last executing test programs:

16.995326872s ago: executing program 4 (id=343):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x6000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x80}}, 0x20050800)

16.639319567s ago: executing program 4 (id=345):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c0003801800038014"], 0xd8}}, 0x0)
socket$kcm(0x11, 0x1, 0x300)
r2 = socket$kcm(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="17000000000000000084000001000000000000", @ANYRES32=0x1, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_DELETE_ELEM(0x15, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f00004bb000/0x1000)=nil, &(0x7f000064f000/0x2000)=nil, 0x0, &(0x7f0000000080)=[{0x6, 0x6, 0x7fffffff}], 0x1, 0x0, 0x0, 0x0, 0x0, 0x7d})
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x24000000)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
statx(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4000, 0x400, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="700500002300020000000000fbdbdf251c00000008004c00ac1414aabb019a807c683a3c50d36647e60f99c194e9af56646305990100805397d0f6006a5f728914634fbe893b4745227b5772623dac242ceff97592dc401b21011c9a95482b7e61e317004a5687509c697e3dc9549542338c956ebe5135c9213389872e3a81691c1da855e894acd6fcc5fe3109e46ba6a951a8250e629ccec1445d467f1594e60a37f21064cfccd48657b10cee9b8dadd23af50c0b9887966525d163c98b8ea28aae2c12ad30be3b820135af377f84cc3c32d3a1ee9e6dc88341d498685c8c0bdf6645c0def571929cd80000000000000000000400b9008923af76272620c428a5cfc5ff31bd799f5fc38093ac8795770c89be414135b95db209ed146113fcfb7a8fdffb073875c3a1a0f9a1ca8fcf7ee91bb600415bc827bd4b64e89716637cbbf109854e5ec492f9cc262a72bff72a513cb04e5154326dd58c14a16ad3d3d90111fe802176169165b3a66f954e15e02515703e20180e235946ad8b1daa95316f8d9eb645d89ba7c3814aedf910135aaece299ae7f39144a660e43205a22c30c0578a74f717d1e2c51b685101be80b83a7fe9dd26fb6bc007a501c1ded553d50710aed2a4820dda2f810d9f00000008006b00", @ANYRES32=r0, @ANYBLOB="005603fb800800cd00ac1414aa08003700", @ANYRES32=0x0, @ANYBLOB="cb010a8078af104049126c7802d2776280b40b701509ccff6d3e02ae5fcb441f2def69dda310ec0682940ce6c79fa974d7a4d8e47c7d060fa1fed96e8f82048a0eecca203b72ce5dc3d09f97c29f8ede63361d17aa7c8fd97a30f69ab2244deae8de4d5ccd759b34238ba5f033edcadc2c76dc6ba6f34f4617ea8f33aa94bf4c28f18c1dbd221af3ac2ba5343f49a843bc76270fb346c2fb7a7b31218e13d758d4ca7f686d4c445932a59700b444cfeea72f5bc58cf4912d5c3f71ac70f2af659666505809942db31784d91f6d85ae9754cced99843a1258db3993bf2cba447e47f683d925bde81f65e9819ec20c20555939bd67725b9d2c07d37c1ea7f81d4ca698297f6ef61131902af70f12a4fa36bcf9e57794821daad4d58ede57c82ba3b1a7cf4627341683c28c543cd7bc04000680f1dffc3fd462082bf42d36c2c301145f4703bccb66697ffef261094b6617a44c5dd01f99f07bc9b46aa33b8d2cf214420429d30982488e5411fe6e6e3dffb35b24da4fa3ca1e873f0328f15837de2e4e0bee9b9e449a86b61e178a4945666b23d0867cf9f69411a894e43f08004b000100000004008b80d3a11c4a07d4a31bfe9166aa6e01f81b8bdf1bac289733cd3caf487e475d04008b800021236a39d941f6fd7b55a57d6e185c5e0adc275126b7a6eff028a504aef004b1a009ee2a1484eb648888bcda2ca6dd40a9adf71130c4ab525bb63aab6577b47c26681f0aa7b56d6f278e10163d407564b6e219f5a63fa6f320cfaf8f6d3544e9d16e998a25df19903f3b7476c368ea1caede842b0a068496b3d8e23d3c8cbe596232193de625587b5b93937a55059e5dcffb7e2787479b8d4fa435cac6c76033d91adb65be7f0d5513e2e72ae10705fa0134bd9910a0110800110005000000866955163f9471ee64f0a7e184ea2be3726d1ab907da3b7f38da4ab957378cbf1b367f8c46525dd77d767f6bbfa557117802e199c08e9ff4d757dc1982f4c735b2e49a57e0b8231f7ea9309d2cd71a3171ff45b99e7c899744d61d3c564181af99dba41c357a295cafc31b3f30762140153ffeb8793d6d24cc7442f249de906cf2655a104ff9533f33897564e172d4e2822b3d1e11bd940caeff659b3e69256216e1e01f972d53fb7669cf461ec59108004c00", @ANYRES32=r8, @ANYBLOB="0000cb3a53898f7390bb8567eaccda27a83695e542cf3e7e00b71d2d4d41865463ca21cdae15da547c44bd9c422909598fa6eee3f2d2898bd8a71df5a755ca000000"], 0x570}, 0x1, 0x0, 0x0, 0x8841}, 0x4000010)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r9, 0x4068aea3, &(0x7f00000007c0))

