last executing test programs:

2m3.063425749s ago: executing program 3 (id=923):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_init1(0x800)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r5, 0x4008af22, &(0x7f0000000100)={0x1})
setns(0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000240)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x9, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f00000000c0)=['']})

2m1.150120438s ago: executing program 3 (id=926):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0x84, 0x30, 0x1, 0xe4, 0x25dfdbfc, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x20000000, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0)

2m0.92013882s ago: executing program 3 (id=928):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)

1m59.570748088s ago: executing program 3 (id=934):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
recvmmsg(r1, &(0x7f0000003180)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=""/24, 0x18}], 0x1}, 0x8}], 0x1, 0x2002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
epoll_create1(0x80000)
r3 = dup(r2)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x1}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0/file0\x00', 0x0, 0x18e5811, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x84000, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000080)={0x0, 0x17000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m58.372005235s ago: executing program 3 (id=939):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
chdir(&(0x7f0000000140)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) (fail_nth: 1)

1m57.744302745s ago: executing program 3 (id=943):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xe, &(0x7f00000003c0)=@raw=[@jmp={0x5, 0x1, 0x6, 0x3, 0x8, 0x1, 0xfffffffffffffff0}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @jmp={0x5, 0x0, 0x9, 0xa, 0x4, 0xc, 0xfffffffffffffff0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xc4f}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x2}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = io_uring_setup(0x67bb, 0x0)
io_uring_enter(r2, 0x0, 0x0, 0xf, &(0x7f0000000000), 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0)
write(r3, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, 0x0, 0x0)
keyctl$update(0x2, 0x0, &(0x7f0000000340), 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)

1m57.600365594s ago: executing program 32 (id=943):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xe, &(0x7f00000003c0)=@raw=[@jmp={0x5, 0x1, 0x6, 0x3, 0x8, 0x1, 0xfffffffffffffff0}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @jmp={0x5, 0x0, 0x9, 0xa, 0x4, 0xc, 0xfffffffffffffff0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xc4f}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x2}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = io_uring_setup(0x67bb, 0x0)
io_uring_enter(r2, 0x0, 0x0, 0xf, &(0x7f0000000000), 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0)
write(r3, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, 0x0, 0x0)
keyctl$update(0x2, 0x0, &(0x7f0000000340), 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)

10.947097775s ago: executing program 4 (id=1341):
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x99b538f3e1a57545)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000480)="c71a27169bd4b91ccf3456058e19137e804a8a23287cd4961061ecad69c7a5a216b7fb6c1f0e762226aeff8b0b0e0612a05615e3c4f7ec3d1051b239115651c09e1a224565f2af63c84e74c671cf9bb74a", 0x51)
syz_usb_connect(0x5, 0xa8, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xc4, 0x72, 0xc2, 0xff, 0x1bc7, 0x36, 0xdde6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc9, 0x1, 0xff, 0x0, 0xc0, 0x1, [{{0x9, 0x4, 0xa5, 0x5, 0x1, 0x2, 0xd, 0x0, 0x5, [], [{{0x9, 0x5, 0x4, 0x10, 0x40, 0x81, 0x35, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0xee9b9777a22a1482, 0x68, 0xfff}, @generic={0xa7, 0x23, "065e2311444f505b5fc2304927a147f4c4772249dd87b72d165760233edf5fbbed8dfc0d37b1515713553c3f034479af41d7fbed46429cdd543a2a048a925da52d38c6982262b623e66cd06f8b91d67b58b751e141b996328f5a3c53ab7cd42c56e78518a5b777f16dfbf9bdf3e7d1653589a6313037c2f0ab9a668c867dc893287c1a642576f138a605e17f126d65443df533539b957ba5f962d1dc058f97cbc9dca1c329"}]}}]}}]}}]}}, 0x0)
syz_usb_connect$cdc_ncm(0x5, 0x73, &(0x7f0000000140)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x61, 0x2, 0x1, 0xb3, 0x40, 0xe0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xfffa}, {0xd, 0x24, 0xf, 0x1, 0x40917994, 0x200, 0x1, 0xab}, {0x6, 0x24, 0x1a, 0x2, 0x1a}, [@obex={0x5, 0x24, 0x15, 0x40}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x80, 0xd, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0xb3, 0x10, 0x88}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x5, 0x9, 0x5}}}}}}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x9, 0x1, 0x7, 0x10, 0x2}, 0xc0, &(0x7f00000001c0)={0x5, 0xf, 0xc0, 0x2, [@generic={0xb4, 0x10, 0xb, "0512b0b97cb318dfc102594a862f8a4ad5e49e23151d983ceec180388b8cb784e9b71b0de47cb88c70bd572961721549f3aee16365609ccf71e3087cde8b3efc243fa408e7754c582e7b3e524d02dd668cb30a856414105a8ead2fb378b8512c0a9278be937717020729723777786afc1e70581fc57b7b441f71d7a42b59d8a3ec5ffe9a6cc418a56c9684a11819c90696d3dbf2fc9c35891f079eec97cc0a6360be70e736c77175d46d9209430e90ee48"}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x0, 0x6, 0x1}]}, 0x1, [{0x14, &(0x7f0000000280)=@string={0x14, 0x3, "2fffc6e1a15f971b43acb6c0db95dec1dc0d"}}]})
syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000300)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x7, 0xa0, 0x3, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x7, 0x1, 0x3, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x40, 0x9, 0x81, 0xff}}}}}]}}]}}, &(0x7f0000000440)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x201, 0x5, 0x9, 0x3, 0x40, 0x1}, 0x17, &(0x7f0000000380)={0x5, 0xf, 0x17, 0x2, [@wireless={0xb, 0x10, 0x1, 0x2, 0x24, 0x0, 0x8, 0x5, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x1, 0x8, 0x8}]}, 0x2, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x3c0a}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x3409}}]})

9.951913507s ago: executing program 1 (id=1350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdef0, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x1c, 0x80)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
ioctl$TCFLSH(r5, 0x404c4701, 0x20000000)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x3)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@datasec={0x2, 0x1, 0x0, 0xf, 0x3, [{}], "44942d"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "84"}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x44, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000080)=0x7f)

8.827400996s ago: executing program 5 (id=1351):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}]}, 0x20}}, 0x0)

8.696873737s ago: executing program 1 (id=1352):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)

8.669824208s ago: executing program 5 (id=1353):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000001c0)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x2000000, @local}, 0x1c, 0x0}}], 0x1, 0x0)

8.594823376s ago: executing program 1 (id=1354):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@my=0x1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000180)={0x0, 0x1}, 0xe800, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
lsetxattr$security_capability(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[])

8.536153047s ago: executing program 5 (id=1356):
r0 = semget$private(0x0, 0x6, 0x0)
semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
semop(r0, &(0x7f0000000180)=[{0x4}, {}], 0x1f4)

7.988841443s ago: executing program 1 (id=1358):
socket$inet6(0xa, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xfffffffffffffffc}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioperm(0x200, 0x10, 0x100000004)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))
prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000a35000/0x1000)=nil)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x10, &(0x7f0000006000)=[@in={0x2, 0x0, @local}]}, &(0x7f0000005ec0)=0x10)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000300)='./file0\x00')
getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x85, &(0x7f0000005f40)={r3}, &(0x7f0000005e80)=0xfc9e)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x2}}, 0x10)
bind$tipc(r4, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x43}}, 0x10)
bind$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0xabe2e5fe770be7e9, {{0x42}}}, 0x10)

7.13894756s ago: executing program 5 (id=1360):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
fallocate(r0, 0x1, 0x7, 0x2)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000200)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000400)='wg1\x00', 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r3}, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{}]}]}}, 0x0, 0x32, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp6}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x1}]}}}]}, 0x40}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x301, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}]}]}, 0x54}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)={0xd0, 0x0, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@CTA_TUPLE_ORIG={0x4c, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @multicast1}}}]}, @CTA_SEQ_ADJ_ORIG={0x34, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xfff}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x97}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x101}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x9}]}, @CTA_SEQ_ADJ_ORIG={0x34, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x9}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xd6}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xfffffff8}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0xd0}, 0x1, 0x0, 0x0, 0x20044008}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e7cc6120c4108a818f7d0102030109021b04010000c00509042300010300000009058503"], 0x0)

6.889128626s ago: executing program 0 (id=1361):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000140)="d800000018007b29e00212ba0d8105040a601800fe0f040b067c55a1bc000900b80006990600000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f16e9cb500"/216, 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0) (fail_nth: 6)

6.888900537s ago: executing program 2 (id=1362):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000300)={0x0, 0x2}, 0x4)
syz_emit_ethernet(0xfdef, &(0x7f0000001c80)={@random="e904a21200", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x1, 0x4, 0x0, @void}}}}}}}, 0x0)

6.844495498s ago: executing program 4 (id=1363):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f42fc3199f000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af735ed41793bdf9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbc68223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f00001000000000eeff7c5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729eec082830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d424c14283a94395b64645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d620100000000000000494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd779a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9b0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000002684c2d8eb8cac98930fa6a893ca44c0f64c07a87eb7b05f56ca6c70cb3a0eb328a15fe96a88235155e6d64bd434f641ddf9db2245e47e5904453577895dd8"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r3, 0x0, 0x0, 0x20010004, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000001c0)={0x0, 0x4100, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r2, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x40)

6.008901545s ago: executing program 2 (id=1364):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0xe)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b1b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080)={0x0, <r7=>0x0}, &(0x7f00000000c0)=0x5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x34, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_TX_RATES={0x18, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x30]}, @NL80211_TXRATE_HT={0x5, 0x2, [{}]}]}]}]}, 0x34}}, 0x0)
ioprio_get$uid(0x3, r7)
mount(&(0x7f0000000140), &(0x7f00000006c0)='./file0\x00', &(0x7f0000000800)='9p\x00', 0x0, &(0x7f0000000540)='trans=tcp,7\x8eH\x18QIQoI\x96\xfa\xc3\x10}\x9eJ\xeb\' \xcc\xfc:g;\xf4:~Ht~\v\xd9l\xbf\xdd\x16\xc9\x8a\x9a\x8a>t!bKVB\x87>f\xb2\xe7\xe0\x03\x02\xd1C\x1b\xf1-\x83SJ%,\xdf\x17\x1ada\x90\x11\xd4d\xb5\x06,P\xd4\xeb\xfa\xbdO\x82W\xee\xe3;\xf1\xc6\x03\x13\xe9\x8474\xf3\xa8\xeb\x9b=-\xa3@\x89\x1c\xec\x94\xe9\xc2\x16\x19\xc5\x9d\x01\xe2\x12\xc6\x82\x00\xc6Xf\x92Uy\x99E\xf3U')
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
r11 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r11, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8)
r12 = syz_open_procfs(0x0, &(0x7f0000002400)='net/netstat\x00')
read$FUSE(r12, &(0x7f0000002500)={0x2020}, 0x2020)
write$binfmt_aout(r11, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000b5"], 0xc8)

6.008278152s ago: executing program 4 (id=1365):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
lseek(0xffffffffffffffff, 0x8ce, 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x3352a6f359e879f0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x7, 0x30}, 0xc)
sendto$inet(r5, &(0x7f0000000040)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000280)='p', 0x29fcb, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f0000000300)="ab", 0x1, 0x0, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r8, 0xc004562f, &(0x7f00000000c0)=0x2000001)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000002140)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="300000005eb02557eae3351c11c8dc97272c16dba18462014001a28ef48dc80d27d8ba03cf09c346cd8c58a0541ec4c9017baa2b383e1c19a7d62937d464bedbf43a43060098486ad460f8e1bd89187f57222be4949f3b29a32e2db24a3b1a1a552adf6c454ad099c25abd58c56075c2ea879030a284608538c41cce96770ba742ff8a5cad30efee93412184fc0bdc1c00b9fc3a7cd6dea7e18dbddcaa0b346c3b3162eaa26531bde08d9b89699b8ed8502ab3840a80fb05741307a5285b895c88d10283fb322401bf264b5d3221dddcabbf26e8c3c4fe830f85e4011196e96bee6c5034faac4cf017717b899a960c810691b75e864e4962baaf9fb7e85b9a03d9", @ANYRES16=r6, @ANYBLOB="05002dbd7000000000004400000008000300", @ANYRES32=r9, @ANYBLOB="0a001800030303030303000008006b000f000000"], 0x30}}, 0x40000)
getdents64(r0, &(0x7f00000001c0)=""/46, 0x2e)
getdents(r0, 0x0, 0x58)

5.65205575s ago: executing program 0 (id=1366):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000140)=0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
r2 = io_uring_setup(0x1329, &(0x7f0000001200)={0x0, 0x92b5, 0x10, 0x2, 0x3a0})
io_uring_register$IORING_UNREGISTER_RING_FDS(r2, 0x15, &(0x7f0000002300)=[{0x0, 0x1, 0x0, 0x0, 0x0}], 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCGSOFTCAR(r3, 0x5419, &(0x7f0000000180))

4.220970875s ago: executing program 4 (id=1367):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb0100180000000000000037000000240000000a000000080000000200000f050000000e199077295faec4b40000000600000003000000f7ffffff00610061000000002e00"], 0x0, 0x46, 0x0, 0x6, 0x0, 0x0, @void, @value}, 0x28)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
clock_gettime(0x0, &(0x7f0000000100)={<r2=>0x0, <r3=>0x0})
clock_gettime(0x0, &(0x7f0000000140))
clock_gettime(0x0, &(0x7f0000000180))
timer_create(0x7, &(0x7f0000000240)={0x0, 0x1b, 0x2, @tid=r1}, &(0x7f0000000280)=<r4=>0x0)
clock_gettime(0x0, &(0x7f00000002c0)={<r5=>0x0, <r6=>0x0})
timer_settime(r4, 0x0, &(0x7f00000000c0)={{r2, r3+60000000}, {r5, r6+60000000}}, 0x0)
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff})
splice(r0, 0x0, r7, 0x0, 0xa3, 0x2)

4.181595234s ago: executing program 1 (id=1368):
socket$kcm(0x2, 0xa, 0x2)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000046365608b40413868f95010201010902120001000000000904"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
listen(r2, 0x3)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000840)=@newqdisc={0x80, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{}, [@TCA_NETEM_LOSS={0x34, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GI={0x4}]}]}}}]}, 0x80}}, 0x0)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r5)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0xe41, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), 0xffffffffffffffff)

4.100005639s ago: executing program 4 (id=1369):
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x284c1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x131)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
flock(r0, 0x5)
r1 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00')
preadv(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$key(0xf, 0x3, 0x2)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000200)={0x100000011, @multicast2, 0x0, 0x0, 'lc\x00', 0x20, 0x1000, 0x10004d}, 0x2c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r4)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0xffa7, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

3.98329808s ago: executing program 0 (id=1370):
io_uring_setup(0x1fc3, &(0x7f00000002c0))
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
open(0x0, 0x64842, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d00000004000000070000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setns(0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x44}}, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='sysv\x00', 0x1005b, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000240)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x9, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f00000000c0)=['']})

3.398510165s ago: executing program 2 (id=1371):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_stats={0x1d, 0x8, [0x1, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4, 0x15, 0x3, 0x9, 0x5b2e]}})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x0, 0xa}}}, 0x24}}, 0x0)

3.160027954s ago: executing program 5 (id=1372):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000140)={0x7, 0x8, 0xfa00, {r3, 0x9}}, 0x10)
close(r2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r6, r5, 0x7, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r6, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r4}, 0x20)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
r7 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x121201, 0x0)
write$dsp(r7, &(0x7f00000001c0)="d2", 0x1)
ioctl$SNDCTL_DSP_SPEED(r7, 0xc0045002, &(0x7f00000000c0)=0x7ff)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009e173610ef171e7206de0102030109021200010000000009040000000206"], 0x0)
syz_usb_control_io$hid(r8, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="00000700000035da144f"], 0x0, 0x0, 0x0, 0x0})

3.094258774s ago: executing program 4 (id=1373):
prctl$PR_SCHED_CORE(0x3e, 0x800000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @mcast1, 0x2}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='mountinfo\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)={0x90000008})
mkdir(&(0x7f0000000000)='./file0\x00', 0x4f)
mount$bind(&(0x7f0000000380)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

2.84210709s ago: executing program 2 (id=1374):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r1 = eventfd(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
read$eventfd(r1, &(0x7f0000000040), 0x8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
timer_settime(r3, 0x0, &(0x7f0000000180)={{0x77359400}}, &(0x7f0000000200))
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000280)={r4, 0xffffffffffffffff, 0x80, 0x2a, &(0x7f0000000200)="63acaca2f67c3aca33ea5abd878f6b5646ca8e21fe0610517ea4b7ed7ec9a1d8aca722ad000235d29a9c", 0x5, 0x6, 0x5, 0xff68, 0xfc00, 0x5, 0x1, 'syz0\x00'})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$vga_arbiter(r8, &(0x7f0000000600)=@other={'unlock', ' ', 'none'}, 0xc)
splice(0xffffffffffffffff, 0x0, r5, 0x0, 0xffffffffffff8000, 0x0)

1.118557799s ago: executing program 0 (id=1375):
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x5c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xf}}]}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8, 0x3}]}, 0x5c}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de00000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
socket(0xa, 0x3, 0x3a)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000700), 0x141000, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000240), &(0x7f00000003c0)=r7}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x1, 0xffffffff}}}}}, 0x0)

892.795398ms ago: executing program 2 (id=1376):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty, 0xfffffffe}, 0x1c)
listen(r0, 0x400000001ffffffd)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, 0x0, 0x0)

833.641082ms ago: executing program 0 (id=1377):
r0 = io_uring_setup(0x4f01, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1aa})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x800, 0x0)
io_uring_setup(0x39e5, 0x0)
syz_io_uring_setup(0x6580, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)}, 0x4040004)
close_range(r0, 0xffffffffffffffff, 0x0)

