumber: syz
[  609.516797][ T5902] usb 6-1: config 0 descriptor??
[  609.541577][ T5902] usb 6-1: Found UVC 0.00 device syz (0408:4030)
[  609.578373][ T5902] usb 6-1: No valid video chain found.
[  609.584379][   T51] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  609.805592][ T7382] usb 4-1: Service connection timeout for: 256
[  609.829475][ T5902] usb 6-1: USB disconnect, device number 10
[  609.835744][ T7382] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[  609.848477][ T7382] ath9k_htc: Failed to initialize the device
[  609.856816][    T9] usb 4-1: ath9k_htc: USB layer deinitialized
[  609.873663][   T51] usb 3-1: device descriptor read/8, error -71
[  610.009213][   T25] usb 5-1: USB disconnect, device number 29
[  610.123324][   T51] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  610.154167][   T51] usb 3-1: device descriptor read/8, error -71
[  610.376336][   T51] usb usb3-port1: unable to enumerate USB device
[  613.253999][ T5976] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  613.785182][ T5976] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  613.795574][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  613.832899][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  613.850161][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  613.866603][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  613.897589][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  613.943270][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  613.962310][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  613.991548][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  614.014038][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  614.022337][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  614.031759][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  614.056216][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  614.064828][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  614.081118][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  614.098979][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  614.151038][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  614.182911][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  614.194266][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  614.202550][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  614.244081][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  614.255671][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  614.263952][ T5976] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  614.276269][ T5976] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  614.287440][ T5976] usb 6-1: config 0 interface 0 has no altsetting 0
[  614.331603][ T5976] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  614.347885][ T5976] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  614.379272][ T5976] usb 6-1: Product: syz
[  614.385971][ T5906] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  614.402281][ T5976] usb 6-1: Manufacturer: syz
[  614.423052][ T5976] usb 6-1: SerialNumber: syz
[  614.444101][ T5976] usb 6-1: config 0 descriptor??
[  614.464738][ T5976] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  614.623457][ T5906] usb 3-1: config 0 has an invalid interface number: 83 but max is 0
[  614.631618][ T5906] usb 3-1: config 0 has no interface number 0
[  614.698725][ T5906] usb 3-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[  614.739902][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.767890][ T9472] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  614.784241][ T5906] usb 3-1: config 0 descriptor??
[  614.843635][ T5906] ttusbir 3-1:0.83: cannot find expected altsetting
[  614.858072][ T9475] netlink: 4 bytes leftover after parsing attributes in process `syz.5.972'.
[  615.623937][   T25] usb 3-1: USB disconnect, device number 29
[  618.167116][ T7382] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  618.335839][ T7382] usb 3-1: Using ep0 maxpacket: 16
[  618.353811][ T7382] usb 3-1: config 0 has an invalid descriptor of length 197, skipping remainder of the config
[  618.382908][ T7382] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  618.452829][ T7382] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  618.472567][ T7382] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.482499][ T7382] usb 3-1: Product: syz
[  618.492648][ T7382] usb 3-1: Manufacturer: syz
[  618.508220][ T7382] usb 3-1: SerialNumber: syz
[  618.528792][ T7382] usb 3-1: config 0 descriptor??
[  619.214523][ T7382] usb 3-1: USB disconnect, device number 30
[  621.753226][   T30] INFO: task syz.1.431:7474 blocked for more than 143 seconds.