15.915533206s ago: executing program 0 (id=346):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ab99dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c41ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42cea68bef67422ecc13968a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f381ba6e0363d0a4a8a813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c60"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0xd, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r4, 0x0, 0x10, 0x0, &(0x7f0000002580)="f0b9547ee7affa9daabd309a75d387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240), &(0x7f0000000280))
r5 = syz_open_procfs(r1, &(0x7f00000001c0)='net/ptype\x00')
read$msr(r5, &(0x7f0000000040)=""/59, 0xffb5)
pipe(&(0x7f0000000100))
r6 = socket$inet_udp(0x2, 0x2, 0x0)
close(r6)

13.723681467s ago: executing program 4 (id=352):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x481b, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
io_setup(0x4082, &(0x7f0000000380))
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r4 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r4, 0x1, &(0x7f0000000200)={0x100, r5}, 0x0)
syz_io_uring_setup(0x1002943, &(0x7f0000001400)={0x0, 0x0, 0x10}, &(0x7f0000001480), &(0x7f00000014c0))
sendmmsg$inet(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000bc0)="23004e4ee760d48ddc6b7a1ebfc6e0276028840fb20d5233e81c802684e8ac1dc195296ffaaeace75a07a653ee918f67beb970cd36769470f7acb5cd5becfa3839cec05a81f9488931e0a9ba9a246f45fee8b5240bd1e078539b56973bfbbee5a100668daf66ef25121ca65db1d172a489e35e43f2ced9183d48b5850b9e1de2c492604f7b27f030d82cf14d7bcbe35579bfbfbcccc3dceb90fc0075c0c67c8b887bd9356b0fc5e5479c0133683c922e936e6d9431f80a38a5f819c00801d677445ad545dd", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000640)="f473bd", 0x3}], 0x1}}], 0x2, 0x0)
sendto$inet(r0, &(0x7f0000000300)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abcb38baa35233c3ee7050b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfffffffffffffe4a, 0x24004004, 0x0, 0x0)

12.385689853s ago: executing program 4 (id=355):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
ioperm(0x83, 0x9, 0x8)
r1 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x20303159}})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x13, 0x20000000000001f2, 0x0, 0x0, 0xffffffff, 0xffffffffffffffde, 0x0, 0x41000, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r3, 0x0, 0xffffffffffffff42, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
write$binfmt_elf64(r3, 0x0, 0xa89)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffff7a003e45c, 0x10000000000000)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000200))
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000400)={0xa0, r6, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xc808265}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xcd}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x51b5b058}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4c8dbabb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2a226ce4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xba}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x28ebbbdc}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5209a990}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x43a36bd}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf2}]}, {0x4}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x46bceb9f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x242fb898}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x64}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)