639.892605ms ago: executing program 2 (id=1378):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xe, 0xf, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000300)={0x0, 0x2}, 0x4)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
r3 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$IPSET_CMD_PROTOCOL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0000000000ad9f9a02d395ec463df70401540c30"], 0x14}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_io_uring_setup(0x1002943, &(0x7f0000001400)={0x0, 0x0, 0x10}, &(0x7f0000001480), &(0x7f00000014c0))
syz_io_uring_setup(0x7540, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000200)=<r7=>0x0)
r8 = syz_io_uring_setup(0x34ef, &(0x7f0000000400)={0x0, 0x0, 0x1}, &(0x7f00000003c0)=<r9=>0x0, &(0x7f0000001480))
syz_io_uring_submit(r9, r7, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r8, 0x0, 0x0})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_elf64(r10, &(0x7f0000000fc0)=ANY=[@ANYBLOB="7f"], 0x78)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r10, 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r11, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40)

502.981297ms ago: executing program 0 (id=1379):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$cgroup_int(r1, &(0x7f00000000c0)=0x7, 0x12)
read$msr(r1, &(0x7f0000000000)=""/16, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = memfd_create(&(0x7f0000000680)='#}\x04\xe4\xfc\x1e\xff~\xb1\xe0\xa5\x9d\xc8\xca3\'\x12xY!\xa4\x9c\x97\xf1\xfc\xb0\xe8~\x91\xd5\x04i}\x03\x00@\x0e\xe6\x995b\x00\x00\x00\x00\x00\x00\x00\x8e\x96\xb7=\xb9OmILO\x8d\x00\x00\x00\x00\x00\xfe\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
setsockopt$inet_udp_int(r4, 0x11, 0x67, 0x0, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}]}, 0x1c}}, 0x0)
sendmsg$NFC_CMD_START_POLL(r8, 0x0, 0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r9, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
sendmsg$NFC_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x26c, 0x0, 0x300, 0x70bd28, 0x25dfdbff, {}, [@NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_VENDOR_DATA={0x3a, 0x1f, "26f811f5be9376d9863d18cc710bcb0ce4e8afb465534c666426b7e9b1d91e8d5dd808de7e0ed2a2f886525be7091fcce4fcceac5d86"}, @NFC_ATTR_VENDOR_DATA={0x72, 0x1f, "9ff4b524ab5ad4f27bb13127583e66a1db8a024f854f8d749a2b4a3f2dec5c1ad1ddcfb4b94eb404d47d7faf58e8b22786180db830b4a19dc52cdf5a7cb2642a2d3a963f54a2a3859940d1a906f459c5cbe91be37b215f910a93c07baa5f5c1244045a037d2f53a1fe436dca6976"}, @NFC_ATTR_VENDOR_DATA={0xe3, 0x1f, "b6e82bea3034ca51d7e40a5d53b7981f63b22d976ab8b6f94ed09a58e18ec4d6e9a48107da997e22144846259d0f51dc586b5de36293e758567c8f6a6f760f022c2f203aa56c0e37d0ecd0004f5d26fc8d384dd8fafe7aa73feaf5e58484483ff0bd79eb2d66a66b6da7bc5f9b6704434ba52b1b3a433fa1bd4d2f1cebde968f3ad4de0796b795497e37c66974d7605dcb5e483dbd9f3157893201e6e62dcd51c0b426969dcf2b1642f0ed7822081cd6901820ea96c086d58bf52af6b9ec6dba8ae304e9c2a52b7be712ef97e5edc6ebc9afbea1e5a8eabea782f98c70418f"}, @NFC_ATTR_VENDOR_DATA={0x9b, 0x1f, "e2ce794940a2c2e25e995ebc551ef1e9c27884f743d33f2f32051ef756a57752480e99d1c52d2d4871f6833b45400c4a90f4ebc2ea632a9326563cc1568e9dd38a423de9ad3b3945b45f07d580a8cb807de36fe678893ce72a381d4b10334f5eb43ffb2dac46cb380e351f2489b82cd6382592a67293f23cf82418a7c5c9da11ce89dbc98d65b4b0dd45015ab224819cf65b7fae84278e"}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x7}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7ff}]}, 0x26c}}, 0x10d0)
sendmsg(r2, &(0x7f00000005c0)={&(0x7f0000000180)=@nfc={0x27, r7, 0x0, 0x7}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000440)="a10c62118db25b5511f89e0c7ec274dea79427a821cffce3589b1f27ef7338ac407674456f232e1f71cbe7b3a329cdc03fb16cb7cb7565c5e088eec9016e942c4cf7528ab1a4c548e09611b789027cb618fda259042a6c824076b9e693419b0220b0bf40df9f89e9aa65ab7d689c7ee286e9d3912d24647993c6c2dfe3a173a71ce698db9def133165bd4e69fc405b39426f27", 0x93}, {&(0x7f0000000240)="c128c560b76168104bd7225ade0d0c470f60d53d56ff64c402af60726ea7dc9a59ee384978050ab33a365b867048ef0b7899f5f79bbc1f89194287e164e6145035232f0ea6807d9fb608648e305320455b441140f09e44899d0d3135dd8e2e5714455efa0f", 0x65}, {&(0x7f0000000500)="4804802c143cb281847f463a01899e1e4f13c221365f4d6277abc63355a558726d80201e8ce36f6b3891bf5e85ee405700c2e34bccd1efdea08552492a44eac8a25f99f2eb706946306453211309a0f108e15bd66ebd87e353b15dd287e7eeb0280254c45428a7366f7067e482ad9cad1cba41f4371b2fd20e9b7f209de1bdcc987a9ed15ddb9e629800cec12b9affc8410f156e414ac17fcea8b501355ab94f4eaad0967ab5a30e1078864e66844af4443508c1dd9a71e07e", 0xb9}, {&(0x7f0000000040)="dd2fe84979de937465e531cde0d2cffb305593ea0b133ad6eb7b3c563af3867925a3866785e1093ceda3b0", 0x2b}, {&(0x7f0000000700)="7f355791d31fbc2dda3fdd9ae609e69900ed2d665065dcc7296a6e9ab6d8bb3f2a8d7e847e0a9c4cb69857fbbfc7bc40ad727ed251fb2dc5dc5a997bfb0d5b39170853e906cad9999a9b1b1f1e4895e72ca44fb45e8a5d6b3756645239fc31c45ca7a0421e34fe15ac3a879b1888a22f0c1a07ec8d0084a9eebde7fc6fe33964aafbdf05a9638fd0967c6c76f7a319c80b870b7221d4595c31b63aa73f5ef2806766d4400b8a8dd72c0b88285104277889bc8b2d0994f58e0767f9f3ee86c7ae3ec7b9be5d360566a772ef7fe00f9051ee4035fac6e5f765e6c801bc39faca29f43fa846cb66", 0xe6}, {&(0x7f0000000800)="6606920a9647749892da13f7069228f9d2b2896a4f879fb1d5e222e4e1a0c85131233c0872857b473796bfa21ef6df87b84deae1f669bbd656ec912a53143d3a98124b340fc7f488a3928837b841f8d227e147063861b237482f9e5c6b3db5a64140aecb31318a47be89d089bdd23d28caef3b657a8da6281c43943efc978fa115e592aa4e4190bf6be2abfb66387e41c177391c9d08e86a0da4a50adc1447ca251c345ee78eff97ffa1377717e4b0ee235fdce13035d82691764cc922963ca8fe872a85dfe345", 0xc7}], 0x6}, 0x10)
ftruncate(r5, 0x40001)
sendfile(r4, r5, 0x0, 0xffe3)
syz_open_procfs(0x0, 0x0)

430.547274ms ago: executing program 1 (id=1380):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000300), 0x6)
recvmmsg(r0, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)

0s ago: executing program 5 (id=1381):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0xe)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b1b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0x5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x34, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_TX_RATES={0x18, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x30]}, @NL80211_TXRATE_HT={0x5, 0x2, [{}]}]}]}]}, 0x34}}, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(&(0x7f0000000140), &(0x7f00000006c0)='./file0\x00', &(0x7f0000000800)='9p\x00', 0x0, &(0x7f0000000540)='trans=tcp,7\x8eH\x18QIQoI\x96\xfa\xc3\x10}\x9eJ\xeb\' \xcc\xfc:g;\xf4:~Ht~\v\xd9l\xbf\xdd\x16\xc9\x8a\x9a\x8a>t!bKVB\x87>f\xb2\xe7\xe0\x03\x02\xd1C\x1b\xf1-\x83SJ%,\xdf\x17\x1ada\x90\x11\xd4d\xb5\x06,P\xd4\xeb\xfa\xbdO\x82W\xee\xe3;\xf1\xc6\x03\x13\xe9\x8474\xf3\xa8\xeb\x9b=-\xa3@\x89\x1c\xec\x94\xe9\xc2\x16\x19\xc5\x9d\x01\xe2\x12\xc6\x82\x00\xc6Xf\x92Uy\x99E\xf3U')
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
r10 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r10, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8)
r11 = syz_open_procfs(0x0, &(0x7f0000002400)='net/netstat\x00')
read$FUSE(r11, &(0x7f0000002500)={0x2020}, 0x2020)
write$binfmt_aout(r10, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000b5"], 0xc8)

kernel console output (not intermixed with test programs):