[  621.761338][   T30]       Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  622.723346][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  622.768073][   T30] task:syz.1.431       state:D stack:23808 pid:7474  tgid:7474  ppid:5855   flags:0x00004004
[  623.205291][   T30] Call Trace:
[  623.226602][   T30]  <TASK>
[  623.239849][   T30]  __schedule+0x17fa/0x4bd0
[  623.264987][   T30]  ? __pfx___schedule+0x10/0x10
[  623.313862][   T30]  ? __pfx_lock_release+0x10/0x10
[  623.342696][   T30]  ? schedule+0x90/0x320
[  623.354932][   T30]  schedule+0x14b/0x320
[  623.368244][   T30]  schedule_timeout+0xb0/0x310
[  623.383549][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  623.406664][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  623.430182][   T30]  ? wait_for_completion+0x2fe/0x620
[  623.440447][   T30]  ? wait_for_completion+0x2fe/0x620
[  623.458509][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  623.476392][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  623.492004][   T30]  ? wait_for_completion+0x2fe/0x620
[  623.508651][   T30]  wait_for_completion+0x355/0x620
[  623.527833][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  623.545028][   T30]  ? __init_swait_queue_head+0xae/0x150
[  623.550665][   T30]  __vhost_worker_flush+0x1e6/0x280
[  623.556906][   T30]  ? __pfx___vhost_worker_flush+0x10/0x10
[  623.562701][   T30]  ? __pfx_vhost_flush_work+0x10/0x10
[  623.571997][   T30]  ? __mutex_unlock_slowpath+0x21d/0x750
[  623.581833][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  623.591685][   T30]  vhost_dev_flush+0xc9/0x150
[  623.599835][   T30]  ? __pfx_vhost_dev_flush+0x10/0x10
[  623.608738][   T30]  ? __pfx_vhost_net_release+0x10/0x10
[  623.619717][   T30]  vhost_net_flush+0x24/0x160
[  623.625841][   T30]  vhost_net_release+0x109/0x470
[  623.630836][   T30]  ? __pfx_vhost_net_release+0x10/0x10
[  623.644915][   T30]  ? __pfx_call_rcu+0x10/0x10
[  623.649677][   T30]  ? evm_file_release+0x13d/0x1c0
[  623.660364][   T30]  ? __pfx_vhost_net_release+0x10/0x10
[  623.668321][   T30]  __fput+0x23f/0x880
[  623.672368][   T30]  task_work_run+0x24f/0x310
[  623.682168][   T30]  ? __pfx_task_work_run+0x10/0x10
[  623.689563][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  623.699427][   T30]  syscall_exit_to_user_mode+0x168/0x370
[  623.707436][   T30]  do_syscall_64+0x100/0x230
[  623.712083][   T30]  ? clear_bhb_loop+0x35/0x90
[  623.721384][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.729449][   T30] RIP: 0033:0x7ff90177e719
[  623.742917][   T30] RSP: 002b:00007ffee32f3498 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  623.751416][   T30] RAX: 0000000000000000 RBX: 00007ff901937a80 RCX: 00007ff90177e719
[  623.768678][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  623.778014][   T30] RBP: 00007ff901937a80 R08: 0000000000000006 R09: 00007ffee32f378f
[  623.791961][   T30] R10: 00000000003ffc1c R11: 0000000000000246 R12: 0000000000073a8e
[  623.801304][   T30] R13: 00007ffee32f35a0 R14: 0000000000000032 R15: ffffffffffffffff
[  623.815891][   T30]  </TASK>
[  623.819048][   T30] 
[  623.819048][   T30] Showing all locks held in the system:
[  623.892845][   T30] 1 lock held by khungtaskd/30:
[  623.897756][   T30]  #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  623.922933][   T30] 2 locks held by getty/5584:
[  623.927671][   T30]  #0: ffff8880306af0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  623.937802][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  623.948946][   T30] 3 locks held by kworker/u8:9/6174:
[  623.954370][   T30]  #0: ffff8880b863ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  623.964437][   T30]  #1: ffff8880b8628948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x41d/0x7a0
[  623.978692][   T30]  #2: ffffffff9a589cb8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x16d/0x510
[  624.000333][   T30] 1 lock held by syz.5.972/9475:
[  624.006439][   T30]  #0: ffffffff8e93d200 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  624.021840][   T30] 1 lock held by syz.0.1006/9597:
[  624.027979][   T30]  #0: ffffffff8e93d200 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  624.043069][   T30] 2 locks held by dhcpcd/9603:
[  624.047918][   T30]  #0: ffff888033966808 (&sb->s_type->i_mutex_key#9){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  624.063807][   T30]  #1: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  624.079840][   T30] 1 lock held by dhcpcd/9604:
[  624.086417][   T30]  #0: ffff888074b55008 (&sb->s_type->i_mutex_key#9){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  624.113151][   T30] 
[  624.115560][   T30] =============================================