11.948592093s ago: executing program 4 (id=357):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioperm(0x7, 0x6, 0x8)
timer_create(0x4, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
getsockopt$sock_buf(r5, 0x1, 0x1a, &(0x7f00000017c0)=""/4096, &(0x7f0000000100)=0x1000)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r6 = dup(r4)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x4})
r7 = socket$kcm(0x10, 0x2, 0x10)
socket$packet(0x11, 0x2, 0x300)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r8, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
setsockopt$packet_int(r8, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020039000b05d25a806f8c6394f90424fc602f00000008000800053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8}, @CTA_TIMEOUT_UDP_REPLIED={0x8}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x44}}, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f00000000c0)=0xffff)
keyctl$session_to_parent(0x12)
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aa0faeaaaaa201c6e4b6430008004a00003c009078bc141400ac1e0001ffff338c9e43000000c10e82e90000000000c35943ead869981cab07de4ea642541a4983e075a3", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

10.842046968s ago: executing program 1 (id=359):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000007)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x80800)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0xde29, 0x917}, &(0x7f00000002c0)=0x8)
ioctl$USBDEVFS_DISCARDURB(0xffffffffffffffff, 0x550b, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000300)="03f9d01d062482d1e781003ca4e8e613662fd40000b264e73cd0aab7c5dd7c6d9c08e9dbf3a0fc8220140175ee191bfd5821fecc06f6262c5ca788cb3ffe89ee2deb150d", 0x44}], 0x1}}], 0x1, 0x0)
ioctl$SIOCAX25DELFWD(r0, 0x89e7, &(0x7f0000000000)={@default, @default})

10.066864129s ago: executing program 3 (id=360):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000007)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x80800)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0xde29, 0x917}, &(0x7f00000002c0)=0x8)
syz_open_dev$usbfs(&(0x7f00000001c0), 0x73, 0x12b201)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000300)="03f9d01d062482d1e781003ca4e8e613662fd40000b264e73cd0aab7c5dd7c6d9c08e9dbf3a0fc8220140175ee191bfd5821fecc06f6262c5ca788cb3ffe89ee2deb150d", 0x44}], 0x1}}], 0x1, 0x0)
ioctl$SIOCAX25DELFWD(r0, 0x89e7, &(0x7f0000000000)={@default, @default})

9.87564908s ago: executing program 0 (id=361):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r0=>0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095", @ANYRESHEX=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="000100"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x10, 0x0, 0x0, 0x0, 0xa5a, 0x0, 0x0, 0x41100, 0x4e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='host1x_channel_submitted\x00', r2, 0x0, 0x4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
lsm_get_self_attr(0x68, 0x0, &(0x7f0000000300), 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000011000a01010000000000000000010000000900010073797a300000008014000000020a010400000000000000000000000020000000050a01030000000000000000010000000900010073797a300000000014000000100001000000000000e0de415900000ab3425d4989cef11cc9d79c1be6efe65a5edce7"], 0x7c}}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000004440)='net/ptype\x00')
read$FUSE(r5, &(0x7f0000004480)={0x2020}, 0x2020)

8.096038308s ago: executing program 1 (id=362):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000003580)={0x2, 0x0, @local}, 0x10) (fail_nth: 9)

8.04727158s ago: executing program 4 (id=363):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000240))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x560f, 0x0)
ioctl$TCFLSH(r4, 0x40204706, 0x20000000)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)