strings: Mfr=1, Product=2, SerialNumber=3
[  323.888439][    T8] usb 4-1: Product: syz
[  323.910788][    T8] usb 4-1: Manufacturer: syz
[  323.939182][    T8] usb 4-1: SerialNumber: syz
[  323.950794][    T8] usb 4-1: config 0 descriptor??
[  324.725073][    T8] gspca_main: etoms-2.14.0 probing 102c:6251
[  324.818370][ T8743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.778'.
[  324.835034][    T8] usb 4-1: USB disconnect, device number 25
[  326.936453][   T46] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  327.059673][ T1582] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  329.832537][ T8793] IPVS: set_ctl: invalid protocol: 8 224.0.0.1:20002
[  329.862974][ T8792] tmpfs: Unknown parameter 'nr_ino'
[  329.890507][   T46] usb 4-1: device descriptor read/64, error -71
[  330.000369][ T1582] usb 1-1: Using ep0 maxpacket: 16
[  330.006371][ T1582] usb 1-1: device descriptor read/all, error -71
[  332.249764][    T8] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  332.449668][ T5866] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  332.600123][ T5866] usb 2-1: device descriptor read/64, error -71
[  332.770157][   T46] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  332.900273][ T5866] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  332.999678][    T8] usb 3-1: Using ep0 maxpacket: 8
[  333.002207][   T46] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  333.011174][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  333.021344][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  333.029274][    T8] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  333.039363][ T8839] fuse: Bad value for 'group_id'
[  333.048551][ T8839] fuse: Bad value for 'group_id'
[  333.048644][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.054811][ T5866] usb 2-1: device descriptor read/64, error -71
[  333.068352][   T46] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  333.069385][    T8] usb 3-1: config 0 descriptor??
[  333.079608][   T46] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  333.097266][   T46] usb 4-1: Manufacturer: syz
[  333.117562][   T46] usb 4-1: config 0 descriptor??
[  333.180776][ T1582] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  333.188783][ T5866] usb usb2-port1: attempt power cycle
[  333.202639][   T46] rc_core: IR keymap rc-hauppauge not found
[  333.213675][   T46] Registered IR keymap rc-empty
[  333.221886][   T46] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  333.240797][   T46] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input15
[  333.341255][    C1] igorplugusb 4-1:0.0: Error: urb status = -32
[  333.345588][    T8] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  333.368098][ T1582] usb 5-1: Using ep0 maxpacket: 16
[  333.374640][ T1582] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  333.385988][ T1582] usb 5-1: config 0 interface 0 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  333.398925][ T1582] usb 5-1: config 0 interface 0 has no altsetting 0
[  333.405642][ T1582] usb 5-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00
[  333.414720][ T1582] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.428055][ T1582] usb 5-1: config 0 descriptor??
[  333.540006][ T5866] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  333.570371][ T5866] usb 2-1: device descriptor read/8, error -71
[  333.604435][   T46] usb 3-1: USB disconnect, device number 21
[  333.636435][ T1582] usbhid 5-1:0.0: can't add hid device: -71
[  333.642734][ T1582] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  333.653474][ T1582] usb 5-1: USB disconnect, device number 29
[  333.829712][ T5866] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  333.860637][ T5866] usb 2-1: device descriptor read/8, error -71
[  334.047169][ T5866] usb usb2-port1: unable to enumerate USB device
[  335.254061][    T8] usb 4-1: USB disconnect, device number 28
[  336.716542][   T29] audit: type=1326 audit(1733480282.938:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.738368][   T29] audit: type=1326 audit(1733480282.938:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.759922][   T29] audit: type=1326 audit(1733480282.938:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.781463][   T29] audit: type=1326 audit(1733480282.938:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.803127][   T29] audit: type=1326 audit(1733480282.938:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.825231][   T29] audit: type=1326 audit(1733480282.938:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.847434][   T29] audit: type=1326 audit(1733480282.938:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7016f7ff19 code=0x7ffc0000
[  336.869245][   T29] audit: type=1326 audit(1733480282.938:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7016f81e37 code=0x7ffc0000
[  336.890714][   T29] audit: type=1326 audit(1733480282.938:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f7016f81dac code=0x7ffc0000
[  336.912453][   T29] audit: type=1326 audit(1733480282.938:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8889 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f7016f81ce4 code=0x7ffc0000
[  337.466104][ T8903] openvswitch: netlink: Tunnel attr 222 out of range max 16
[  344.639968][ T8980] trusted_key: encrypted_key: insufficient parameters specified
[  345.067063][ T8986] netlink: 428 bytes leftover after parsing attributes in process `syz.4.847'.
[  345.076999][ T8986] netlink: 32 bytes leftover after parsing attributes in process `syz.4.847'.
[  345.120971][ T8986] team0: entered promiscuous mode
[  345.126055][ T8986] team_slave_0: entered promiscuous mode
[  345.150040][ T8986] team_slave_1: entered promiscuous mode
[  345.199383][ T8986] team0: left promiscuous mode
[  345.218996][ T8986] team_slave_0: left promiscuous mode
[  345.239822][ T8986] team_slave_1: left promiscuous mode
[  346.266049][ T8988] orangefs_mount: mount request failed with -4
[  346.481346][ T8994] netlink: 'syz.3.849': attribute type 11 has an invalid length.
[  346.491559][ T8994] netlink: 12 bytes leftover after parsing attributes in process `syz.3.849'.
[  346.505056][ T8994] team_slave_0: entered promiscuous mode
[  346.511131][ T8994] team_slave_1: entered promiscuous mode
[  346.518785][ T8994] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  346.530611][ T8994] netlink: 12 bytes leftover after parsing attributes in process `syz.3.849'.
[  346.548021][ T8994] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  348.117760][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  348.117804][   T29] audit: type=1326 audit(1733480294.338:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  348.232357][   T29] audit: type=1326 audit(1733480294.338:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  348.253752][    C1] vkms_vblank_simulate: vblank timer overrun
[  348.292228][   T29] audit: type=1326 audit(1733480294.488:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbad8381e37 code=0x7ffc0000
[  348.330679][   T29] audit: type=1326 audit(1733480294.488:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fbad8381dac code=0x7ffc0000
[  348.351983][    C1] vkms_vblank_simulate: vblank timer overrun
[  348.376084][   T29] audit: type=1326 audit(1733480294.488:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbad8381ce4 code=0x7ffc0000
[  348.419692][   T29] audit: type=1326 audit(1733480294.488:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbad8381ce4 code=0x7ffc0000
[  348.455860][   T29] audit: type=1326 audit(1733480294.488:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbad837eb7a code=0x7ffc0000
[  348.528150][   T29] audit: type=1326 audit(1733480294.488:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  348.583420][   T29] audit: type=1326 audit(1733480294.488:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  348.659731][   T29] audit: type=1326 audit(1733480294.488:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9010 comm="syz.2.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  349.919796][    T9] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  350.089753][    T9] usb 3-1: Using ep0 maxpacket: 32
[  350.102926][    T9] usb 3-1: config 0 has an invalid interface number: 219 but max is 0
[  350.179147][    T9] usb 3-1: config 0 has no interface number 0
[  350.292131][    T9] usb 3-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  350.479735][    T9] usb 3-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  350.517495][    T9] usb 3-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  350.566325][    T9] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  350.646577][    T9] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  350.697471][    T9] usb 3-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  350.771798][    T9] usb 3-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  350.804033][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.844505][    T9] usb 3-1: Product: syz
[  350.869800][    T9] usb 3-1: Manufacturer: syz
[  350.894843][    T9] usb 3-1: SerialNumber: syz
[  350.930675][    T9] usb 3-1: config 0 descriptor??
[  350.959515][ T9028] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  350.969002][ T9028] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  352.457484][    T9] etas_es58x 3-1:0.219: Starting syz syz (Serial Number syz)
[  352.489680][    T9] etas_es58x 3-1:0.219: could not retrieve the product info string
[  352.992968][    T9] usb 3-1: USB disconnect, device number 22
[  353.000531][    T9] etas_es58x 3-1:0.219: Disconnecting syz syz
[  356.418648][ T9089] FAULT_INJECTION: forcing a failure.
[  356.418648][ T9089] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.432026][ T9089] CPU: 1 UID: 0 PID: 9089 Comm: syz.0.875 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  356.442632][ T9089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  356.449803][    T9] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  356.452698][ T9089] Call Trace:
[  356.452711][ T9089]  <TASK>
[  356.452720][ T9089]  dump_stack_lvl+0x241/0x360
[  356.452751][ T9089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  356.476347][ T9089]  ? __pfx__printk+0x10/0x10
[  356.480966][ T9089]  ? __pfx_lock_release+0x10/0x10
[  356.486002][ T9089]  should_fail_ex+0x3b0/0x4e0
[  356.490686][ T9089]  strncpy_from_user+0x36/0x270
[  356.495553][ T9089]  path_setxattrat+0x23e/0x510
[  356.500328][ T9089]  ? __pfx_path_setxattrat+0x10/0x10
[  356.505622][ T9089]  ? vfs_write+0x730/0xd30
[  356.510074][ T9089]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  356.516079][ T9089]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  356.522424][ T9089]  __x64_sys_lsetxattr+0xbf/0xe0
[  356.527374][ T9089]  do_syscall_64+0xf3/0x230
[  356.531877][ T9089]  ? clear_bhb_loop+0x35/0x90
[  356.536544][ T9089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.542446][ T9089] RIP: 0033:0x7fca2337ff19
[  356.546869][ T9089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.566474][ T9089] RSP: 002b:00007fca241c5058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  356.574894][ T9089] RAX: ffffffffffffffda RBX: 00007fca23545fa0 RCX: 00007fca2337ff19
[  356.582880][ T9089] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000040
[  356.590864][ T9089] RBP: 00007fca241c50a0 R08: 0000000000000000 R09: 0000000000000000
[  356.598836][ T9089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.606818][ T9089] R13: 0000000000000000 R14: 00007fca23545fa0 R15: 00007ffe0ed6ad18
[  356.609620][    T9] usb 5-1: Using ep0 maxpacket: 32
[  356.614799][ T9089]  </TASK>
[  356.628807][    T9] usb 5-1: config 148 has an invalid interface number: 223 but max is 0
[  356.637711][    T9] usb 5-1: config 148 has no interface number 0
[  356.649667][    T9] usb 5-1: config 148 interface 223 has no altsetting 0
[  356.668300][    T9] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=27.b4
[  356.680095][ T5866] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  356.687398][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.696383][    T9] usb 5-1: Product: syz
[  356.700840][    T9] usb 5-1: Manufacturer: syz
[  356.705675][    T9] usb 5-1: SerialNumber: syz
[  356.839657][ T5866] usb 4-1: Using ep0 maxpacket: 32
[  356.862364][ T5866] usb 4-1: config 148 has an invalid interface number: 223 but max is 0
[  356.871323][ T5866] usb 4-1: config 148 has no interface number 0
[  356.877615][ T5866] usb 4-1: config 148 interface 223 has no altsetting 0
[  356.904667][ T5866] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=27.b4
[  356.919688][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.927712][ T5866] usb 4-1: Product: syz
[  356.939751][ T5866] usb 4-1: Manufacturer: syz
[  356.944386][ T5866] usb 4-1: SerialNumber: syz
[  357.091962][    T9] peak_usb 5-1:148.223 can0: unable to request usb[type=0 value=1] err=-71
[  357.102694][    T9] peak_usb 5-1:148.223: unable to read PCAN-USB X6 firmware info (err -71)
[  357.140842][    T9] peak_usb 5-1:148.223: probe with driver peak_usb failed with error -71
[  357.183399][    T9] usb 5-1: USB disconnect, device number 30
[  357.399818][ T5866] peak_usb 4-1:148.223 can0: unable to request usb[type=0 value=1] err=-71
[  357.427858][ T5866] peak_usb 4-1:148.223: unable to read PCAN-USB X6 firmware info (err -71)
[  357.490972][ T5866] peak_usb 4-1:148.223: probe with driver peak_usb failed with error -71
[  357.542541][ T5866] usb 4-1: USB disconnect, device number 29
[  358.899804][ T1582] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  359.044942][ T9121] netlink: 'syz.1.884': attribute type 21 has an invalid length.
[  359.059716][ T1582] usb 4-1: Using ep0 maxpacket: 32
[  359.066775][ T1582] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  359.069732][ T9121] netlink: 128 bytes leftover after parsing attributes in process `syz.1.884'.
[  359.077689][ T1582] usb 4-1: config 0 has no interface number 0
[  359.102159][ T1582] usb 4-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  359.110441][ T9121] netlink: 'syz.1.884': attribute type 4 has an invalid length.
[  359.120724][ T1582] usb 4-1: config 0 interface 1 has no altsetting 0
[  359.150423][ T9121] netlink: 3 bytes leftover after parsing attributes in process `syz.1.884'.
[  359.170197][ T1582] usb 4-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  359.189201][ T1582] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.205165][ T1582] usb 4-1: Product: syz
[  359.213897][ T1582] usb 4-1: Manufacturer: syz
[  359.223023][ T1582] usb 4-1: SerialNumber: syz
[  359.238276][ T1582] usb 4-1: config 0 descriptor??
[  359.257747][ T9121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.884'.
[  359.282424][ T9129] ptrace attach of "./syz-executor exec"[5820] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  359.480345][ T1582] cx231xx 4-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  359.589477][ T1582] cx231xx 4-1:0.1: Not found matching IAD interface
[  359.605142][ T1582] usb 4-1: USB disconnect, device number 30
[  359.609735][ T9131] netlink: 12 bytes leftover after parsing attributes in process `syz.1.887'.
[  359.707073][ T9135] FAULT_INJECTION: forcing a failure.
[  359.707073][ T9135] name failslab, interval 1, probability 0, space 0, times 0
[  359.723617][ T9135] CPU: 0 UID: 0 PID: 9135 Comm: syz.4.889 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  359.734247][ T9135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  359.744328][ T9135] Call Trace:
[  359.747629][ T9135]  <TASK>
[  359.750579][ T9135]  dump_stack_lvl+0x241/0x360
[  359.755284][ T9135]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.760502][ T9135]  ? __pfx__printk+0x10/0x10
[  359.765122][ T9135]  should_fail_ex+0x3b0/0x4e0
[  359.769825][ T9135]  should_failslab+0xac/0x100
[  359.774519][ T9135]  ? skb_clone+0x20c/0x390
[  359.778951][ T9135]  kmem_cache_alloc_noprof+0x70/0x380
[  359.784356][ T9135]  skb_clone+0x20c/0x390
[  359.788620][ T9135]  __netlink_deliver_tap+0x3cc/0x7f0
[  359.793934][ T9135]  ? netlink_deliver_tap+0x2e/0x1b0
[  359.799170][ T9135]  netlink_deliver_tap+0x19d/0x1b0
[  359.804299][ T9135]  netlink_unicast+0x7c4/0x990
[  359.809091][ T9135]  ? __pfx_netlink_unicast+0x10/0x10
[  359.814395][ T9135]  ? __virt_addr_valid+0x183/0x530
[  359.819526][ T9135]  ? __check_object_size+0x48e/0x900
[  359.824829][ T9135]  netlink_sendmsg+0x8e4/0xcb0
[  359.829622][ T9135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.834933][ T9135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.840239][ T9135]  __sock_sendmsg+0x221/0x270
[  359.844949][ T9135]  ____sys_sendmsg+0x52a/0x7e0
[  359.849754][ T9135]  ? __pfx_____sys_sendmsg+0x10/0x10
[  359.855063][ T9135]  ? __fget_files+0x2a/0x410
[  359.859677][ T9135]  ? __fget_files+0x2a/0x410
[  359.864300][ T9135]  __sys_sendmsg+0x269/0x350
[  359.868937][ T9135]  ? __pfx_lock_release+0x10/0x10
[  359.873999][ T9135]  ? __pfx___sys_sendmsg+0x10/0x10
[  359.879148][ T9135]  ? __pfx_vfs_write+0x10/0x10
[  359.883978][ T9135]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  359.890325][ T9135]  ? do_syscall_64+0x100/0x230
[  359.895087][ T9135]  ? do_syscall_64+0xb6/0x230
[  359.899759][ T9135]  do_syscall_64+0xf3/0x230
[  359.904272][ T9135]  ? clear_bhb_loop+0x35/0x90
[  359.908988][ T9135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.914878][ T9135] RIP: 0033:0x7fe8fd17ff19
[  359.919286][ T9135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.938885][ T9135] RSP: 002b:00007fe8fdfb4058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  359.947294][ T9135] RAX: ffffffffffffffda RBX: 00007fe8fd345fa0 RCX: 00007fe8fd17ff19
[  359.955258][ T9135] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  359.963220][ T9135] RBP: 00007fe8fdfb40a0 R08: 0000000000000000 R09: 0000000000000000
[  359.971184][ T9135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.979160][ T9135] R13: 0000000000000000 R14: 00007fe8fd345fa0 R15: 00007ffed959df38
[  359.987162][ T9135]  </TASK>
[  366.597920][ T9204] netlink: 28 bytes leftover after parsing attributes in process `syz.3.907'.
[  367.853450][ T9235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.915'.
[  369.209680][ T1582] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  370.269897][ T1582] usb 3-1: config 5 has an invalid interface number: 123 but max is 0
[  370.290630][ T1582] usb 3-1: config 5 has no interface number 0
[  370.300166][ T1582] usb 3-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  370.315629][ T1582] usb 3-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  370.325802][ T1582] usb 3-1: config 5 interface 123 has no altsetting 0
[  370.449737][ T1582] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  370.458972][ T1582] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.489349][ T1582] usb 3-1: Product: syz
[  370.523096][ T1582] usb 3-1: Manufacturer: syz
[  370.557084][ T1582] usb 3-1: SerialNumber: syz
[  371.693581][ T1582] ni6501 3-1:5.123: driver 'ni6501' failed to auto-configure device.
[  371.706788][ T1582] usb 3-1: USB disconnect, device number 23
[  373.519422][ T9315] FAULT_INJECTION: forcing a failure.
[  373.519422][ T9315] name failslab, interval 1, probability 0, space 0, times 0
[  373.560130][ T9315] CPU: 1 UID: 0 PID: 9315 Comm: syz.0.942 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  373.570757][ T9315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  373.580814][ T9315] Call Trace:
[  373.584107][ T9315]  <TASK>
[  373.587047][ T9315]  dump_stack_lvl+0x241/0x360
[  373.591756][ T9315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.596976][ T9315]  ? __pfx__printk+0x10/0x10
[  373.601593][ T9315]  ? fs_reclaim_acquire+0x93/0x130
[  373.606728][ T9315]  ? __pfx___might_resched+0x10/0x10
[  373.612041][ T9315]  should_fail_ex+0x3b0/0x4e0
[  373.616743][ T9315]  should_failslab+0xac/0x100
[  373.621441][ T9315]  __kmalloc_noprof+0xdd/0x4c0
[  373.626225][ T9315]  ? kstrtouint_from_user+0x128/0x190
[  373.631616][ T9315]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  373.637357][ T9315]  tomoyo_realpath_from_path+0xcf/0x5e0
[  373.642936][ T9315]  tomoyo_path_number_perm+0x236/0x860
[  373.648413][ T9315]  ? __lock_acquire+0x1397/0x2100
[  373.653458][ T9315]  ? tomoyo_path_number_perm+0x206/0x860
[  373.659106][ T9315]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  373.665137][ T9315]  ? __fget_files+0x2a/0x410
[  373.669765][ T9315]  ? __fget_files+0x2a/0x410
[  373.674387][ T9315]  security_file_ioctl+0xc6/0x2a0
[  373.679430][ T9315]  __se_sys_ioctl+0x46/0x170