[  624.115560][   T30] 
[  624.129677][   T30] NMI backtrace for cpu 1
[  624.134047][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  624.144568][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  624.154648][   T30] Call Trace:
[  624.157944][   T30]  <TASK>
[  624.160919][   T30]  dump_stack_lvl+0x241/0x360
[  624.165644][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  624.170887][   T30]  ? __pfx__printk+0x10/0x10
[  624.175523][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  624.180508][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  624.186011][   T30]  ? _printk+0xd5/0x120
[  624.190209][   T30]  ? __pfx__printk+0x10/0x10
[  624.194837][   T30]  ? __wake_up_klogd+0xcc/0x110
[  624.199720][   T30]  ? __pfx__printk+0x10/0x10
[  624.204337][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  624.209394][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  624.215456][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  624.221498][   T30]  watchdog+0xff4/0x1040
[  624.225796][   T30]  ? watchdog+0x1ea/0x1040
[  624.230270][   T30]  ? __pfx_watchdog+0x10/0x10
[  624.235000][   T30]  kthread+0x2f0/0x390
[  624.239111][   T30]  ? __pfx_watchdog+0x10/0x10
[  624.243843][   T30]  ? __pfx_kthread+0x10/0x10
[  624.248478][   T30]  ret_from_fork+0x4b/0x80
[  624.252955][   T30]  ? __pfx_kthread+0x10/0x10
[  624.257603][   T30]  ret_from_fork_asm+0x1a/0x30
[  624.262424][   T30]  </TASK>
[  624.266125][   T30] Sending NMI from CPU 1 to CPUs 0:
[  624.271416][    C0] NMI backtrace for cpu 0
[  624.271432][    C0] CPU: 0 UID: 0 PID: 9536 Comm: syz.3.991 Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  624.271458][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  624.271469][    C0] RIP: 0010:clear_page_erms+0xb/0x20
[  624.271501][    C0] Code: 48 8d 7f 40 75 d9 90 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 00 10 00 00 31 c0 <f3> aa c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90
[  624.271516][    C0] RSP: 0018:ffffc9001e4aeb10 EFLAGS: 00010246
[  624.271533][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000540
[  624.271544][    C0] RDX: ffff888059d83000 RSI: 0000000000000001 RDI: ffff888059d83ac0
[  624.271557][    C0] RBP: dffffc0000000000 R08: ffffea00016760f7 R09: 0000000000000000
[  624.271570][    C0] R10: ffffed100b3b0600 R11: fffff940002cec1f R12: 0000000000000001
[  624.271582][    C0] R13: 0000000000000001 R14: ffffea00016760c0 R15: 0000000000000000
[  624.271593][    C0] FS:  00007f1f73bff6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  624.271609][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  624.271621][    C0] CR2: 0000000020f5c030 CR3: 000000005e9e8000 CR4: 00000000003526f0
[  624.271635][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  624.271646][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  624.271657][    C0] Call Trace:
[  624.271664][    C0]  <NMI>
[  624.271671][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  624.271697][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  624.271736][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  624.271759][    C0]  ? nmi_handle+0x2a/0x5a0
[  624.271782][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  624.271804][    C0]  ? nmi_handle+0x14f/0x5a0
[  624.271820][    C0]  ? nmi_handle+0x2a/0x5a0
[  624.271837][    C0]  ? clear_page_erms+0xb/0x20
[  624.271857][    C0]  ? default_do_nmi+0x63/0x160
[  624.271881][    C0]  ? exc_nmi+0x123/0x1f0
[  624.271904][    C0]  ? end_repeat_nmi+0xf/0x53
[  624.271927][    C0]  ? clear_page_erms+0xb/0x20
[  624.271948][    C0]  ? clear_page_erms+0xb/0x20
[  624.271969][    C0]  ? clear_page_erms+0xb/0x20
[  624.271989][    C0]  </NMI>
[  624.271994][    C0]  <TASK>
[  624.271999][    C0]  post_alloc_hook+0xf8/0x230
[  624.272020][    C0]  get_page_from_freelist+0x3033/0x3180
[  624.272049][    C0]  ? __alloc_pages_noprof+0x16f/0x710
[  624.272072][    C0]  ? validate_chain+0x11e/0x5920
[  624.272100][    C0]  __alloc_pages_noprof+0x292/0x710
[  624.272123][    C0]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  624.272154][    C0]  alloc_pages_mpol_noprof+0x3e8/0x680
[  624.272181][    C0]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  624.272211][    C0]  vma_alloc_folio_noprof+0x12e/0x230
[  624.272237][    C0]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  624.272264][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  624.272286][    C0]  folio_prealloc+0x31/0x170
[  624.272308][    C0]  do_wp_page+0x11c4/0x52d0
[  624.272333][    C0]  ? __pfx_do_wp_page+0x10/0x10
[  624.272353][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  624.272378][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  624.272407][    C0]  handle_pte_fault+0x10e3/0x6800