7.535729951s ago: executing program 0 (id=365):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x60b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc8, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800b00010065727370616e000020000280040012000800140000000000080007007f000001050009000400000008000a00", @ANYRES32=r2], 0x58}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000080)={0x0, 0x24, 0x36, {0x36, 0x1, "ad6667e44bb2cd263ca19db35b64ef7517ef18a5c7f872b2a6ba743febfd81b6a5ceb58e9c8690a139a795dbb34c976e696cd965"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x60b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc8, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x4}}}}}]}}]}}, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
socket(0x10, 0x80002, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000180)) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800b00010065727370616e000020000280040012000800140000000000080007007f000001050009000400000008000a00", @ANYRES32=r2], 0x58}}, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000080)={0x0, 0x24, 0x36, {0x36, 0x1, "ad6667e44bb2cd263ca19db35b64ef7517ef18a5c7f872b2a6ba743febfd81b6a5ceb58e9c8690a139a795dbb34c976e696cd965"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) (async)

7.484589354s ago: executing program 3 (id=366):
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000020000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
rt_sigtimedwait(&(0x7f0000000a80)={[0xfffffffffffff8b8]}, &(0x7f0000000ac0), &(0x7f0000000b40)={0x0, 0x989680}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc00000018010000696c6c2500000000002020207b1af8ff00"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffe]}, 0x0, 0x8)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x48}, [@ldst={0x0, 0x0, 0x2}]}, 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="a800000000010104000000000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c0002800500010000000000440010800800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x804)

6.840061739s ago: executing program 3 (id=367):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
ioperm(0x83, 0x9, 0x8)
r1 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x20303159}})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x13, 0x20000000000001f2, 0x0, 0x0, 0xffffffff, 0xffffffffffffffde, 0x0, 0x41000, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r3, 0x0, 0xffffffffffffff42, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
write$binfmt_elf64(r3, 0x0, 0xa89)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffff7a003e45c, 0x10000000000000)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000200))
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000400)={0xa0, r6, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xc808265}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xcd}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x51b5b058}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4c8dbabb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2a226ce4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xba}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x28ebbbdc}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5209a990}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x43a36bd}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf2}]}, {0x4}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x46bceb9f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x242fb898}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x64}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)