[  373.684045][ T9315]  do_syscall_64+0xf3/0x230
[  373.688582][ T9315]  ? clear_bhb_loop+0x35/0x90
[  373.693289][ T9315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.699214][ T9315] RIP: 0033:0x7fca2337ff19
[  373.703652][ T9315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.723284][ T9315] RSP: 002b:00007fca241a4058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  373.731732][ T9315] RAX: ffffffffffffffda RBX: 00007fca23546080 RCX: 00007fca2337ff19
[  373.739732][ T9315] RDX: 0000000000000000 RSI: 000000000000541b RDI: 0000000000000009
[  373.747726][ T9315] RBP: 00007fca241a40a0 R08: 0000000000000000 R09: 0000000000000000
[  373.755724][ T9315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.763719][ T9315] R13: 0000000000000001 R14: 00007fca23546080 R15: 00007ffe0ed6ad18
[  373.771724][ T9315]  </TASK>
[  373.861890][ T9315] ERROR: Out of memory at tomoyo_realpath_from_path.
[  373.947268][ T5827] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  373.964963][ T5827] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  373.995787][ T5827] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  374.027539][ T5827] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  374.039503][ T5827] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  374.086036][ T5827] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  374.172243][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  374.184307][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  374.195143][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  374.203944][ T5824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  374.211646][ T5824] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  374.218947][ T5824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  376.393170][ T5827] Bluetooth: hci2: command tx timeout
[  377.113207][ T9326] chnl_net:caif_netlink_parms(): no params data found
[  378.392180][ T9326] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.405440][ T9326] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.413002][ T9326] bridge_slave_0: entered allmulticast mode
[  378.456039][ T5827] Bluetooth: hci2: command tx timeout
[  378.503222][ T9326] bridge_slave_0: entered promiscuous mode
[  378.532080][ T9326] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.569848][ T9326] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.580485][ T9326] bridge_slave_1: entered allmulticast mode
[  378.587489][ T9326] bridge_slave_1: entered promiscuous mode
[  378.627440][ T9326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.639361][ T9326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.717657][ T9326] team0: Port device team_slave_0 added
[  378.732325][ T9326] team0: Port device team_slave_1 added
[  378.788782][ T9326] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.809722][ T9326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.852697][ T9326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.900954][ T9326] batman_adv: batadv0: Adding interface: batadv_slave_1
[  378.906773][ T9377] openvswitch: netlink: Tunnel attr 222 out of range max 16
[  378.913128][ T9326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.966542][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  379.014236][ T9326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.232268][ T9326] hsr_slave_0: entered promiscuous mode
[  379.866788][ T9326] hsr_slave_1: entered promiscuous mode
[  379.900674][ T9326] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  379.981747][ T9326] Cannot create hsr debugfs directory
[  380.521296][ T5827] Bluetooth: hci2: command tx timeout
[  380.962772][ T9326] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  381.008426][ T9326] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  381.042358][ T9326] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  381.054627][ T9326] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  381.188697][ T9326] 8021q: adding VLAN 0 to HW filter on device bond0
[  381.248595][ T9326] 8021q: adding VLAN 0 to HW filter on device team0
[  381.283687][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.290887][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  381.299913][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.307051][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  381.442811][ T9326] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  381.467595][ T9326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  382.374140][ T9419] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma?
[  382.658682][ T5827] Bluetooth: hci2: command tx timeout
[  382.665704][ T9427] netlink: 76 bytes leftover after parsing attributes in process `syz.4.971'.
[  382.684271][ T9326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  382.696757][ T9427] dvmrp1: entered allmulticast mode
[  386.507943][ T9458] mmap: syz.1.980 (9458) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  386.684286][ T9326] veth0_vlan: entered promiscuous mode
[  386.717609][ T9326] veth1_vlan: entered promiscuous mode
[  386.765225][ T9326] veth0_macvtap: entered promiscuous mode
[  386.822850][ T9326] veth1_macvtap: entered promiscuous mode
[  386.886413][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.927567][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.937561][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.948382][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.958887][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.969593][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.980364][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.991441][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.005073][ T9326] batman_adv: batadv0: Interface activated: batadv_slave_0
[  387.044412][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  387.044429][   T29] audit: type=1800 audit(1733480333.268:210): pid=9470 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.984" name="/" dev="9p" ino=2 res=0 errno=0
[  387.046069][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.087510][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.088207][ T9470] netfs: Couldn't get user pages (rc=-14)
[  387.142870][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.169697][ T1582] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  387.185879][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.195780][ T9470] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  387.255086][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.294178][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.304946][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.315952][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.390000][ T1582] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  387.406087][ T9326] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.413479][ T1582] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  387.501386][ T1582] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 65535, setting to 64
[  387.574993][ T9326] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.647181][ T1582] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  387.647342][ T9326] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.687005][ T9326] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.719452][ T1582] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.878311][ T9466] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  387.889641][ T9326] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.889744][ T9466] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  387.950836][ T1582] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  388.097972][ T5885] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.109061][ T5885] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.122465][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.137813][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.163661][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.226083][ T9478] FAULT_INJECTION: forcing a failure.
[  388.226083][ T9478] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.239247][ T9478] CPU: 0 UID: 0 PID: 9478 Comm: syz.0.986 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  388.249854][ T9478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  388.259899][ T9478] Call Trace:
[  388.263165][ T9478]  <TASK>
[  388.266084][ T9478]  dump_stack_lvl+0x241/0x360
[  388.270767][ T9478]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.275967][ T9478]  ? __pfx__printk+0x10/0x10
[  388.280572][ T9478]  ? __pfx_lock_release+0x10/0x10
[  388.285588][ T9478]  should_fail_ex+0x3b0/0x4e0
[  388.290259][ T9478]  _copy_from_user+0x2f/0xc0
[  388.294840][ T9478]  copy_msghdr_from_user+0xae/0x680
[  388.300031][ T9478]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  388.305820][ T9478]  ? __fget_files+0x2a/0x410
[  388.310401][ T9478]  ? __fget_files+0x2a/0x410
[  388.314986][ T9478]  __sys_sendmsg+0x209/0x350
[  388.319571][ T9478]  ? __pfx_lock_release+0x10/0x10
[  388.324581][ T9478]  ? __pfx___sys_sendmsg+0x10/0x10
[  388.329691][ T9478]  ? __pfx_vfs_write+0x10/0x10
[  388.334459][ T9478]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  388.340774][ T9478]  ? do_syscall_64+0x100/0x230
[  388.345527][ T9478]  ? do_syscall_64+0xb6/0x230
[  388.350191][ T9478]  do_syscall_64+0xf3/0x230
[  388.354679][ T9478]  ? clear_bhb_loop+0x35/0x90
[  388.359339][ T9478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.365220][ T9478] RIP: 0033:0x7fca2337ff19
[  388.369625][ T9478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.389224][ T9478] RSP: 002b:00007fca241c5058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  388.397629][ T9478] RAX: ffffffffffffffda RBX: 00007fca23545fa0 RCX: 00007fca2337ff19
[  388.405588][ T9478] RDX: 0000000000000000 RSI: 00000000200096c0 RDI: 0000000000000003
[  388.413558][ T9478] RBP: 00007fca241c50a0 R08: 0000000000000000 R09: 0000000000000000
[  388.421519][ T9478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.429475][ T9478] R13: 0000000000000000 R14: 00007fca23545fa0 R15: 00007ffe0ed6ad18
[  388.437444][ T9478]  </TASK>
[  388.494208][ T5885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.526025][ T5885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.582202][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.591045][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.599771][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.608123][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.617528][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.626089][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.634709][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.894836][ T9495] FAULT_INJECTION: forcing a failure.
[  388.894836][ T9495] name failslab, interval 1, probability 0, space 0, times 0
[  388.907638][ T9495] CPU: 0 UID: 0 PID: 9495 Comm: syz.4.992 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  388.918252][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  388.928679][ T9495] Call Trace:
[  388.931977][ T9495]  <TASK>
[  388.934920][ T9495]  dump_stack_lvl+0x241/0x360
[  388.939626][ T9495]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.944845][ T9495]  ? __pfx__printk+0x10/0x10
[  388.949461][ T9495]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  388.955463][ T9495]  ? __pfx___might_resched+0x10/0x10
[  388.960793][ T9495]  should_fail_ex+0x3b0/0x4e0
[  388.965498][ T9495]  should_failslab+0xac/0x100
[  388.970199][ T9495]  kmem_cache_alloc_node_noprof+0x77/0x380
[  388.976025][ T9495]  ? __alloc_skb+0x1c3/0x440
[  388.980648][ T9495]  __alloc_skb+0x1c3/0x440
[  388.985093][ T9495]  ? __pfx___alloc_skb+0x10/0x10
[  388.990036][ T9495]  ? netlink_autobind+0xd6/0x2f0
[  388.994974][ T9495]  ? netlink_autobind+0x2b0/0x2f0
[  388.999995][ T9495]  netlink_sendmsg+0x638/0xcb0
[  389.004765][ T9495]  ? __pfx_netlink_sendmsg+0x10/0x10
[  389.010068][ T9495]  ? __pfx_netlink_sendmsg+0x10/0x10
[  389.015349][ T9495]  __sock_sendmsg+0x221/0x270
[  389.020028][ T9495]  ____sys_sendmsg+0x52a/0x7e0
[  389.024804][ T9495]  ? __pfx_____sys_sendmsg+0x10/0x10
[  389.030091][ T9495]  ? __fget_files+0x2a/0x410
[  389.034682][ T9495]  ? __fget_files+0x2a/0x410
[  389.039276][ T9495]  __sys_sendmsg+0x269/0x350
[  389.043866][ T9495]  ? __pfx_lock_release+0x10/0x10
[  389.048891][ T9495]  ? __pfx___sys_sendmsg+0x10/0x10
[  389.054041][ T9495]  ? __pfx_vfs_write+0x10/0x10
[  389.058827][ T9495]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  389.065155][ T9495]  ? do_syscall_64+0x100/0x230
[  389.069924][ T9495]  ? do_syscall_64+0xb6/0x230
[  389.074603][ T9495]  do_syscall_64+0xf3/0x230
[  389.079103][ T9495]  ? clear_bhb_loop+0x35/0x90
[  389.083774][ T9495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.089666][ T9495] RIP: 0033:0x7fe8fd17ff19
[  389.094078][ T9495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.113682][ T9495] RSP: 002b:00007fe8fdfb4058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  389.122442][ T9495] RAX: ffffffffffffffda RBX: 00007fe8fd345fa0 RCX: 00007fe8fd17ff19
[  389.130414][ T9495] RDX: 0000000001000000 RSI: 0000000020000280 RDI: 0000000000000003
[  389.138381][ T9495] RBP: 00007fe8fdfb40a0 R08: 0000000000000000 R09: 0000000000000000
[  389.146347][ T9495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.154313][ T9495] R13: 0000000000000000 R14: 00007fe8fd345fa0 R15: 00007ffed959df38
[  389.162295][ T9495]  </TASK>
[  389.187355][  T975] usb 3-1: USB disconnect, device number 24
[  390.840647][    T8] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  390.989888][    T8] usb 5-1: device descriptor read/64, error -71
[  391.175520][ T9531] FAULT_INJECTION: forcing a failure.
[  391.175520][ T9531] name failslab, interval 1, probability 0, space 0, times 0
[  391.188771][ T9531] CPU: 0 UID: 0 PID: 9531 Comm: syz.0.1004 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  391.199491][ T9531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  391.209567][ T9531] Call Trace:
[  391.212863][ T9531]  <TASK>
[  391.215815][ T9531]  dump_stack_lvl+0x241/0x360
[  391.220519][ T9531]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.225736][ T9531]  ? __pfx__printk+0x10/0x10
[  391.230359][ T9531]  should_fail_ex+0x3b0/0x4e0
[  391.235062][ T9531]  should_failslab+0xac/0x100
[  391.239757][ T9531]  ? skb_clone+0x20c/0x390
[  391.244192][ T9531]  kmem_cache_alloc_noprof+0x70/0x380
[  391.249592][ T9531]  skb_clone+0x20c/0x390
[  391.253854][ T9531]  ? dev_queue_xmit_nit+0x3fe/0xca0
[  391.259075][ T9531]  dev_queue_xmit_nit+0x249/0xca0
[  391.264123][ T9531]  ? dev_queue_xmit_nit+0x2b/0xca0
[  391.269257][ T9531]  ? validate_xmit_skb+0x9b8/0xff0
[  391.274398][ T9531]  dev_hard_start_xmit+0x15f/0x7d0
[  391.279536][ T9531]  ? __pfx_validate_xmit_skb+0x10/0x10
[  391.285029][ T9531]  __dev_queue_xmit+0x1b73/0x3f50
[  391.290076][ T9531]  ? kasan_save_track+0x51/0x80
[  391.294953][ T9531]  ? ____sys_sendmsg+0x52a/0x7e0
[  391.299919][ T9531]  ? __dev_queue_xmit+0x2f4/0x3f50
[  391.305054][ T9531]  ? __pfx___dev_queue_xmit+0x10/0x10
[  391.310443][ T9531]  ? __copy_skb_header+0x437/0x5b0
[  391.315642][ T9531]  ? __asan_memcpy+0x40/0x70
[  391.320239][ T9531]  ? __copy_skb_header+0x437/0x5b0
[  391.325353][ T9531]  ? __skb_clone+0x454/0x6c0
[  391.329949][ T9531]  ? skb_clone+0x240/0x390
[  391.334369][ T9531]  __netlink_deliver_tap+0x56b/0x7f0
[  391.339676][ T9531]  ? netlink_deliver_tap+0x2e/0x1b0
[  391.344877][ T9531]  netlink_deliver_tap+0x19d/0x1b0
[  391.349990][ T9531]  netlink_unicast+0x7c4/0x990
[  391.354761][ T9531]  ? __pfx_netlink_unicast+0x10/0x10
[  391.360045][ T9531]  ? __virt_addr_valid+0x183/0x530
[  391.365156][ T9531]  ? __check_object_size+0x48e/0x900
[  391.370445][ T9531]  netlink_sendmsg+0x8e4/0xcb0
[  391.375214][ T9531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.380509][ T9531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.385795][ T9531]  __sock_sendmsg+0x221/0x270
[  391.390479][ T9531]  ____sys_sendmsg+0x52a/0x7e0
[  391.395250][ T9531]  ? __pfx_____sys_sendmsg+0x10/0x10
[  391.400533][ T9531]  ? __fget_files+0x2a/0x410
[  391.405123][ T9531]  ? __fget_files+0x2a/0x410
[  391.409718][ T9531]  __sys_sendmsg+0x269/0x350
[  391.414304][ T9531]  ? __pfx_lock_release+0x10/0x10
[  391.419327][ T9531]  ? __pfx___sys_sendmsg+0x10/0x10
[  391.424445][ T9531]  ? __pfx_vfs_write+0x10/0x10
[  391.429228][ T9531]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  391.435552][ T9531]  ? do_syscall_64+0x100/0x230
[  391.440319][ T9531]  ? do_syscall_64+0xb6/0x230
[  391.444996][ T9531]  do_syscall_64+0xf3/0x230
[  391.449498][ T9531]  ? clear_bhb_loop+0x35/0x90
[  391.454177][ T9531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.460072][ T9531] RIP: 0033:0x7fca2337ff19
[  391.464485][ T9531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.484091][ T9531] RSP: 002b:00007fca241c5058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  391.492512][ T9531] RAX: ffffffffffffffda RBX: 00007fca23545fa0 RCX: 00007fca2337ff19
[  391.500484][ T9531] RDX: 0000000000000010 RSI: 0000000020000140 RDI: 0000000000000003
[  391.508460][ T9531] RBP: 00007fca241c50a0 R08: 0000000000000000 R09: 0000000000000000
[  391.516428][ T9531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.524394][ T9531] R13: 0000000000000000 R14: 00007fca23545fa0 R15: 00007ffe0ed6ad18
[  391.532375][ T9531]  </TASK>
[  391.563042][ T9522] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  391.600946][    T8] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  391.669671][  T975] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  391.759799][    T8] usb 5-1: device descriptor read/64, error -71
[  391.969158][    T8] usb usb5-port1: attempt power cycle
[  391.989644][  T975] usb 6-1: Using ep0 maxpacket: 8
[  392.081426][  T975] usb 6-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a
[  392.090909][  T975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.113092][  T975] usb 6-1: config 0 descriptor??
[  392.122859][  T975] pwc: Logitech QuickCam Notebook Pro USB webcam detected.
[  392.130369][  T975] pwc: Warning: more than 1 configuration available.
[  392.379781][    T8] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  392.459808][    T8] usb 5-1: device descriptor read/8, error -71
[  393.322837][  T975] pwc: recv_control_msg error -32 req 02 val 2b00
[  393.390253][    T8] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  393.419972][    T8] usb 5-1: device descriptor read/8, error -71
[  393.530899][    T8] usb usb5-port1: unable to enumerate USB device
[  393.537727][ T9527] tun0: tun_chr_ioctl cmd 1074025677
[  393.551803][ T9527] tun0: linktype set to 512
[  393.666178][  T975] pwc: recv_control_msg error -71 req 02 val 2c00
[  393.673388][  T975] pwc: recv_control_msg error -71 req 04 val 1000
[  393.716362][  T975] pwc: recv_control_msg error -71 req 04 val 1300
[  393.726524][  T975] pwc: recv_control_msg error -71 req 04 val 1400
[  393.749739][  T975] pwc: recv_control_msg error -71 req 02 val 2000
[  393.777166][  T975] pwc: recv_control_msg error -71 req 02 val 2100
[  393.814837][  T975] pwc: recv_control_msg error -71 req 06 val 0600
[  393.945554][  T975] pwc: recv_control_msg error -71 req 04 val 1500
[  393.972892][  T975] pwc: recv_control_msg error -71 req 02 val 2500
[  394.008140][  T975] pwc: recv_control_msg error -71 req 02 val 2400
[  394.022068][  T975] pwc: recv_control_msg error -71 req 02 val 2600
[  394.036929][  T975] pwc: recv_control_msg error -71 req 02 val 2900
[  394.071539][  T975] pwc: recv_control_msg error -71 req 02 val 2800
[  394.081659][  T975] pwc: recv_control_msg error -71 req 04 val 1100
[  394.099648][  T975] pwc: recv_control_msg error -71 req 04 val 1200
[  394.518619][  T975] pwc: Registered as video103.
[  394.519847][  T975] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input16
[  394.523192][  T975] usb 6-1: USB disconnect, device number 2
[  394.542818][ T9569] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  394.753434][ T9569] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.753601][ T9569] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.754859][ T9569] bridge0: entered allmulticast mode
[  395.639624][  T975] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  395.799961][  T975] usb 1-1: Using ep0 maxpacket: 16
[  395.830200][  T975] usb 1-1: config 0 has an invalid interface number: 203 but max is 0
[  395.844882][  T975] usb 1-1: config 0 has no interface number 0
[  395.881983][  T975] usb 1-1: config 0 interface 203 altsetting 0 endpoint 0xB has invalid maxpacket 1023, setting to 64