[  624.272443][    C0]  ? mark_lock+0x9a/0x360
[  624.272460][    C0]  ? __pfx_handle_pte_fault+0x10/0x10
[  624.272496][    C0]  ? mt_find+0x2a9/0x920
[  624.272514][    C0]  ? __pfx_lock_release+0x10/0x10
[  624.272543][    C0]  handle_mm_fault+0x1053/0x1ad0
[  624.272572][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[  624.272598][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  624.272621][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  624.272647][    C0]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  624.272667][    C0]  exc_page_fault+0x2b9/0x8c0
[  624.272688][    C0]  asm_exc_page_fault+0x26/0x30
[  624.272705][    C0] RIP: 0010:__put_user_nocheck_4+0x7/0x20
[  624.272723][    C0] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00
[  624.272736][    C0] RSP: 0018:ffffc9001e4af8f8 EFLAGS: 00050202
[  624.272750][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020f5c030
[  624.272761][    C0] RDX: ffff88807ec38000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  624.272773][    C0] RBP: ffffc9001e4afa70 R08: ffffffff898047af R09: 1ffff1100537081c
[  624.272786][    C0] R10: dffffc0000000000 R11: ffffed100537081d R12: 0000000020f5c000
[  624.272799][    C0] R13: 0000000000000002 R14: 0000000000000000 R15: ffffc9001e4afd00
[  624.272813][    C0]  ? ____sys_recvmsg+0x28f/0x480
[  624.272840][    C0]  ____sys_recvmsg+0x2a7/0x480
[  624.272867][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  624.272896][    C0]  ? __might_fault+0xaa/0x120
[  624.272919][    C0]  do_recvmmsg+0x45e/0xad0
[  624.272949][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  624.272973][    C0]  ? __pfx_futex_wake_mark+0x10/0x10
[  624.273009][    C0]  ? futex_wait+0x285/0x360
[  624.273035][    C0]  ? __pfx_futex_wait+0x10/0x10
[  624.273066][    C0]  ? vfs_write+0x737/0xd30
[  624.273096][    C0]  ? __pfx_do_futex+0x10/0x10
[  624.273125][    C0]  __x64_sys_recvmmsg+0x199/0x250
[  624.273151][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  624.273175][    C0]  ? do_syscall_64+0x100/0x230
[  624.273197][    C0]  ? do_syscall_64+0xb6/0x230
[  624.273218][    C0]  do_syscall_64+0xf3/0x230
[  624.273237][    C0]  ? clear_bhb_loop+0x35/0x90
[  624.273256][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.273274][    C0] RIP: 0033:0x7f1f7417e719
[  624.273287][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.273301][    C0] RSP: 002b:00007f1f73bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  624.273318][    C0] RAX: ffffffffffffffda RBX: 00007f1f74335f80 RCX: 00007f1f7417e719
[  624.273330][    C0] RDX: 00000000040002ff RSI: 0000000020000080 RDI: 0000000000000003
[  624.273341][    C0] RBP: 00007f1f741f132e R08: 0000000000000000 R09: 0000000000000000
[  624.273352][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  624.273362][    C0] R13: 0000000000000000 R14: 00007f1f74335f80 R15: 00007fff1dcbecc8
[  624.273380][    C0]  </TASK>
[  624.273871][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  624.273889][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-00322-gb9021de3ec2f #0
[  624.273915][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  624.273930][   T30] Call Trace:
[  624.273938][   T30]  <TASK>
[  624.273947][   T30]  dump_stack_lvl+0x241/0x360
[  624.273981][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  624.274009][   T30]  ? __pfx__printk+0x10/0x10
[  624.274031][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  624.274071][   T30]  ? vscnprintf+0x5d/0x90
[  624.274103][   T30]  panic+0x349/0x880
[  624.274130][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  624.274164][   T30]  ? __pfx_panic+0x10/0x10
[  624.274196][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  624.274239][   T30]  ? __irq_work_queue_local+0x137/0x410
[  624.274279][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  624.274306][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  624.274340][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  624.274376][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  624.274413][   T30]  watchdog+0x1033/0x1040
[  624.274445][   T30]  ? watchdog+0x1ea/0x1040
[  624.274481][   T30]  ? __pfx_watchdog+0x10/0x10
[  624.274512][   T30]  kthread+0x2f0/0x390
[  624.274535][   T30]  ? __pfx_watchdog+0x10/0x10
[  624.274564][   T30]  ? __pfx_kthread+0x10/0x10
[  624.274588][   T30]  ret_from_fork+0x4b/0x80
[  624.274621][   T30]  ? __pfx_kthread+0x10/0x10
[  624.274644][   T30]  ret_from_fork_asm+0x1a/0x30
[  624.274689][   T30]  </TASK>
[  625.016113][   T30] Kernel Offset: disabled
[  625.020447][   T30] Rebooting in 86400 seconds..