6.62732688s ago: executing program 1 (id=368):
r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12017d40686327f1d74a02571f18a3d8040c53e027000365bb5908cf100055c6c9010203010902240001080710850904fe01025d34ac09090503fd4455337f843d7d9fca40b1169870c10716f28a9d90b31f54e9eda7529a2d4f4ea935b933bc538ce2cbd7907eab8a2b21983441360939f8ed594b82467e263e349a49687e5ba6ecfdb4423ba98e013ba39452636299ec9f1b7bb34fde203713f66aaeb07625"], &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x32, &(0x7f0000000000)=@string={0x32, 0x3, "33270ea231c7b78020ba277477ec18a774fda76f4e4ce0f3fd64f2c4551869054c4186dbd9ef0f0c7356d97d0515c5b0"}}]})
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f0000000240)={0x0})
syz_usb_control_io$cdc_ncm(r0, &(0x7f00000000c0)={0x14, &(0x7f0000000040)={0x60, 0x7, 0x1e, {0x1e, 0xc, "dce4d0002cdf282a523fd38b12506146d0c968feaab847202c7edc97"}}, &(0x7f0000000080)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000300)={0x44, &(0x7f00000003c0)={0xea988fbb9331a75b, 0xc, 0x35, "000000a4efd24bcc9e2aef5837fdcede04cdd5e3710e04d04efcd7aecdce4b809f4ca3d5c24006294b497e14ebd56a28cac8332460"}, &(0x7f0000000140)={0x0, 0xa, 0x1, 0x10}, &(0x7f0000000180)={0x0, 0x8, 0x1, 0xd9}, &(0x7f00000001c0)={0x20, 0x80, 0x1c, {0xa, 0x7, 0x6, 0x10, 0x6, 0x5, 0x101, 0xff, 0xccc8, 0x1, 0x3, 0x5}}, &(0x7f0000000200)={0x20, 0x85, 0x4, 0x5}, &(0x7f0000000380)={0x20, 0x83, 0x2}, &(0x7f0000000280)={0x20, 0x87, 0x2, 0xf001}, &(0x7f00000002c0)={0x20, 0x89, 0x2, 0x1}})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = dup3(r3, r2, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80801)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000080)={0x0, 0x0, "27092cfa555702279299fa2716dd2f9323cfe7b40d8b108ce6707549cb26c6c14c886e5bde7477a20e3772522b9b15dd0650e83716c1240aa1d0251a1e4996723eceba0f9af00a979e132db2d3d18da77f695be20bcb5b6cc37b02eae8a78cc781698e7858feda720e1fc83af7557b0f97916ce0ccab55b156620b821b5f9b6d9423fd3979ebac50aa40722562a94171016dceb1b3fff148c736662a8ef9216d75a957b104c49f9ede0b770568b1e23580c1783668eb1e8631f5794bc35acb9a71b9a7238b5d0ba3ec928ba0b5bab037b38429be05e85731f77722d8f3762181dcc4a3895ea0b277e8ce07c7035d9def50e408b65668351d7ae7d9c3f3174a77"})
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x21, 0x4, 0x5b, 0x8a, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b80)={0x2c, &(0x7f0000000940)={0x0, 0xe, 0x31, {0x31, 0x23, "37ff8764c3dd4c4375fa6456ade738a405ceabf5451782aff1cadc3f1f6b40be55703c1afcbf27e6a35a914142ef39"}}, &(0x7f0000000980)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1809}}, &(0x7f00000009c0)={0x0, 0xf, 0x121, {0x5, 0xf, 0x121, 0x4, [@generic={0xed, 0x10, 0x4, "4988a618fcc908f850c4743cd5396c236cdb79e389ceda4934fad913ca610c3110179a2910bbe7516791dd2c6308b057638064a21515b8b5a0c4e6d43a89b373fa168932fa994784ce43091731b54d420e271458a20fddf5ac23d3f8eaef053936fbd261d85bc3814e72a053159ec2775ffecfcac6cb4853dcca18727a00fa37a9473655bf7eeaf62e393cacd9b32bbfdce0f08ab72c9ff242b44d72e69a5061b99a4df63d20fd5ca750c8e803b5e50e068babc2b6104ea80a1253e74297b1159d9e82776dfb237b875e894d53e798d32b150b9e109aa31e6cc8ee4a5f1214460d258965888e371d26c1"}, @ssp_cap={0x10, 0x10, 0xa, 0x7, 0x1, 0x2, 0xf000, 0x8, [0xff000f]}, @ssp_cap={0x1c, 0x10, 0xa, 0xdf, 0x4, 0x6, 0xf00, 0x1b, [0xc060, 0x3fc0, 0x1010000, 0x3f]}, @ptm_cap={0x3}]}}, &(0x7f0000000b00)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x3, 