[  395.938976][  T975] usb 1-1: New USB device found, idVendor=04cb, idProduct=010f, bcdDevice=29.7d
[  395.950730][  T975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.977828][  T975] usb 1-1: Product: syz
[  396.001222][  T975] usb 1-1: Manufacturer: syz
[  396.016502][  T975] usb 1-1: SerialNumber: syz
[  396.036075][  T975] usb 1-1: config 0 descriptor??
[  396.061919][  T975] gspca_main: finepix-2.14.0 probing 04cb:010f
[  396.363402][ T9580] team_slave_0: entered promiscuous mode
[  396.369601][ T9580] team_slave_1: entered promiscuous mode
[  396.676970][ T9609] FAULT_INJECTION: forcing a failure.
[  396.676970][ T9609] name failslab, interval 1, probability 0, space 0, times 0
[  396.699862][ T9609] CPU: 0 UID: 0 PID: 9609 Comm: syz.1.1027 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  396.710615][ T9609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  396.720672][ T9609] Call Trace:
[  396.723949][ T9609]  <TASK>
[  396.726878][ T9609]  dump_stack_lvl+0x241/0x360
[  396.731560][ T9609]  ? __pfx_dump_stack_lvl+0x10/0x10
[  396.736755][ T9609]  ? __pfx__printk+0x10/0x10
[  396.741347][ T9609]  ? fs_reclaim_acquire+0x93/0x130
[  396.746460][ T9609]  ? __pfx___might_resched+0x10/0x10
[  396.751751][ T9609]  should_fail_ex+0x3b0/0x4e0
[  396.756426][ T9609]  should_failslab+0xac/0x100
[  396.761101][ T9609]  __kmalloc_noprof+0xdd/0x4c0
[  396.765861][ T9609]  ? tomoyo_encode+0x26f/0x540
[  396.770624][ T9609]  tomoyo_encode+0x26f/0x540
[  396.775215][ T9609]  tomoyo_realpath_from_path+0x59e/0x5e0
[  396.780857][ T9609]  tomoyo_path_number_perm+0x236/0x860
[  396.786310][ T9609]  ? __lock_acquire+0x1397/0x2100
[  396.791331][ T9609]  ? tomoyo_path_number_perm+0x206/0x860
[  396.796961][ T9609]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  396.802963][ T9609]  ? __fget_files+0x2a/0x410
[  396.807557][ T9609]  ? __fget_files+0x2a/0x410
[  396.812153][ T9609]  security_file_ioctl+0xc6/0x2a0
[  396.817191][ T9609]  __se_sys_ioctl+0x46/0x170
[  396.821786][ T9609]  do_syscall_64+0xf3/0x230
[  396.826291][ T9609]  ? clear_bhb_loop+0x35/0x90
[  396.830970][ T9609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.836876][ T9609] RIP: 0033:0x7fedce97ff19
[  396.841294][ T9609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.860895][ T9609] RSP: 002b:00007fedcf838058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  396.869308][ T9609] RAX: ffffffffffffffda RBX: 00007fedceb45fa0 RCX: 00007fedce97ff19
[  396.877274][ T9609] RDX: 0000000020000180 RSI: 00000000c4c85513 RDI: 0000000000000003
[  396.885238][ T9609] RBP: 00007fedcf8380a0 R08: 0000000000000000 R09: 0000000000000000
[  396.893204][ T9609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.901171][ T9609] R13: 0000000000000000 R14: 00007fedceb45fa0 R15: 00007ffcfcf4bb78
[  396.909157][ T9609]  </TASK>
[  396.954747][ T9609] ERROR: Out of memory at tomoyo_realpath_from_path.
[  397.311388][ T5866] usb 1-1: USB disconnect, device number 21
[  397.319700][ T1582] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  397.559777][   T29] audit: type=1800 audit(1733480343.768:211): pid=9617 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1031" name="bus" dev="overlay" ino=61 res=0 errno=0
[  397.585054][ T1582] usb 2-1: Using ep0 maxpacket: 32
[  397.651770][ T1582] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  397.663070][ T1582] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  397.669644][    T9] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  397.680189][ T1582] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  397.701584][ T1582] usb 2-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  397.720338][ T1582] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.734305][ T1582] usb 2-1: config 0 descriptor??
[  397.859662][    T9] usb 3-1: Using ep0 maxpacket: 32
[  397.866466][    T9] usb 3-1: config 148 has an invalid interface number: 223 but max is 0
[  397.885342][    T9] usb 3-1: config 148 has no interface number 0
[  397.899674][    T9] usb 3-1: config 148 interface 223 has no altsetting 0
[  397.925248][    T9] usb 3-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=27.b4
[  397.957996][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.967160][ T9611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.977618][    T9] usb 3-1: Product: syz
[  397.985457][    T9] usb 3-1: Manufacturer: syz
[  397.997450][ T9611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.999583][    T9] usb 3-1: SerialNumber: syz
[  398.364349][ T9632] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1028'.
[  398.373626][ T9632] netlink: 'syz.1.1028': attribute type 1 has an invalid length.
[  399.739719][ T9634] 9pnet_fd: Insufficient options for proto=fd
[  400.114240][ T9637] kernel profiling enabled (shift: 7)
[  400.205735][ T1582] usbhid 2-1:0.0: can't add hid device: -71
[  400.213942][ T1582] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  400.223661][ T1582] usb 2-1: USB disconnect, device number 31
[  400.285233][    T9] peak_usb 3-1:148.223 can0: unable to request usb[type=0 value=1] err=-71
[  400.296115][ T9646] netlink: 'syz.1.1038': attribute type 2 has an invalid length.
[  400.309793][    T9] peak_usb 3-1:148.223: unable to read PCAN-USB X6 firmware info (err -71)
[  400.564914][ T9652] sctp: [Deprecated]: syz.4.1041 (pid 9652) Use of int in max_burst socket option deprecated.
[  400.564914][ T9652] Use struct sctp_assoc_value instead
[  400.574245][    T9] peak_usb 3-1:148.223: probe with driver peak_usb failed with error -71
[  400.593441][    T9] usb 3-1: USB disconnect, device number 25
[  400.609679][ T1582] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  401.473003][ T1582] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  401.489614][ T1582] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  401.527178][ T1582] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  401.594778][ T1582] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.382115][ T1582] usb 2-1: config 0 descriptor??
[  402.743932][ T9670] delete_channel: no stack
[  402.758174][ T9670] delete_channel: no stack
[  402.832580][ T9646] netlink: 'syz.1.1038': attribute type 2 has an invalid length.
[  402.893700][ T1582] usbhid 2-1:0.0: can't add hid device: -71
[  402.900422][ T1582] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  402.917569][ T1582] usb 2-1: USB disconnect, device number 32
[  403.270061][   T46] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  403.438455][   T46] usb 1-1: Using ep0 maxpacket: 32
[  403.454524][   T46] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  403.736979][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  403.923636][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  403.939245][   T46] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  403.948582][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.958650][   T46] usb 1-1: config 0 descriptor??
[  403.963203][ T9695] FAULT_INJECTION: forcing a failure.
[  403.963203][ T9695] name failslab, interval 1, probability 0, space 0, times 0
[  403.967118][ T9679] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  404.006358][   T46] hub 1-1:0.0: USB hub found
[  404.012276][ T9695] CPU: 1 UID: 0 PID: 9695 Comm: syz.1.1053 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  404.022980][ T9695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  404.033044][ T9695] Call Trace:
[  404.036319][ T9695]  <TASK>
[  404.039246][ T9695]  dump_stack_lvl+0x241/0x360
[  404.043928][ T9695]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.049126][ T9695]  ? __pfx__printk+0x10/0x10
[  404.053715][ T9695]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  404.059699][ T9695]  ? __pfx___might_resched+0x10/0x10
[  404.065080][ T9695]  should_fail_ex+0x3b0/0x4e0
[  404.069767][ T9695]  should_failslab+0xac/0x100
[  404.074448][ T9695]  kmem_cache_alloc_node_noprof+0x77/0x380
[  404.080255][ T9695]  ? __alloc_skb+0x1c3/0x440
[  404.084848][ T9695]  __alloc_skb+0x1c3/0x440
[  404.089262][ T9695]  ? __pfx___alloc_skb+0x10/0x10
[  404.094195][ T9695]  ? netlink_autobind+0xd6/0x2f0
[  404.099126][ T9695]  ? netlink_autobind+0x2b0/0x2f0
[  404.104150][ T9695]  netlink_sendmsg+0x638/0xcb0
[  404.108917][ T9695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.114206][ T9695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.119486][ T9695]  __sock_sendmsg+0x221/0x270
[  404.124171][ T9695]  ____sys_sendmsg+0x52a/0x7e0
[  404.129030][ T9695]  ? __pfx_____sys_sendmsg+0x10/0x10
[  404.134316][ T9695]  ? __fget_files+0x2a/0x410
[  404.138912][ T9695]  ? __fget_files+0x2a/0x410
[  404.143506][ T9695]  __sys_sendmsg+0x269/0x350
[  404.148096][ T9695]  ? __pfx_lock_release+0x10/0x10
[  404.153122][ T9695]  ? __pfx___sys_sendmsg+0x10/0x10
[  404.158235][ T9695]  ? __pfx_vfs_write+0x10/0x10
[  404.163018][ T9695]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  404.169340][ T9695]  ? do_syscall_64+0x100/0x230
[  404.174106][ T9695]  ? do_syscall_64+0xb6/0x230
[  404.179131][ T9695]  do_syscall_64+0xf3/0x230
[  404.183657][ T9695]  ? clear_bhb_loop+0x35/0x90
[  404.188335][ T9695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.194236][ T9695] RIP: 0033:0x7fedce97ff19
[  404.198649][ T9695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.218252][ T9695] RSP: 002b:00007fedcf838058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  404.226666][ T9695] RAX: ffffffffffffffda RBX: 00007fedceb45fa0 RCX: 00007fedce97ff19
[  404.234638][ T9695] RDX: 0000000000004044 RSI: 0000000020000040 RDI: 0000000000000003
[  404.242606][ T9695] RBP: 00007fedcf8380a0 R08: 0000000000000000 R09: 0000000000000000
[  404.250574][ T9695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.258541][ T9695] R13: 0000000000000000 R14: 00007fedceb45fa0 R15: 00007ffcfcf4bb78
[  404.266519][ T9695]  </TASK>
[  404.310083][   T46] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  404.490567][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1059'.
[  404.584227][   T46] hid-generic 0003:046D:C314.000A: unknown main item tag 0x0
[  404.612473][   T46] hid-generic 0003:046D:C314.000A: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.0-1/input0
[  404.800383][  T975] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  404.979637][  T975] usb 2-1: Using ep0 maxpacket: 32
[  404.979935][   T46] usb 1-1: USB disconnect, device number 22
[  404.987468][  T975] usb 2-1: config 148 has an invalid interface number: 223 but max is 0
[  405.037290][  T975] usb 2-1: config 148 has no interface number 0
[  405.954548][  T975] usb 2-1: config 148 interface 223 has no altsetting 0
[  405.990583][  T975] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=27.b4
[  405.999850][  T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.007855][  T975] usb 2-1: Product: syz
[  406.962352][  T975] usb 2-1: Manufacturer: syz
[  406.966994][  T975] usb 2-1: SerialNumber: syz
[  407.217475][ T9732] openvswitch: netlink: Tunnel attr 222 out of range max 16
[  407.377025][ T9704] 9pnet_fd: Insufficient options for proto=fd
[  407.440136][ T9728] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1064'.
[  407.471659][  T975] peak_usb 2-1:148.223 can0: unable to request usb[type=0 value=1] err=-71
[  407.489834][  T975] peak_usb 2-1:148.223: unable to read PCAN-USB X6 firmware info (err -71)
[  407.550701][  T975] peak_usb 2-1:148.223: probe with driver peak_usb failed with error -71
[  407.572829][  T975] usb 2-1: USB disconnect, device number 33
[  407.579911][ T5866] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  407.731092][ T5866] usb 5-1: Using ep0 maxpacket: 8
[  407.748226][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.768695][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.779281][ T5866] usb 5-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  407.788545][ T5866] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.798960][ T5866] usb 5-1: config 0 descriptor??
[  408.256720][ T5866] smartjoyplus 0003:6666:8804.000B: hidraw0: USB HID v0.00 Device [HID 6666:8804] on usb-dummy_hcd.4-1/input0
[  408.268538][ T5866] smartjoyplus 0003:6666:8804.000B: Force feedback for SmartJoy PLUS PS2/USB adapter
[  409.841126][ T9765] FAULT_INJECTION: forcing a failure.
[  409.841126][ T9765] name failslab, interval 1, probability 0, space 0, times 0
[  409.854429][ T9765] CPU: 1 UID: 0 PID: 9765 Comm: syz.0.1074 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  409.865146][ T9765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  409.875224][ T9765] Call Trace:
[  409.878522][ T9765]  <TASK>
[  409.881472][ T9765]  dump_stack_lvl+0x241/0x360
[  409.886189][ T9765]  ? __pfx_dump_stack_lvl+0x10/0x10
[  409.891405][ T9765]  ? __pfx__printk+0x10/0x10
[  409.895999][ T9765]  ? fs_reclaim_acquire+0x93/0x130
[  409.901111][ T9765]  ? __pfx___might_resched+0x10/0x10
[  409.906406][ T9765]  should_fail_ex+0x3b0/0x4e0
[  409.911085][ T9765]  should_failslab+0xac/0x100
[  409.915767][ T9765]  __kmalloc_noprof+0xdd/0x4c0
[  409.920533][ T9765]  ? kstrtouint_from_user+0x128/0x190
[  409.925909][ T9765]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  409.931631][ T9765]  tomoyo_realpath_from_path+0xcf/0x5e0
[  409.937192][ T9765]  tomoyo_path_number_perm+0x236/0x860
[  409.942649][ T9765]  ? __lock_acquire+0x1397/0x2100
[  409.947672][ T9765]  ? tomoyo_path_number_perm+0x206/0x860
[  409.953302][ T9765]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  409.959307][ T9765]  ? __fget_files+0x2a/0x410
[  409.963898][ T9765]  ? __fget_files+0x2a/0x410
[  409.968496][ T9765]  security_file_ioctl+0xc6/0x2a0
[  409.973524][ T9765]  __se_sys_ioctl+0x46/0x170
[  409.978115][ T9765]  do_syscall_64+0xf3/0x230
[  409.982620][ T9765]  ? clear_bhb_loop+0x35/0x90
[  409.987291][ T9765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.993181][ T9765] RIP: 0033:0x7fca2337ff19
[  409.997590][ T9765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.017192][ T9765] RSP: 002b:00007fca241c5058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  410.025611][ T9765] RAX: ffffffffffffffda RBX: 00007fca23545fa0 RCX: 00007fca2337ff19
[  410.033582][ T9765] RDX: 0000000000000000 RSI: 0000000000008918 RDI: 0000000000000004
[  410.041549][ T9765] RBP: 00007fca241c50a0 R08: 0000000000000000 R09: 0000000000000000
[  410.049523][ T9765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.057526][ T9765] R13: 0000000000000000 R14: 00007fca23545fa0 R15: 00007ffe0ed6ad18
[  410.065530][ T9765]  </TASK>
[  410.069744][ T9765] ERROR: Out of memory at tomoyo_realpath_from_path.
[  410.569342][ T9775] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  410.701713][ T9771] syzkaller0: entered promiscuous mode
[  410.710385][ T9771] syzkaller0: entered allmulticast mode
[  410.902905][    T8] usb 5-1: USB disconnect, device number 35
[  411.159057][ T9794] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1082'.
[  411.451386][    T8] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  411.643748][    T8] usb 5-1: Using ep0 maxpacket: 8
[  411.651534][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  411.719248][    T8] usb 5-1: New USB device found, idVendor=06cd, idProduct=0108, bcdDevice=10.15
[  411.735057][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.768608][    T8] usb 5-1: Product: syz
[  411.786649][    T8] usb 5-1: Manufacturer: syz
[  411.829461][    T8] usb 5-1: SerialNumber: syz
[  411.853917][    T8] usb 5-1: config 0 descriptor??
[  411.881508][    T8] keyspan 5-1:0.0: Keyspan 1 port adapter converter detected
[  411.889047][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 87
[  411.950576][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 7
[  411.987130][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81
[  412.029810][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1
[  412.058005][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2
[  412.088457][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 85
[  412.127007][    T8] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 5
[  412.164315][    T8] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  416.619409][ T9794] syz_tun: entered promiscuous mode
[  416.625173][ T9794] macsec1: entered promiscuous mode
[  416.634821][ T9792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1082'.
[  416.785109][    T9] usb 5-1: USB disconnect, device number 36
[  416.835485][    T9] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  416.845340][    T9] keyspan 5-1:0.0: device disconnected
[  418.525334][ T9855] openvswitch: netlink: Tunnel attr 222 out of range max 16
[  423.253413][ T9903] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1109'.
[  423.339357][ T9900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1109'.
[  424.381291][ T9926] openvswitch: netlink: Tunnel attr 222 out of range max 16
[  424.782867][ T1582] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  424.798402][ T9936] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.404176][ T9936] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.432758][ T9936] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.445415][ T9936] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.454822][ T9937] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.468092][ T9937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.484535][ T9937] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.496287][ T9937] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1120'.
[  425.899906][ T1582] usb 1-1: Using ep0 maxpacket: 8
[  425.911496][ T1582] usb 1-1: config 1 interface 0 altsetting 127 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  425.931933][ T1582] usb 1-1: config 1 interface 0 has no altsetting 0
[  425.953514][ T1582] usb 1-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.40
[  425.980197][ T1582] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.007791][ T1582] usb 1-1: Product: syz
[  426.017563][ T1582] usb 1-1: Manufacturer: syz
[  426.028140][ T1582] usb 1-1: SerialNumber: syz
[  427.385995][ T1582] usbhid 1-1:1.0: can't add hid device: -71
[  427.392151][ T1582] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  427.409477][ T1582] usb 1-1: USB disconnect, device number 23
[  427.811016][ T5866] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  427.980151][ T5866] usb 6-1: Using ep0 maxpacket: 16
[  428.003951][ T5866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.023038][ T5866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.054046][ T5866] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  428.082565][ T5866] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  428.113346][ T5866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.143234][ T5866] usb 6-1: config 0 descriptor??
[  428.794217][T10002] program syz.4.1141 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  429.914312][ T5866] usbhid 6-1:0.0: can't add hid device: -71
[  429.931134][ T5866] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  429.940778][ T5866] usb 6-1: USB disconnect, device number 3
[  430.490018][ T1582] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  430.791188][ T1582] usb 2-1: Using ep0 maxpacket: 16
[  430.819669][ T1582] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  430.831992][ T1582] usb 2-1: config 0 interface 0 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  430.845685][ T1582] usb 2-1: config 0 interface 0 has no altsetting 0
[  430.855421][ T1582] usb 2-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00
[  430.864696][ T1582] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.882180][ T1582] usb 2-1: config 0 descriptor??
[  431.096637][ T1582] usbhid 2-1:0.0: can't add hid device: -71
[  431.103142][ T1582] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  431.124523][ T1582] usb 2-1: USB disconnect, device number 34
[  434.845940][T10068] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1159'.
[  435.844901][T10075] FAULT_INJECTION: forcing a failure.
[  435.844901][T10075] name failslab, interval 1, probability 0, space 0, times 0
[  435.857604][T10075] CPU: 0 UID: 0 PID: 10075 Comm: syz.2.1161 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  435.868383][T10075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  435.878472][T10075] Call Trace:
[  435.881766][T10075]  <TASK>
[  435.884717][T10075]  dump_stack_lvl+0x241/0x360
[  435.889426][T10075]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.894640][T10075]  ? __pfx__printk+0x10/0x10
[  435.899248][T10075]  ? fs_reclaim_acquire+0x93/0x130
[  435.904379][T10075]  ? __pfx___might_resched+0x10/0x10
[  435.909699][T10075]  should_fail_ex+0x3b0/0x4e0
[  435.914402][T10075]  should_failslab+0xac/0x100
[  435.919093][T10075]  __kmalloc_noprof+0xdd/0x4c0
[  435.923878][T10075]  ? tomoyo_encode+0x26f/0x540
[  435.928671][T10075]  tomoyo_encode+0x26f/0x540
[  435.933284][T10075]  tomoyo_realpath_from_path+0x59e/0x5e0
[  435.938946][T10075]  tomoyo_path_number_perm+0x236/0x860
[  435.944417][T10075]  ? __lock_acquire+0x1397/0x2100
[  435.949456][T10075]  ? tomoyo_path_number_perm+0x206/0x860
[  435.955107][T10075]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  435.961135][T10075]  ? __fget_files+0x2a/0x410
[  435.965747][T10075]  ? __fget_files+0x2a/0x410
[  435.970358][T10075]  security_file_ioctl+0xc6/0x2a0
[  435.975406][T10075]  __se_sys_ioctl+0x46/0x170
[  435.980021][T10075]  do_syscall_64+0xf3/0x230
[  435.984542][T10075]  ? clear_bhb_loop+0x35/0x90
[  435.989230][T10075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.995139][T10075] RIP: 0033:0x7fbad837ff19
[  435.999565][T10075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.019188][T10075] RSP: 002b:00007fbad91a9058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  436.027627][T10075] RAX: ffffffffffffffda RBX: 00007fbad8546160 RCX: 00007fbad837ff19
[  436.035614][T10075] RDX: 00000000200001c0 RSI: 00000000c0d05604 RDI: 0000000000000003
[  436.043595][T10075] RBP: 00007fbad91a90a0 R08: 0000000000000000 R09: 0000000000000000
[  436.051575][T10075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.059553][T10075] R13: 0000000000000000 R14: 00007fbad8546160 R15: 00007ffe86e6eb08
[  436.067551][T10075]  </TASK>
[  436.072998][T10075] ERROR: Out of memory at tomoyo_realpath_from_path.
[  437.549747][    T9] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  437.687316][T10095] rpc_pipefs: Unknown parameter 'trans'
[  437.724766][T10097] openvswitch: netlink: Tunnel attr 222 out of range max 16
[  437.889679][    T9] usb 3-1: Using ep0 maxpacket: 16
[  438.089201][    T9] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  438.135208][    T9] usb 3-1: config 0 interface 0 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  438.328652][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  438.436640][    T9] usb 3-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00
[  438.534462][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.660890][    T9] usb 3-1: config 0 descriptor??
[  438.955256][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  438.979239][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  439.037192][    T9] usb 3-1: USB disconnect, device number 26
[  440.353948][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  443.038610][T10139] FAULT_INJECTION: forcing a failure.
[  443.038610][T10139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.064586][T10139] CPU: 0 UID: 0 PID: 10139 Comm: syz.2.1182 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  443.075402][T10139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  443.085481][T10139] Call Trace:
[  443.088786][T10139]  <TASK>
[  443.091741][T10139]  dump_stack_lvl+0x241/0x360
[  443.096453][T10139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  443.101678][T10139]  ? __pfx__printk+0x10/0x10
[  443.106294][T10139]  ? vfs_write+0x730/0xd30
[  443.110738][T10139]  should_fail_ex+0x3b0/0x4e0
[  443.115436][T10139]  _copy_from_user+0x2f/0xc0
[  443.120052][T10139]  move_addr_to_kernel+0x82/0x150
[  443.125124][T10139]  __sys_bind+0x124/0x290
[  443.129484][T10139]  ? __pfx___sys_bind+0x10/0x10
[  443.134370][T10139]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  443.140718][T10139]  ? do_syscall_64+0x100/0x230
[  443.145496][T10139]  __x64_sys_bind+0x7a/0x90
[  443.150007][T10139]  do_syscall_64+0xf3/0x230
[  443.154520][T10139]  ? clear_bhb_loop+0x35/0x90
[  443.159193][T10139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.165086][T10139] RIP: 0033:0x7fbad837ff19
[  443.169504][T10139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.189118][T10139] RSP: 002b:00007fbad91eb058 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  443.197535][T10139] RAX: ffffffffffffffda RBX: 00007fbad8545fa0 RCX: 00007fbad837ff19
[  443.205508][T10139] RDX: 000000000000006e RSI: 0000000020000180 RDI: 0000000000000004
[  443.213475][T10139] RBP: 00007fbad91eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  443.221443][T10139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.229406][T10139] R13: 0000000000000000 R14: 00007fbad8545fa0 R15: 00007ffe86e6eb08
[  443.237386][T10139]  </TASK>
[  444.717508][T10171] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1191'.
[  444.869714][ T5866] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  444.948595][T10175] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1194'.
[  445.201162][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  445.223334][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.851330][ T5866] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  445.861483][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.967735][T10179] Illegal XDP return value 4294967294 on prog  (id 318) dev N/A, expect packet loss!
[  446.307921][ T5866] usb 2-1: config 0 descriptor??
[  446.911611][ T5866] usbhid 2-1:0.0: can't add hid device: -71
[  446.917867][ T5866] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  446.938430][T10203] ebt_among: dst integrity fail: 101
[  446.951531][ T5866] usb 2-1: USB disconnect, device number 35
[  446.965021][T10205] input: syz0 as /devices/virtual/input/input18
[  451.921619][T10243] 9pnet_fd: Insufficient options for proto=fd
[  451.928392][   T29] audit: type=1326 audit(1733480398.048:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  451.961099][   T29] audit: type=1326 audit(1733480398.048:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  452.020373][   T29] audit: type=1326 audit(1733480398.128:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  452.155120][   T29] audit: type=1326 audit(1733480398.128:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbad837ff53 code=0x7ffc0000
[  452.298376][   T29] audit: type=1326 audit(1733480398.128:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbad837ff53 code=0x7ffc0000
[  452.353195][T10250] ptrace attach of "./syz-executor exec"[10254] was attempted by "./syz-executor exec"[10250]
[  452.389351][T10258] FAULT_INJECTION: forcing a failure.
[  452.389351][T10258] name failslab, interval 1, probability 0, space 0, times 0
[  452.433235][   T29] audit: type=1326 audit(1733480398.128:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  452.475943][T10258] CPU: 0 UID: 0 PID: 10258 Comm: syz.1.1221 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  452.486758][T10258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  452.496832][T10258] Call Trace:
[  452.500121][T10258]  <TASK>
[  452.503066][T10258]  dump_stack_lvl+0x241/0x360
[  452.507763][T10258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.512982][T10258]  ? __pfx__printk+0x10/0x10
[  452.517590][T10258]  ? kmem_cache_alloc_noprof+0x48/0x380
[  452.523150][T10258]  ? __pfx___might_resched+0x10/0x10
[  452.528458][T10258]  should_fail_ex+0x3b0/0x4e0
[  452.533152][T10258]  should_failslab+0xac/0x100
[  452.537844][T10258]  ? getname_flags+0xb7/0x540
[  452.542534][T10258]  kmem_cache_alloc_noprof+0x70/0x380
[  452.547924][T10258]  getname_flags+0xb7/0x540
[  452.552439][T10258]  do_sys_openat2+0xd2/0x1d0
[  452.557018][T10258]  ? __pfx_do_sys_openat2+0x10/0x10
[  452.562206][T10258]  ? __fget_files+0x2a/0x410
[  452.566784][T10258]  ? __fget_files+0x2a/0x410
[  452.571364][T10258]  __x64_sys_openat+0x247/0x2a0
[  452.576202][T10258]  ? __pfx___x64_sys_openat+0x10/0x10
[  452.579857][   T29] audit: type=1326 audit(1733480398.128:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.2.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad837ff19 code=0x7ffc0000
[  452.581565][T10258]  ? do_syscall_64+0x100/0x230
[  452.607856][T10258]  ? do_syscall_64+0xb6/0x230
[  452.612562][T10258]  do_syscall_64+0xf3/0x230
[  452.617090][T10258]  ? clear_bhb_loop+0x35/0x90
[  452.621789][T10258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.627707][T10258] RIP: 0033:0x7fedce97ff19
[  452.632139][T10258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.652299][T10258] RSP: 002b:00007fedcf838058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  452.660744][T10258] RAX: ffffffffffffffda RBX: 00007fedceb45fa0 RCX: 00007fedce97ff19
[  452.668734][T10258] RDX: 0000000000161102 RSI: 0000000020000100 RDI: ffffffffffffff9c
[  452.676721][T10258] RBP: 00007fedcf8380a0 R08: 0000000000000000 R09: 0000000000000000
[  452.684705][T10258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.692694][T10258] R13: 0000000000000000 R14: 00007fedceb45fa0 R15: 00007ffcfcf4bb78
[  452.700701][T10258]  </TASK>
[  452.709638][   T46] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  452.810344][ T5827] Bluetooth: hci2: link tx timeout
[  452.817332][ T5827] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  452.874493][   T46] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  453.084475][   T46] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 64, setting to 0
[  453.095656][   T46] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  453.134095][   T46] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  453.143965][   T46] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  453.157537][   T29] audit: type=1326 audit(1733480399.278:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10251 comm="syz.0.1219" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca2337ff19 code=0x0
[  453.178572][    C1] vkms_vblank_simulate: vblank timer overrun
[  453.185094][   T46] usb 6-1: string descriptor 0 read error: -71
[  453.191664][   T46] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  453.201166][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.228881][   T46] usb 6-1: can't set config #1, error -71
[  453.275589][   T46] usb 6-1: USB disconnect, device number 4
[  453.509236][T10274] netlink: 'syz.4.1224': attribute type 10 has an invalid length.
[  453.928495][T10274] 8021q: adding VLAN 0 to HW filter on device batadv0
[  453.938772][T10274] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  454.177593][   T29] audit: type=1326 audit(1733480400.398:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10256 comm="syz.1.1221" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fedce97ff19 code=0x0
[  454.211497][T10283] loop2: detected capacity change from 0 to 7
[  454.227379][T10283] Dev loop2: unable to read RDB block 7
[  454.237410][T10283]  loop2: unable to read partition table
[  454.250034][T10283] loop2: partition table beyond EOD, truncated
[  454.267239][T10283] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  454.465905][T10292] fuse: Unknown parameter ''
[  455.529673][ T5824] Bluetooth: hci2: command 0x0406 tx timeout
[  456.349726][   T46] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  456.516079][   T46] usb 6-1: config 0 interface 0 has no altsetting 0
[  456.527796][   T46] usb 6-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67
[  456.554981][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.687538][   T46] usb 6-1: Product: syz
[  456.762140][   T46] usb 6-1: Manufacturer: syz
[  456.828510][T10312] netdevsim netdevsim2: Direct firmware load for å failed with error -2
[  456.847985][   T46] usb 6-1: SerialNumber: syz
[  456.969178][   T46] usb 6-1: config 0 descriptor??
[  457.124171][   T46] dvb-usb: found a 'DTV-DVB UDTT7049' in warm state.
[  457.165861][   T46] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  457.195985][T10312] netdevsim netdevsim2: Falling back to sysfs fallback for: å
[  457.230501][   T46] dvbdev: DVB: registering new adapter (DTV-DVB UDTT7049)
[  457.248202][   T46] usb 6-1: media controller created
[  457.318626][   T46] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  457.612585][T10308] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1235'.
[  457.850645][T10308] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  457.884757][T10308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  457.990391][T10308] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  458.051684][T10308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  458.503372][ T1582] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  458.874038][   T46] dvb-usb: no frontend was attached by 'DTV-DVB UDTT7049'
[  458.927618][ T1582] usb 2-1: Using ep0 maxpacket: 16
[  460.810381][   T46] rc_core: IR keymap rc-twinhan1027 not found
[  460.816520][   T46] Registered IR keymap rc-empty
[  460.852050][   T46] rc rc0: DTV-DVB UDTT7049 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[  460.871053][   T46] input: DTV-DVB UDTT7049 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input19
[  461.030825][   T46] dvb-usb: schedule remote query interval to 150 msecs.
[  461.037854][   T46] dvb-usb: DTV-DVB UDTT7049 successfully initialized and connected.
[  461.060253][ T1582] usb 2-1: unable to read config index 0 descriptor/all
[  461.067271][ T1582] usb 2-1: can't read configurations, error -71
[  461.150588][   T46] dvb_usb_m920x 6-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  461.193877][ T4920] m920x_read = error: -71
[  461.198494][ T4920] dvb-usb: error -71 while querying for an remote control event.
[  461.228720][   T46] usb 6-1: USB disconnect, device number 5
[  461.568820][T10378] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1249'.
[  461.629754][T10361] m920x_read = error: -19
[  461.637138][T10361] dvb-usb: error -19 while querying for an remote control event.
[  461.839969][T10361] m920x_read = error: -19
[  461.844424][T10361] dvb-usb: error -19 while querying for an remote control event.
[  462.022837][T10361] m920x_read = error: -19
[  462.027407][T10361] dvb-usb: error -19 while querying for an remote control event.
[  462.993761][T10361] m920x_read = error: -19
[  462.998155][T10361] dvb-usb: error -19 while querying for an remote control event.
[  463.159835][ T1582] m920x_read = error: -19
[  463.164933][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  464.012162][T10386] netdevsim netdevsim4: Direct firmware load for å failed with error -2
[  464.049587][T10386] netdevsim netdevsim4: Falling back to sysfs fallback for: å
[  464.061614][T10419] fuse: Bad value for 'fd'
[  464.080967][ T1582] m920x_read = error: -19
[  464.086042][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  464.126576][T10426] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1265'.
[  464.171133][T10426] syz_tun: entered promiscuous mode
[  464.176455][T10426] macsec1: entered promiscuous mode
[  464.207326][T10426] macsec1: entered allmulticast mode
[  464.219803][T10426] syz_tun: entered allmulticast mode
[  464.280591][ T1582] m920x_read = error: -19
[  464.299941][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  464.474459][ T1582] m920x_read = error: -19
[  464.478859][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  464.542681][T10424] tun0: tun_chr_ioctl cmd 1074025681
[  464.554800][T10424] tun0: tun_chr_ioctl cmd 3221771528
[  464.627865][T10447] FAULT_INJECTION: forcing a failure.
[  464.627865][T10447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  464.641454][ T1582] m920x_read = error: -19
[  464.646639][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  464.700059][T10447] CPU: 1 UID: 0 PID: 10447 Comm: syz.1.1274 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  464.710878][T10447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  464.720949][T10447] Call Trace:
[  464.724243][T10447]  <TASK>
[  464.727188][T10447]  dump_stack_lvl+0x241/0x360
[  464.731895][T10447]  ? __pfx_dump_stack_lvl+0x10/0x10
[  464.737374][T10447]  ? __pfx__printk+0x10/0x10
[  464.741984][T10447]  ? __pfx_lock_release+0x10/0x10
[  464.747032][T10447]  should_fail_ex+0x3b0/0x4e0
[  464.751733][T10447]  _copy_to_iter+0x21f/0x1e70
[  464.756433][T10447]  ? __virt_addr_valid+0x183/0x530
[  464.761569][T10447]  ? __pfx_lock_release+0x10/0x10
[  464.766616][T10447]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  464.772962][T10447]  ? __pfx__copy_to_iter+0x10/0x10
[  464.778094][T10447]  ? __virt_addr_valid+0x183/0x530
[  464.783225][T10447]  ? __virt_addr_valid+0x183/0x530
[  464.788352][T10447]  ? __virt_addr_valid+0x45f/0x530
[  464.793494][T10447]  ? __phys_addr_symbol+0x2f/0x70
[  464.798542][T10447]  ? __check_object_size+0x48e/0x900
[  464.803857][T10447]  __skb_datagram_iter+0x107/0x900
[  464.808993][T10447]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  464.814644][T10447]  ? __pfx_woken_wake_function+0x10/0x10
[  464.820303][T10447]  ? __pfx_validate_chain+0x10/0x10
[  464.825533][T10447]  skb_copy_datagram_iter+0xd1/0x250
[  464.830846][T10447]  tcp_recvmsg_locked+0xf8a/0x3c80
[  464.836030][T10447]  ? __pfx_tcp_recvmsg_locked+0x10/0x10
[  464.841602][T10447]  ? mark_lock+0x9a/0x360
[  464.845958][T10447]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  464.851965][T10447]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  464.858315][T10447]  ? __local_bh_enable_ip+0x168/0x200
[  464.863724][T10447]  ? lockdep_hardirqs_on+0x99/0x150
[  464.868951][T10447]  ? __local_bh_enable_ip+0x168/0x200
[  464.874357][T10447]  ? tcp_recvmsg+0x23c/0x920
[  464.879095][T10447]  tcp_recvmsg+0x25d/0x920
[  464.883536][T10447]  ? __lock_acquire+0x1397/0x2100
[  464.888586][T10447]  ? __pfx_tcp_recvmsg+0x10/0x10
[  464.893556][T10447]  ? __pfx_tcp_recvmsg+0x10/0x10
[  464.898516][T10447]  inet6_recvmsg+0x16a/0x730
[  464.903136][T10447]  ? __pfx_inet6_recvmsg+0x10/0x10
[  464.908275][T10447]  ? __might_fault+0xaa/0x120
[  464.912974][T10447]  ? __pfx_lock_release+0x10/0x10
[  464.918013][T10447]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  464.923324][T10447]  sock_recvmsg+0x109/0x280
[  464.927859][T10447]  ____sys_recvmsg+0x1c6/0x480
[  464.932647][T10447]  ? __pfx_____sys_recvmsg+0x10/0x10
[  464.937953][T10447]  __sys_recvmsg+0x291/0x390
[  464.942551][T10447]  ? __pfx___sys_recvmsg+0x10/0x10
[  464.947658][T10447]  ? __mutex_unlock_slowpath+0x21e/0x790
[  464.953306][T10447]  ? __fget_files+0x2a/0x410
[  464.957920][T10447]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  464.964248][T10447]  ? do_syscall_64+0x100/0x230
[  464.969018][T10447]  ? do_syscall_64+0xb6/0x230
[  464.973700][T10447]  do_syscall_64+0xf3/0x230
[  464.978208][T10447]  ? clear_bhb_loop+0x35/0x90
[  464.982886][T10447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.988780][T10447] RIP: 0033:0x7fedce97ff19
[  464.993197][T10447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  465.012808][T10447] RSP: 002b:00007fedcf838058 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  465.021231][T10447] RAX: ffffffffffffffda RBX: 00007fedceb45fa0 RCX: 00007fedce97ff19
[  465.029202][T10447] RDX: 0000000000000102 RSI: 0000000020001980 RDI: 0000000000000003
[  465.037170][T10447] RBP: 00007fedcf8380a0 R08: 0000000000000000 R09: 0000000000000000
[  465.045140][T10447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.053110][T10447] R13: 0000000000000000 R14: 00007fedceb45fa0 R15: 00007ffcfcf4bb78
[  465.061092][T10447]  </TASK>
[  465.078892][ T1582] m920x_read = error: -19
[  465.089581][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  465.348172][T10361] m920x_read = error: -19
[  465.632026][T10361] dvb-usb: error -19 while querying for an remote control event.
[  465.948667][T10361] m920x_read = error: -19
[  465.953370][T10361] dvb-usb: error -19 while querying for an remote control event.
[  466.186654][T10474] gre1: entered promiscuous mode
[  466.240759][ T1582] m920x_read = error: -19
[  466.245143][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  466.449153][    T9] kernel write not supported for file /891/projid_map (pid: 9 comm: kworker/0:1)
[  466.558660][T10361] m920x_read = error: -19
[  466.563641][T10361] dvb-usb: error -19 while querying for an remote control event.
[  466.732068][ T1582] m920x_read = error: -19
[  466.736464][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  466.900125][ T1582] m920x_read = error: -19
[  466.904734][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  467.080505][ T1582] m920x_read = error: -19
[  467.085002][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  467.139681][  T975] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  467.299703][ T1582] m920x_read = error: -19
[  467.304096][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  467.319657][  T975] usb 5-1: Using ep0 maxpacket: 16