0x80, 0xfc, "751335fe", "906346f2"}}, &(0x7f0000000b40)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x8, 0x0, 0xff, 0x7, 0x2, 0x8000}}}, &(0x7f0000001080)={0x84, &(0x7f0000000bc0)={0x40, 0x15, 0xea, "8db41b89282e869d7fbd2d41b3790b20727ec18da981586cf521d318c37fae1ff498baf7b1b27bf73a746ad1d9d70b85aabde1793c64d5c4eee65439754a2ff4c0c6450f5c92d7d440f800f2118bf27d97f9005aafe2c19e458d5325864be8a0e1332a2c2c998081e52777ebd000388a08765e306da38c9ed5b06b83cac0a69ed1b4ba92bbb4b0b8c928c7a31acaf25ed2e881f38e0af59fed9489925688a501194d00ede5b9048cd128b694f68bfb541e1889f5b6232b61f8c87f872b3de2eeaee230aa10da9840cc17fc90ebffe6f319b399f1f4e65c0015eeed8ff1fa569f6be534fdacb885b38bf5"}, &(0x7f0000000cc0)={0x0, 0xa, 0x1, 0xaf}, &(0x7f0000000d00)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000d40)={0x20, 0x0, 0x4, {0x1, 0x3}}, &(0x7f0000000d80)={0x20, 0x0, 0x4, {0x100, 0x1}}, &(0x7f0000000dc0)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000000e00)={0x40, 0x9, 0x1, 0xb8}, &(0x7f0000000e40)={0x40, 0xb, 0x2, "1dfd"}, &(0x7f0000000e80)={0x40, 0xf, 0x2, 0x8}, &(0x7f0000000ec0)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000f00)={0x40, 0x17, 0x6, @random="cdee89d704c9"}, &(0x7f0000000f40)={0x40, 0x19, 0x2, "0db8"}, &(0x7f0000000f80)={0x40, 0x1a, 0x2, 0x7f}, &(0x7f0000000fc0)={0x40, 0x1c, 0x1, 0x7}, &(0x7f0000001000)={0x40, 0x1e, 0x1, 0x10}, &(0x7f0000001040)={0x40, 0x21, 0x1, 0x81}})
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r7, 0x4b72, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000240)=[@increfs={0x400c6314, 0x2}], 0x0, 0x0, 0x0})
syz_usb_connect$cdc_ecm(0x0, 0x117, &(0x7f00000004c0)={{0x12, 0x1, 0x100, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x105, 0x1, 0x1, 0xfc, 0x60, 0x8, [{{0x9, 0x4, 0x0, 0x9, 0x2, 0x2, 0x6, 0x0, 0x7, {{0xa, 0x24, 0x6, 0x0, 0x0, "e726b94b21"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x1, 0xc, 0x4, 0x1}, [@mdlm_detail={0x89, 0x24, 0x13, 0x3, "df723e28549c5111de3e6b83e2d793f51c18acde8dbe8d309641e95f7ba83968c79cd8bd5ed3b57d606cc053876a80c9b6c14a2cfec6466bb277e1c0f9c3d2a83aed6d3e0a0f56c5c57882a8f0c834614b817f9f439c645387a4b011cdcdf74e82ed468b9fd0d8d482b4054538938eb187117a11400f1c0e1334bb3a96883b3076d619d49f"}, @obex={0x5, 0x24, 0x15, 0x40}, @mdlm={0x15, 0x24, 0x12, 0x2}, @mdlm={0x15}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x6, 0x9}, @obex={0x5, 0x24, 0x15, 0x2}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x400, 0x7, 0x8c, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0xf7, 0xff, 0x6}}}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000600)={0xa, 0x6, 0x201, 0xc, 0xf, 0x5, 0x10}, 0x5, &(0x7f0000000640)={0x5, 0xf, 0x5}, 0x7, [{0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x2001}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0xc0c}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0xf8ff}}, {0x90, &(0x7f0000000740)=@string={0x90, 0x3, "bfc5f2f07fc7dded5469fd570e5be6e3e7d644538c63abbd99aab67218e6ee8d535c90e32119283c19a551430b29cf9356c5bc5a4af501c38bc0e5f766fd77629ce8eb0406bdcc166db85016135b0f1c1d4ff3d419cd93eb0d8841d76c6559afc326126cf215caf27009c4eb0f7f3180e7fd0957f9377f43b7587bb216e08385ef72b17fa8d5da2cca32a5811e66"}}, {0x4, &(0x7f0000000800)=@lang_id={0x4, 0x3, 0x419}}, {0x4, &(0x7f0000000840)=@lang_id={0x4, 0x3, 0xc07}}, {0x4, &(0x7f0000000880)=@lang_id={0x4, 0x3, 0x3001}}]})

6.385381775s ago: executing program 3 (id=370):
clock_settime(0x4, &(0x7f0000000240)={0x0, 0x989680})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x721600, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='cramfs\x00', 0x8000, 0x0)

5.301646391s ago: executing program 3 (id=372):
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0x20, &(0x7f00000008c0)={&(0x7f0000000180)=""/5, 0x5, <r0=>0x0, &(0x7f0000000880)=""/13, 0xd}}, 0x10)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000840)=r0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x11, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000ff0f0000000000000200000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b70200001400008500000083000000bf090000000000001864000003000000000000004d000000bf9100000000004bb000000002b9840e642f39b34a000000b7000000000000000a52ad5699721d6f4cd020a2350a6ed4950000000000000000000000000000000000000000000000000000000032000000"], 0x0, 0x40000, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1000, &(0x7f0000000600)={<r3=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x2b, @loopback}, r3}}, 0x30)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
close(r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1a, 0x8, &(0x7f0000000c80)=ANY=[@ANYBLOB="7a0af8ff75257000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b25952850a84a70002b2ab3d6ffaa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640bb321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd91be4587f90e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1786eda2b20", @ANYRES8, @ANYRES16], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x2000d00, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x50)
bpf$MAP_CREATE(0x600000000000000, &(0x7f00000001c0)=@base={0xe, 0x4, 0x4, 0x20002, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000280)={0x7, 0x8, 0xfa00, {r3}}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x10c00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5d0e14c6c946eeb44fe63275c00000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x308, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x238, 0xffffffff, 0xffffffff, 0x238, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [0xffffff00, 0x0, 0xff], 'veth0_virt_wifi\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x87}, 0x0, 0x130, 0x168, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0xfffffffc, 0x5, 0x0, 0x0, 0x7, 0x3ff}, {0x100}}}, @common=@inet=@l2tp={{0x30}, {0x4, 0x0, 0x3, 0x1, 0x9}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x6, 0x7}, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0x4, 0x9}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x368)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0xe)
ioctl$TIOCSLCKTRMIOS(r5, 0x80047437, &(0x7f00000010c0))
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="13010000bd460e10490d1070900c010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r7, 0x82, 0x20, 0x0)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000080)={0x1, 0x10, 0xfa00, {&(0x7f0000000000), r3}}, 0x18)

5.026220088s ago: executing program 2 (id=373):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x19)

4.863764749s ago: executing program 2 (id=374):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)={0x24, r0, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x24}}, 0x0)

4.851171553s ago: executing program 2 (id=375):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000005c0)={0x0, 0x7, 0x0, 0x4, 0x8}, &(0x7f0000000600)=0x18)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r5, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r6, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r5, 0x3b89, &(0x7f00000002c0)={0x18, 0x0, r7, 0x0, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000080)={0x28, 0x2, 0x0, 0x0, &(0x7f0000236000/0x800000)=nil, 0x800000, 0x400000000000000})
r8 = eventfd(0x0)
poll(&(0x7f00000008c0)=[{r8}], 0x1, 0xc6)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167276b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef8fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e16d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x102a)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x10)
syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)

4.82058805s ago: executing program 0 (id=376):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095", @ANYRESHEX=r2], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="000100"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r2, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x10, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0xa5a, 0x0, 0x0, 0x41100, 0x4e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r4, 0x0, 0x4}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
lsm_get_self_attr(0x68, 0x0, &(0x7f0000000300), 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f000098e000/0x1000)=nil, 0x1000, 0x17)
r8 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000011000a01010000000000000000010000000900010073797a300000008014000000020a010400000000000000000000000020000000050a01030000000000000000010000000900010073797a300000000014000000100001000000000000e0de415900000ab3425d4989cef11cc9d79c1be6efe65a5edce7"], 0x7c}}, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f0000004440)='net/ptype\x00')
read$FUSE(r10, &(0x7f0000004480)={0x2020}, 0x2020)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000340)="41cf513aa57f699f5c6b687c785c1cc7f1d87f3f87dbdf3d8660acf0b9dbbb6d4c69ca9f5e165dde4a21869cbbe2c36a9d88f360eead2fe7fd8c6cb25d0c1204b33e50e113a51bbc5423901076466cc2465f2a27c4e9bfe7b25e1b6c54d70c701e7717c01fd91c495cf56564adfd66a98e9decf994bf129113b5fa8b61038600e429646d8307a30c37e121ab0862ce693a04aeb2d55adb2347065c24", 0x9c)
ioctl$int_in(r8, 0x5421, 0x0)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r8, 0x40305652, &(0x7f00000002c0)={0x20000, 0x1, 0xffffbffe, 0xffffffff, 0x2, 0xfffffffe, 0xfffffffc})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1b824a00b5c450fbb89a389710f4e29b63f0d842876a0dd7ae919dd9b172b0d561915c436910420688744eb5c9ca73fbb8b990d0f8f2bbd5d8596459ed3944f3171aa000b883a53520463bb08ac023168c04e9c3d1d09482d37b4aad621476b8ecc96c1ba0fb157ca191c859105bc0d0d3d820", @ANYRES16=r1, @ANYBLOB="050000000000000000002e00000008000300ccc02def1661be5665b61afbadf4f9c7ad53e867d9443e33e6acae604895191513eae68e962379bfee34a34fb6f2c404647bdac68d3c4125a7568fb2b31fdb620a2066b1a80481cacb1a9d59d4ce822343cb71806d2e5968d13611b713e68cbd40eb02466e21cad887c5b9fbe691c784c101", @ANYRES32=r2, @ANYBLOB="0a00340002020202020200000a00060008021100000000000800350000000000"], 0x3c}}, 0x8000)