[  467.327328][  T975] usb 5-1: too many configurations: 87, using maximum allowed: 8
[  467.362051][  T975] usb 5-1: unable to read config index 0 descriptor/start: -61
[  467.370783][  T975] usb 5-1: can't read configurations, error -61
[  467.469774][T10361] m920x_read = error: -19
[  467.474242][T10361] dvb-usb: error -19 while querying for an remote control event.
[  467.499622][  T975] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  467.639679][T10361] m920x_read = error: -19
[  467.644071][T10361] dvb-usb: error -19 while querying for an remote control event.
[  467.649637][    T8] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  467.660447][  T975] usb 5-1: Using ep0 maxpacket: 16
[  467.674506][  T975] usb 5-1: too many configurations: 87, using maximum allowed: 8
[  467.839791][T10361] m920x_read = error: -19
[  467.856883][T10361] dvb-usb: error -19 while querying for an remote control event.
[  467.894977][  T975] usb 5-1: unable to read config index 0 descriptor/start: -61
[  467.902826][  T975] usb 5-1: can't read configurations, error -61
[  467.909888][  T975] usb usb5-port1: attempt power cycle
[  467.987985][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  467.998012][    T8] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  468.012820][    T8] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  468.022181][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.033049][    T8] usb 6-1: config 0 descriptor??
[  468.041937][    T8] gspca_main: spca561-2.14.0 probing abcd:cdee
[  468.091494][T10361] m920x_read = error: -19
[  468.098719][T10361] dvb-usb: error -19 while querying for an remote control event.
[  468.259811][T10361] m920x_read = error: -19
[  468.264565][T10361] dvb-usb: error -19 while querying for an remote control event.
[  468.330006][  T975] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  468.412628][  T975] usb 5-1: Using ep0 maxpacket: 16
[  468.425918][  T975] usb 5-1: too many configurations: 87, using maximum allowed: 8
[  468.700047][    T8] spca561 6-1:0.0: probe with driver spca561 failed with error -22
[  468.820350][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  468.855532][    T8] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  468.973852][    T8] usb 6-1: MIDIStreaming interface descriptor not found
[  468.999358][  T975] usb 5-1: unable to read config index 0 descriptor/start: -61
[  469.019729][  T975] usb 5-1: can't read configurations, error -61
[  469.104074][T10361] m920x_read = error: -19
[  469.108556][T10361] dvb-usb: error -19 while querying for an remote control event.
[  469.126681][    T8] usb 6-1: USB disconnect, device number 6
[  469.133350][T10541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1300'.
[  469.239690][  T975] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  469.264106][  T975] usb 5-1: Using ep0 maxpacket: 16
[  469.274396][  T975] usb 5-1: too many configurations: 87, using maximum allowed: 8
[  469.361047][   T46] m920x_read = error: -19
[  469.365442][   T46] dvb-usb: error -19 while querying for an remote control event.
[  469.503139][  T975] usb 5-1: unable to read config index 0 descriptor/start: -61
[  469.512010][  T975] usb 5-1: can't read configurations, error -61
[  469.518718][  T975] usb usb5-port1: unable to enumerate USB device
[  469.529840][   T46] m920x_read = error: -19
[  469.534306][   T46] dvb-usb: error -19 while querying for an remote control event.
[  470.294344][   T46] m920x_read = error: -19
[  470.298908][   T46] dvb-usb: error -19 while querying for an remote control event.
[  470.459734][   T46] m920x_read = error: -19
[  470.464152][   T46] dvb-usb: error -19 while querying for an remote control event.
[  470.629778][   T46] m920x_read = error: -19
[  470.634281][   T46] dvb-usb: error -19 while querying for an remote control event.
[  470.808163][T10569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1307'.
[  470.817561][T10569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1307'.
[  471.500301][T10361] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  471.554599][T10576] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1309'.
[  471.565261][   T46] m920x_read = error: -19
[  471.569725][   T46] dvb-usb: error -19 while querying for an remote control event.
[  471.749226][ T1582] m920x_read = error: -19
[  471.754925][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  471.768989][T10361] usb 5-1: Using ep0 maxpacket: 8
[  471.777580][T10361] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  471.799530][T10361] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.807562][T10361] usb 5-1: Product: syz
[  471.812207][T10361] usb 5-1: Manufacturer: syz
[  471.818460][T10361] usb 5-1: SerialNumber: syz
[  471.878700][T10361] usb 5-1: config 0 descriptor??
[  472.227735][ T1582] m920x_read = error: -19
[  472.232362][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  472.960796][ T1582] m920x_read = error: -19
[  472.965195][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  472.973491][T10361] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  473.040529][T10601] 8021q: adding VLAN 0 to HW filter on device bond1
[  473.049076][T10601] bond0: (slave bond1): Enslaving as an active interface with an up link
[  473.130966][ T1582] m920x_read = error: -19
[  473.135493][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  473.300420][ T1582] m920x_read = error: -19
[  473.304872][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  473.449654][  T975] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  473.469656][ T1582] m920x_read = error: -19
[  473.474062][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  473.595589][T10616] FAULT_INJECTION: forcing a failure.
[  473.595589][T10616] name failslab, interval 1, probability 0, space 0, times 0
[  473.611003][T10616] CPU: 1 UID: 0 PID: 10616 Comm: syz.2.1319 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  473.621807][T10616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  473.631887][T10616] Call Trace:
[  473.635191][T10616]  <TASK>
[  473.638146][T10616]  dump_stack_lvl+0x241/0x360
[  473.642872][T10616]  ? __pfx_dump_stack_lvl+0x10/0x10
[  473.648110][T10616]  ? __pfx__printk+0x10/0x10
[  473.652732][T10616]  ? fs_reclaim_acquire+0x93/0x130
[  473.657881][T10616]  ? __pfx___might_resched+0x10/0x10
[  473.663198][T10616]  ? __lock_acquire+0x1397/0x2100
[  473.668259][T10616]  should_fail_ex+0x3b0/0x4e0
[  473.672950][T10616]  should_failslab+0xac/0x100
[  473.677651][T10616]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  473.683974][T10616]  ? smk_import_entry+0x18d/0x610
[  473.688998][T10616]  kstrndup+0x41/0xb0
[  473.692976][T10616]  smk_import_entry+0x18d/0x610
[  473.697828][T10616]  smk_fill_rule+0x4d/0x630
[  473.702332][T10616]  smk_parse_long_rule+0x617/0x7e0
[  473.707447][T10616]  ? __pfx_smk_parse_long_rule+0x10/0x10
[  473.713086][T10616]  ? __might_fault+0xaa/0x120
[  473.717799][T10616]  ? _copy_from_user+0x99/0xc0
[  473.722602][T10616]  smk_write_rules_list+0x2f9/0x450
[  473.727834][T10616]  ? __pfx_smk_write_rules_list+0x10/0x10
[  473.733602][T10616]  ? __pfx_smk_write_load_self2+0x10/0x10
[  473.739348][T10616]  vfs_write+0x2a3/0xd30
[  473.743625][T10616]  ? __pfx_vfs_write+0x10/0x10
[  473.748420][T10616]  ? __fget_files+0x2a/0x410
[  473.753034][T10616]  ? __fget_files+0x395/0x410
[  473.757742][T10616]  ? __fget_files+0x2a/0x410
[  473.762418][T10616]  ksys_write+0x18f/0x2b0
[  473.766784][T10616]  ? __pfx_ksys_write+0x10/0x10
[  473.771713][T10616]  ? do_syscall_64+0x100/0x230
[  473.776511][T10616]  ? do_syscall_64+0xb6/0x230
[  473.781228][T10616]  do_syscall_64+0xf3/0x230
[  473.785762][T10616]  ? clear_bhb_loop+0x35/0x90
[  473.790462][T10616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.796380][T10616] RIP: 0033:0x7fbad837ff19
[  473.800816][T10616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.820452][T10616] RSP: 002b:00007fbad91eb058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  473.828899][T10616] RAX: ffffffffffffffda RBX: 00007fbad8545fa0 RCX: 00007fbad837ff19
[  473.830012][  T975] usb 6-1: config 0 has an invalid interface number: 107 but max is 0
[  473.836873][T10616] RDX: 000000000000000e RSI: 0000000020000400 RDI: 0000000000000003
[  473.836914][T10616] RBP: 00007fbad91eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  473.845497][  T975] usb 6-1: config 0 has no interface number 0
[  473.853026][T10616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.853047][T10616] R13: 0000000000000000 R14: 00007fbad8545fa0 R15: 00007ffe86e6eb08
[  473.853076][T10616]  </TASK>
[  473.856277][ T1582] m920x_read = error: -19
[  473.886994][  T975] usb 6-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  473.904181][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  473.941699][  T975] usb 6-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  473.951398][  T975] usb 6-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  473.969546][  T975] usb 6-1: Product: syz
[  473.979779][  T975] usb 6-1: Manufacturer: syz
[  473.989538][  T975] usb 6-1: SerialNumber: syz
[  474.002005][  T975] usb 6-1: config 0 descriptor??
[  474.019920][  T975] keyspan 6-1:0.107: Keyspan 4 port adapter converter detected
[  474.037971][  T975] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 81
[  474.060551][  T975] keyspan 6-1:0.107: unsupported endpoint type 0
[  474.067681][  T975] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 1
[  474.090591][  T975] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  474.099457][  T975] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 2
[  474.099642][ T4920] m920x_read = error: -19
[  474.116129][  T975] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  474.118233][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  474.130282][  T975] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 4
[  474.135715][T10556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  474.161262][  T975] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  474.161720][T10556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  474.194975][  T975] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 6
[  474.209454][  T975] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  474.230790][T10361] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  474.249591][T10361] usb 5-1: USB disconnect, device number 41
[  474.275322][  T975] usb 6-1: USB disconnect, device number 7
[  474.276513][T10624] netdevsim netdevsim2: Direct firmware load for å failed with error -2
[  474.290051][ T1582] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  474.300665][T10624] netdevsim netdevsim2: Falling back to sysfs fallback for: å
[  474.315340][  T975] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  474.320484][ T4920] m920x_read = error: -19
[  474.332697][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  474.359856][  T975] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  474.400246][  T975] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  474.424375][  T975] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  474.450007][ T1582] usb 2-1: Using ep0 maxpacket: 32
[  474.460198][  T975] keyspan 6-1:0.107: device disconnected
[  474.460668][ T1582] usb 2-1: config index 0 descriptor too short (expected 1051, got 27)
[  474.489346][ T1582] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  474.499621][T10361] m920x_read = error: -19
[  474.503988][T10361] dvb-usb: error -19 while querying for an remote control event.
[  474.522197][ T1582] usb 2-1: config 0 has no interface number 0
[  474.529011][ T1582] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  474.555557][ T1582] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  474.571664][ T1582] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  474.589692][ T1582] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.598097][ T1582] usb 2-1: Product: syz
[  474.605225][ T1582] usb 2-1: Manufacturer: syz
[  474.610016][ T1582] usb 2-1: SerialNumber: syz
[  474.616737][ T1582] usb 2-1: config 0 descriptor??
[  474.679744][ T4920] m920x_read = error: -19
[  474.684368][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  474.834467][ T1582] radio-si470x 2-1:0.35: this is not a si470x device.
[  474.859651][ T4920] m920x_read = error: -19
[  474.864099][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  474.902462][ T1582] radio-raremono 2-1:0.35: this is not Thanko's Raremono.
[  474.926669][ T1582] usb 2-1: USB disconnect, device number 38
[  475.029629][ T4920] m920x_read = error: -19
[  475.034018][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  475.325912][ T1582] m920x_read = error: -19
[  475.331794][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  475.564092][ T4920] m920x_read = error: -19
[  475.569798][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  475.737167][ T4920] m920x_read = error: -19
[  475.743908][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  476.173568][ T4920] m920x_read = error: -19
[  477.217290][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  478.010704][ T1582] m920x_read = error: -19
[  478.061806][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  478.499898][ T4920] m920x_read = error: -19
[  478.504360][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  478.579646][ T1582] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  478.669848][T10361] m920x_read = error: -19
[  478.674305][T10361] dvb-usb: error -19 while querying for an remote control event.
[  478.759587][ T1582] usb 6-1: Using ep0 maxpacket: 32
[  478.766542][ T1582] usb 6-1: config 8 has an invalid interface number: 28 but max is 0
[  478.779347][ T1582] usb 6-1: config 8 has no interface number 0
[  478.788098][ T1582] usb 6-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.02
[  478.798543][ T1582] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.807169][ T1582] usb 6-1: Product: syz
[  478.814257][ T1582] usb 6-1: Manufacturer: syz
[  478.818918][ T1582] usb 6-1: SerialNumber: syz
[  478.830642][ T1582] go7007 6-1:8.28: probe with driver go7007 failed with error -12
[  478.839664][ T1582] m920x_read = error: -19
[  478.844009][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  478.889616][  T975] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  478.949608][T10361] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  479.010184][ T1582] m920x_read = error: -19
[  479.014556][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  479.049603][  T975] usb 5-1: Using ep0 maxpacket: 8
[  479.056252][  T975] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  479.067582][  T975] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  479.083935][  T975] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  479.101224][  T975] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  479.101597][T10361] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  479.112485][  T975] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  479.137927][  T975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.144507][T10361] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  479.158731][  T975] hub 5-1:1.0: bad descriptor, ignoring hub
[  479.165105][  T975] hub 5-1:1.0: probe with driver hub failed with error -5
[  479.172384][T10361] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  479.178497][  T975] cdc_wdm 5-1:1.0: skipping garbage
[  479.181467][ T1582] m920x_read = error: -19
[  479.186920][  T975] cdc_wdm 5-1:1.0: skipping garbage
[  479.199003][  T975] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  479.200591][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  479.206472][  T975] cdc_wdm 5-1:1.0: Unknown control protocol
[  479.218262][T10361] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  479.229907][T10361] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  479.243860][T10361] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  479.253069][T10361] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  479.261166][T10361] usb 2-1: Product: syz
[  479.265361][T10361] usb 2-1: Manufacturer: syz
[  479.274551][T10361] cdc_wdm 2-1:1.0: skipping garbage
[  479.280208][T10361] cdc_wdm 2-1:1.0: skipping garbage
[  479.288339][T10361] cdc_wdm 2-1:1.0: cdc-wdm1: USB WDM device
[  479.301009][T10361] cdc_wdm 2-1:1.0: Unknown control protocol
[  479.366208][T10361] usb 2-1: USB disconnect, device number 39
[  479.389819][ T1582] m920x_read = error: -19
[  479.394222][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  479.469874][T10666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.480416][T10666] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.579601][ T1582] m920x_read = error: -19
[  479.583967][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  479.620040][  T975] usb 5-1: USB disconnect, device number 42
[  479.647746][T10674] netdevsim netdevsim2: Direct firmware load for å failed with error -2
[  479.658629][T10674] netdevsim netdevsim2: Falling back to sysfs fallback for: å
[  479.759708][ T1582] m920x_read = error: -19
[  479.764124][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  479.949944][T10361] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  479.960565][ T1582] m920x_read = error: -19
[  479.965127][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  480.129882][T10361] usb 2-1: Using ep0 maxpacket: 32
[  480.142459][ T1582] m920x_read = error: -19
[  480.148632][T10361] usb 2-1: config index 0 descriptor too short (expected 1051, got 27)
[  480.159696][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  480.175169][T10361] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  480.190300][T10361] usb 2-1: config 0 has no interface number 0
[  480.200553][T10361] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  480.223431][T10361] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  480.276793][T10361] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  480.301055][T10361] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.328070][T10361] usb 2-1: Product: syz
[  480.349680][ T1582] m920x_read = error: -19
[  480.354248][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  480.394731][  T975] usb 6-1: USB disconnect, device number 8
[  480.404023][T10361] usb 2-1: Manufacturer: syz
[  480.425472][T10361] usb 2-1: SerialNumber: syz
[  480.450516][T10361] usb 2-1: config 0 descriptor??
[  480.602801][ T4920] m920x_read = error: -19
[  480.609727][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  480.657902][T10361] radio-si470x 2-1:0.35: this is not a si470x device.
[  480.699992][T10361] radio-raremono 2-1:0.35: this is not Thanko's Raremono.
[  480.710971][T10361] usb 2-1: USB disconnect, device number 40
[  480.720500][T10698] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1344'.
[  480.739724][    T8] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  480.748524][ T5874] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  480.780530][ T4920] m920x_read = error: -19
[  480.790651][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  480.879743][    T8] usb 5-1: device descriptor read/64, error -71
[  480.920030][ T5874] usb 3-1: Using ep0 maxpacket: 32
[  480.936239][ T5874] usb 3-1: too many configurations: 255, using maximum allowed: 8
[  480.963332][ T5874] usb 3-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=85.bd
[  480.979876][T10361] m920x_read = error: -19
[  480.981744][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=254
[  480.984230][T10361] dvb-usb: error -19 while querying for an remote control event.
[  481.019591][ T5874] usb 3-1: Product: syz
[  481.029690][ T5874] usb 3-1: Manufacturer: syz
[  481.039641][ T5874] usb 3-1: SerialNumber: syz
[  481.051354][ T5874] usb 3-1: config 0 descriptor??
[  481.129712][    T8] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  481.259716][    T8] usb 5-1: device descriptor read/64, error -71
[  481.281541][T10361] m920x_read = error: -19
[  481.286403][T10361] dvb-usb: error -19 while querying for an remote control event.
[  481.321909][T10361] usb 3-1: USB disconnect, device number 27
[  482.329885][    T8] usb usb5-port1: attempt power cycle
[  482.331342][ T4920] m920x_read = error: -19
[  482.339727][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  482.517742][T10361] m920x_read = error: -19
[  482.522410][T10361] dvb-usb: error -19 while querying for an remote control event.
[  482.700555][T10361] m920x_read = error: -19
[  482.705071][T10361] dvb-usb: error -19 while querying for an remote control event.
[  482.829979][    T8] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  482.864404][    T8] usb 5-1: device descriptor read/8, error -71
[  482.881440][T10361] m920x_read = error: -19
[  482.885915][T10361] dvb-usb: error -19 while querying for an remote control event.
[  483.052085][T10361] m920x_read = error: -19
[  483.056616][T10361] dvb-usb: error -19 while querying for an remote control event.
[  483.266382][T10361] m920x_read = error: -19
[  483.271067][T10361] dvb-usb: error -19 while querying for an remote control event.
[  483.419601][    T8] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  484.074567][T10361] m920x_read = error: -19
[  484.078964][T10361] dvb-usb: error -19 while querying for an remote control event.
[  484.359505][ T1582] m920x_read = error: -19
[  484.363905][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  484.424638][    T8] usb 5-1: device descriptor read/8, error -71
[  484.535457][T10361] m920x_read = error: -19
[  484.559891][    T8] usb usb5-port1: unable to enumerate USB device
[  484.581099][T10361] dvb-usb: error -19 while querying for an remote control event.
[  484.742795][T10806] FAULT_INJECTION: forcing a failure.
[  484.742795][T10806] name failslab, interval 1, probability 0, space 0, times 0
[  484.786288][T10806] CPU: 1 UID: 0 PID: 10806 Comm: syz.0.1361 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  484.797110][T10806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  484.807193][T10806] Call Trace:
[  484.810495][T10806]  <TASK>
[  484.813442][T10806]  dump_stack_lvl+0x241/0x360
[  484.818151][T10806]  ? __pfx_dump_stack_lvl+0x10/0x10
[  484.823377][T10806]  ? __pfx__printk+0x10/0x10
[  484.827996][T10806]  ? __kmalloc_noprof+0xb5/0x4c0
[  484.832954][T10806]  ? __pfx___might_resched+0x10/0x10
[  484.838252][T10806]  should_fail_ex+0x3b0/0x4e0
[  484.842937][T10806]  should_failslab+0xac/0x100
[  484.847616][T10806]  __kmalloc_noprof+0xdd/0x4c0
[  484.852383][T10806]  ? fib6_info_alloc+0x2e/0xf0
[  484.857154][T10806]  fib6_info_alloc+0x2e/0xf0
[  484.861750][T10806]  ip6_route_info_create+0x445/0x12b0
[  484.867128][T10806]  ? nla_find+0x11d/0x140
[  484.871461][T10806]  inet6_rtm_newroute+0x71a/0x2100
[  484.876602][T10806]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  484.882152][T10806]  ? __mutex_trylock_common+0x183/0x2e0
[  484.887699][T10806]  ? __pfx___might_resched+0x10/0x10
[  484.892999][T10806]  ? __mutex_lock+0x37f/0xee0
[  484.897699][T10806]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  484.903251][T10806]  rtnetlink_rcv_msg+0x73f/0xcf0
[  484.908186][T10806]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  484.913299][T10806]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  484.918762][T10806]  ? ref_tracker_free+0x643/0x7e0
[  484.923795][T10806]  netlink_rcv_skb+0x1e3/0x430
[  484.928555][T10806]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  484.934013][T10806]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  484.939310][T10806]  ? netlink_deliver_tap+0x2e/0x1b0
[  484.944505][T10806]  netlink_unicast+0x7f6/0x990
[  484.949277][T10806]  ? __pfx_netlink_unicast+0x10/0x10
[  484.954560][T10806]  ? __virt_addr_valid+0x183/0x530
[  484.959670][T10806]  ? __check_object_size+0x48e/0x900
[  484.964963][T10806]  netlink_sendmsg+0x8e4/0xcb0
[  484.969732][T10806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.975029][T10806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.980317][T10806]  __sock_sendmsg+0x221/0x270
[  484.984999][T10806]  ____sys_sendmsg+0x52a/0x7e0
[  484.989769][T10806]  ? __pfx_____sys_sendmsg+0x10/0x10
[  484.995053][T10806]  ? __fget_files+0x2a/0x410
[  484.999643][T10806]  ? __fget_files+0x2a/0x410
[  485.004236][T10806]  __sys_sendmsg+0x269/0x350
[  485.008819][T10806]  ? __pfx_lock_release+0x10/0x10
[  485.013841][T10806]  ? __pfx___sys_sendmsg+0x10/0x10
[  485.018958][T10806]  ? __pfx_vfs_write+0x10/0x10
[  485.023741][T10806]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  485.030065][T10806]  ? do_syscall_64+0x100/0x230
[  485.034828][T10806]  ? do_syscall_64+0xb6/0x230
[  485.039510][T10806]  do_syscall_64+0xf3/0x230
[  485.044017][T10806]  ? clear_bhb_loop+0x35/0x90
[  485.048696][T10806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.054588][T10806] RIP: 0033:0x7fca2337ff19
[  485.059004][T10806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.078611][T10806] RSP: 002b:00007fca241c5058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  485.087037][T10806] RAX: ffffffffffffffda RBX: 00007fca23545fa0 RCX: 00007fca2337ff19
[  485.095006][T10806] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  485.102978][T10806] RBP: 00007fca241c50a0 R08: 0000000000000000 R09: 0000000000000000
[  485.110944][T10806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.118912][T10806] R13: 0000000000000000 R14: 00007fca23545fa0 R15: 00007ffe0ed6ad18
[  485.126891][T10806]  </TASK>
[  485.140833][T10361] m920x_read = error: -19
[  485.145216][T10361] dvb-usb: error -19 while querying for an remote control event.
[  485.439702][ T1582] m920x_read = error: -19
[  485.449534][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  486.065243][T10361] m920x_read = error: -19
[  486.070123][T10361] dvb-usb: error -19 while querying for an remote control event.
[  486.119647][    T8] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  487.043781][ T1582] m920x_read = error: -19
[  487.048184][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  487.199750][    T8] usb 6-1: Using ep0 maxpacket: 32
[  487.209292][    T8] usb 6-1: config index 0 descriptor too short (expected 1051, got 27)
[  487.223725][    T8] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[  487.267680][    T8] usb 6-1: config 0 has no interface number 0
[  487.299803][    T8] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  487.529613][  T975] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  487.867238][T10361] m920x_read = error: -19
[  487.871877][T10361] dvb-usb: error -19 while querying for an remote control event.
[  488.027708][    T8] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  488.047783][ T1582] m920x_read = error: -19
[  488.059994][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  488.080124][    T8] usb 6-1: string descriptor 0 read error: -71
[  488.086398][    T8] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  488.095625][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.104752][T10826] tipc: Started in network mode
[  488.109989][T10826] tipc: Node identity ac1414aa, cluster identity 4711
[  488.118630][T10826] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.125728][T10826] tipc: Enabled bearer <udp:s>, priority 10
[  488.131762][ T5874] IPVS: starting estimator thread 0...
[  488.150580][    T8] usb 6-1: config 0 descriptor??
[  488.156775][    T8] usb 6-1: can't set config #0, error -71
[  488.163775][    T8] usb 6-1: USB disconnect, device number 9
[  488.199915][  T975] usb 2-1: Using ep0 maxpacket: 8
[  488.208434][  T975] usb 2-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  488.218611][T10834] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1371'.
[  488.228176][  T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=1
[  488.236508][  T975] usb 2-1: Product: syz
[  488.239703][T10361] m920x_read = error: -19
[  488.240946][  T975] usb 2-1: Manufacturer: syz
[  488.245183][T10361] dvb-usb: error -19 while querying for an remote control event.
[  488.249967][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.250200][  T975] usb 2-1: SerialNumber: syz
[  488.258545][T10832] IPVS: using max 24 ests per chain, 57600 per kthread
[  488.266235][T10834] batman_adv: batadv0: Removing interface: batadv_slave_0
[  488.291741][  T975] usb 2-1: config 0 descriptor??
[  488.299782][T10834] batman_adv: batadv0: Removing interface: batadv_slave_1
[  488.308380][  T975] usbtest 2-1:0.0: FX2 device
[  488.313215][  T975] usbtest 2-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  488.389604][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.440410][T10361] m920x_read = error: -19
[  488.445071][T10361] dvb-usb: error -19 while querying for an remote control event.
[  488.529594][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.669619][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.709842][ T1582] m920x_read = error: -19
[  488.714227][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  488.737575][T10827] netem: incorrect gi model size
[  488.745528][T10827] netem: change failed
[  488.789585][T10361] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  488.809707][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.879991][ T4920] m920x_read = error: -19
[  488.884426][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  488.949604][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  488.969654][T10361] usb 6-1: Using ep0 maxpacket: 16
[  488.986444][T10361] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  489.011798][T10361] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.045104][T10361] usb 6-1: Product: syz
[  489.049405][T10361] usb 6-1: Manufacturer: syz
[  489.054282][T10361] usb 6-1: SerialNumber: syz
[  489.082293][ T4920] m920x_read = error: -19
[  489.086838][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  489.089590][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  489.110612][T10361] r8152-cfgselector 6-1: Unknown version 0x0000
[  489.122020][T10361] r8152-cfgselector 6-1: config 0 descriptor??
[  489.231483][    T8] tipc: Node number set to 2886997162
[  489.331501][ T4920] m920x_read = error: -19
[  489.336042][ T4920] dvb-usb: error -19 while querying for an remote control event.
[  489.369600][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  489.639617][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  490.308821][T10361] m920x_read = error: -19
[  490.313341][T10361] dvb-usb: error -19 while querying for an remote control event.
[  490.479724][ T1582] m920x_read = error: -19
[  490.484115][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  490.649775][ T1582] m920x_read = error: -19
[  490.658695][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  490.793331][    T8] usb 2-1: USB disconnect, device number 41
[  490.819621][ T1582] m920x_read = error: -19
[  490.824020][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  491.074991][ T1582] m920x_read = error: -19
[  491.079388][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  491.215463][    T8] r8152-cfgselector 6-1: USB disconnect, device number 10
[  491.239664][ T1582] m920x_read = error: -19
[  491.244060][ T1582] dvb-usb: error -19 while querying for an remote control event.
[  491.300502][    C0] ------------[ cut here ]------------
[  491.306412][    C0] WARNING: CPU: 0 PID: 0 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x6fc/0x810
[  491.315673][    C0] Modules linked in:
[  491.319592][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  491.329994][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  491.340086][    C0] RIP: 0010:inet_sock_destruct+0x6fc/0x810
[  491.345898][    C0] Code: 63 f7 90 0f 0b 90 e9 17 fe ff ff e8 0e 41 63 f7 90 0f 0b 90 41 80 3c 2c 00 0f 85 40 fe ff ff e9 43 fe ff ff e8 f5 40 63 f7 90 <0f> 0b 90 e9 b3 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 00 fc
[  491.365527][    C0] RSP: 0018:ffffc90000007b50 EFLAGS: 00010246
[  491.371619][    C0] RAX: ffffffff8a3c30cb RBX: 0000000000000ff0 RCX: ffffffff8e6965c0
[  491.379619][    C0] RDX: 0000000000000100 RSI: 0000000000000ff0 RDI: 0000000000000000
[  491.387582][    C0] RBP: ffff888055295e80 R08: ffffffff8a3c2f7a R09: 1ffff1100aa52c23
[  491.395574][    C0] R10: dffffc0000000000 R11: ffffed100aa52c24 R12: 1ffff1100aa52bd5
[  491.403566][    C0] R13: ffff888055296368 R14: ffff888055295ea8 R15: ffff888055295e92
[  491.411560][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  491.420507][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  491.427088][    C0] CR2: 000000110c335095 CR3: 000000006342e000 CR4: 00000000003526f0
[  491.435078][    C0] DR0: 00000000000000a4 DR1: 0000000000000097 DR2: 0000000000000000
[  491.443080][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  491.451063][    C0] Call Trace:
[  491.454334][    C0]  <IRQ>
[  491.457166][    C0]  ? __warn+0x165/0x4d0
[  491.461335][    C0]  ? inet_sock_destruct+0x6fc/0x810
[  491.466546][    C0]  ? report_bug+0x2b3/0x500
[  491.471065][    C0]  ? inet_sock_destruct+0x6fc/0x810
[  491.476277][    C0]  ? handle_bug+0x60/0x90
[  491.480616][    C0]  ? exc_invalid_op+0x1a/0x50
[  491.485281][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[  491.490323][    C0]  ? inet_sock_destruct+0x5aa/0x810
[  491.495507][    C0]  ? inet_sock_destruct+0x6fb/0x810
[  491.500718][    C0]  ? inet_sock_destruct+0x6fc/0x810
[  491.505906][    C0]  ? __pfx_inet6_sock_destruct+0x10/0x10
[  491.511555][    C0]  ? rcu_core+0xa37/0x17a0
[  491.515964][    C0]  __sk_destruct+0x58/0x5f0
[  491.520480][    C0]  ? rcu_core+0xa37/0x17a0
[  491.524883][    C0]  ? __pfx___sk_destruct+0x10/0x10
[  491.530011][    C0]  rcu_core+0xaaa/0x17a0
[  491.534255][    C0]  ? __pfx_rcu_core+0x10/0x10
[  491.538929][    C0]  ? sched_balance_domains+0x91b/0xa90
[  491.544425][    C0]  ? sched_balance_domains+0x1b2/0xa90
[  491.549895][    C0]  ? __pfx_sched_balance_domains+0x10/0x10
[  491.555694][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  491.560914][    C0]  handle_softirqs+0x2d4/0x9b0
[  491.565685][    C0]  ? __irq_exit_rcu+0xf7/0x220
[  491.570468][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  491.575748][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  491.580970][    C0]  __irq_exit_rcu+0xf7/0x220
[  491.585577][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  491.590812][    C0]  irq_exit_rcu+0x9/0x30
[  491.595048][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  491.600695][    C0]  </IRQ>
[  491.603619][    C0]  <TASK>
[  491.606538][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  491.612539][    C0] RIP: 0010:acpi_safe_halt+0x21/0x30
[  491.617816][    C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 80 d4 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d b5 4f a0 00 f3 0f 1e fa fb f4 <fa> c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
[  491.637438][    C0] RSP: 0018:ffffffff8e607ca8 EFLAGS: 00000246
[  491.643519][    C0] RAX: ffffffff8e6965c0 RBX: ffff8881446f8064 RCX: 00000000003da989
[  491.651501][    C0] RDX: 0000000000000001 RSI: ffff8881446f8000 RDI: ffff8881446f8064
[  491.659504][    C0] RBP: 000000000003a878 R08: ffff8880b8637cdb R09: 1ffff110170c6f9b
[  491.667486][    C0] R10: dffffc0000000000 R11: ffffffff8bc80fc0 R12: ffff888020b20800
[  491.675485][    C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8f10c820
[  491.683478][    C0]  ? __pfx_acpi_idle_enter+0x10/0x10
[  491.688768][    C0]  acpi_idle_enter+0xe4/0x140
[  491.693463][    C0]  cpuidle_enter_state+0x109/0x470
[  491.698569][    C0]  ? __pfx_menu_select+0x10/0x10
[  491.703522][    C0]  cpuidle_enter+0x5d/0xa0
[  491.707931][    C0]  do_idle+0x372/0x5c0
[  491.712015][    C0]  ? __pfx_do_idle+0x10/0x10
[  491.716609][    C0]  ? poll_idle+0xb0/0xb0
[  491.720878][    C0]  ? rest_init+0x31/0x300
[  491.725211][    C0]  cpu_startup_entry+0x42/0x60
[  491.730021][    C0]  rest_init+0x2dc/0x300
[  491.734260][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  491.739836][    C0]  start_kernel+0x47f/0x500
[  491.744349][    C0]  x86_64_start_reservations+0x2a/0x30
[  491.749843][    C0]  x86_64_start_kernel+0x9f/0xa0
[  491.754777][    C0]  common_startup_64+0x13e/0x147
[  491.759738][    C0]  </TASK>
[  491.762756][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  491.770031][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-syzkaller-00182-gb8f52214c61a #0
[  491.780347][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  491.790393][    C0] Call Trace:
[  491.793661][    C0]  <IRQ>
[  491.796502][    C0]  dump_stack_lvl+0x241/0x360
[  491.801178][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  491.806365][    C0]  ? __pfx__printk+0x10/0x10
[  491.810947][    C0]  ? vscnprintf+0x5d/0x90
[  491.815263][    C0]  panic+0x349/0x880
[  491.819145][    C0]  ? __warn+0x174/0x4d0
[  491.823291][    C0]  ? __pfx_panic+0x10/0x10
[  491.827702][    C0]  ? common_startup_64+0x13e/0x147
[  491.832806][    C0]  __warn+0x344/0x4d0
[  491.836777][    C0]  ? inet_sock_destruct+0x6fc/0x810
[  491.841964][    C0]  report_bug+0x2b3/0x500
[  491.846280][    C0]  ? inet_sock_destruct+0x6fc/0x810
[  491.851471][    C0]  handle_bug+0x60/0x90
[  491.855605][    C0]  exc_invalid_op+0x1a/0x50
[  491.860091][    C0]  asm_exc_invalid_op+0x1a/0x20
[  491.864929][    C0] RIP: 0010:inet_sock_destruct+0x6fc/0x810
[  491.870718][    C0] Code: 63 f7 90 0f 0b 90 e9 17 fe ff ff e8 0e 41 63 f7 90 0f 0b 90 41 80 3c 2c 00 0f 85 40 fe ff ff e9 43 fe ff ff e8 f5 40 63 f7 90 <0f> 0b 90 e9 b3 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 00 fc
[  491.890314][    C0] RSP: 0018:ffffc90000007b50 EFLAGS: 00010246
[  491.896366][    C0] RAX: ffffffff8a3c30cb RBX: 0000000000000ff0 RCX: ffffffff8e6965c0
[  491.904324][    C0] RDX: 0000000000000100 RSI: 0000000000000ff0 RDI: 0000000000000000
[  491.912284][    C0] RBP: ffff888055295e80 R08: ffffffff8a3c2f7a R09: 1ffff1100aa52c23
[  491.920242][    C0] R10: dffffc0000000000 R11: ffffed100aa52c24 R12: 1ffff1100aa52bd5
[  491.928198][    C0] R13: ffff888055296368 R14: ffff888055295ea8 R15: ffff888055295e92
[  491.936160][    C0]  ? inet_sock_destruct+0x5aa/0x810
[  491.941348][    C0]  ? inet_sock_destruct+0x6fb/0x810
[  491.946538][    C0]  ? __pfx_inet6_sock_destruct+0x10/0x10
[  491.952162][    C0]  ? rcu_core+0xa37/0x17a0
[  491.956571][    C0]  __sk_destruct+0x58/0x5f0
[  491.961064][    C0]  ? rcu_core+0xa37/0x17a0
[  491.965471][    C0]  ? __pfx___sk_destruct+0x10/0x10
[  491.970570][    C0]  rcu_core+0xaaa/0x17a0
[  491.974806][    C0]  ? __pfx_rcu_core+0x10/0x10
[  491.979505][    C0]  ? sched_balance_domains+0x91b/0xa90
[  491.984985][    C0]  ? sched_balance_domains+0x1b2/0xa90
[  491.990435][    C0]  ? __pfx_sched_balance_domains+0x10/0x10
[  491.996225][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  492.001421][    C0]  handle_softirqs+0x2d4/0x9b0
[  492.006182][    C0]  ? __irq_exit_rcu+0xf7/0x220
[  492.010938][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  492.016210][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  492.021398][    C0]  __irq_exit_rcu+0xf7/0x220
[  492.025979][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  492.031189][    C0]  irq_exit_rcu+0x9/0x30
[  492.035419][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  492.041043][    C0]  </IRQ>
[  492.043958][    C0]  <TASK>
[  492.046871][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  492.052845][    C0] RIP: 0010:acpi_safe_halt+0x21/0x30
[  492.058115][    C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 80 d4 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d b5 4f a0 00 f3 0f 1e fa fb f4 <fa> c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
[  492.077710][    C0] RSP: 0018:ffffffff8e607ca8 EFLAGS: 00000246
[  492.083767][    C0] RAX: ffffffff8e6965c0 RBX: ffff8881446f8064 RCX: 00000000003da989
[  492.091728][    C0] RDX: 0000000000000001 RSI: ffff8881446f8000 RDI: ffff8881446f8064
[  492.099702][    C0] RBP: 000000000003a878 R08: ffff8880b8637cdb R09: 1ffff110170c6f9b
[  492.107660][    C0] R10: dffffc0000000000 R11: ffffffff8bc80fc0 R12: ffff888020b20800
[  492.115616][    C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8f10c820
[  492.123582][    C0]  ? __pfx_acpi_idle_enter+0x10/0x10
[  492.128858][    C0]  acpi_idle_enter+0xe4/0x140
[  492.133520][    C0]  cpuidle_enter_state+0x109/0x470
[  492.138629][    C0]  ? __pfx_menu_select+0x10/0x10
[  492.143561][    C0]  cpuidle_enter+0x5d/0xa0
[  492.147966][    C0]  do_idle+0x372/0x5c0
[  492.152032][    C0]  ? __pfx_do_idle+0x10/0x10
[  492.156627][    C0]  ? poll_idle+0xb0/0xb0
[  492.160861][    C0]  ? rest_init+0x31/0x300
[  492.165177][    C0]  cpu_startup_entry+0x42/0x60
[  492.169932][    C0]  rest_init+0x2dc/0x300
[  492.174188][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  492.179720][    C0]  start_kernel+0x47f/0x500
[  492.184227][    C0]  x86_64_start_reservations+0x2a/0x30
[  492.189676][    C0]  x86_64_start_kernel+0x9f/0xa0
[  492.194602][    C0]  common_startup_64+0x13e/0x147
[  492.199544][    C0]  </TASK>
[  492.202818][    C0] Kernel Offset: disabled
[  492.207167][    C0] Rebooting in 86400 seconds..