3.507517162s ago: executing program 1 (id=377):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
recvmmsg(r1, &(0x7f0000000a80), 0x0, 0x2041, 0x0)

3.50585336s ago: executing program 2 (id=378):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4004)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x9, 0x4, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r1, 0x58, &(0x7f00000002c0)}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

2.840564589s ago: executing program 2 (id=379):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000007)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x80800)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0xde29, 0x917}, &(0x7f00000002c0)=0x8)
ioctl$USBDEVFS_DISCARDURB(0xffffffffffffffff, 0x550b, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000300)="03f9d01d062482d1e781003ca4e8e613662fd40000b264e73cd0aab7c5dd7c6d9c08e9dbf3a0fc8220140175ee191bfd5821fecc06f6262c5ca788cb3ffe89ee2deb150d", 0x44}], 0x1}}], 0x1, 0x0)
ioctl$SIOCAX25DELFWD(r0, 0x89e7, &(0x7f0000000000)={@default, @default})

2.715146474s ago: executing program 0 (id=380):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
ioperm(0x83, 0x9, 0x8)
r1 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x20303159}})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x13, 0x20000000000001f2, 0x0, 0x0, 0xffffffff, 0xffffffffffffffde, 0x0, 0x41000, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r3, 0x0, 0xffffffffffffff42, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
write$binfmt_elf64(r3, 0x0, 0xa89)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffff7a003e45c, 0x10000000000000)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000200))
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000400)={0xa0, r6, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xc808265}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xcd}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x51b5b058}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4c8dbabb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2a226ce4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xba}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x28ebbbdc}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5209a990}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x43a36bd}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf2}]}, {0x4}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x46bceb9f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x242fb898}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x64}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)

1.887731251s ago: executing program 1 (id=381):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000007)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x80800)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0xde29, 0x917}, &(0x7f00000002c0)=0x8)
r6 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x73, 0x12b201)
ioctl$USBDEVFS_DISCARDURB(r6, 0x550b, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000300)="03f9d01d062482d1e781003ca4e8e613662fd40000b264e73cd0aab7c5dd7c6d9c08e9dbf3a0fc8220140175ee191bfd5821fecc06f6262c5ca788cb3ffe89ee2deb150d", 0x44}], 0x1}}], 0x1, 0x0)
ioctl$SIOCAX25DELFWD(r0, 0x89e7, &(0x7f0000000000)={@default, @default})

1.300627661s ago: executing program 2 (id=382):
clock_settime(0x4, &(0x7f0000000240)={0x0, 0x989680})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x721600, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='cramfs\x00', 0x8000, 0x0)

1.278791146s ago: executing program 3 (id=383):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000020000000900010073797a3000000000140002007767303bb7d7e08b4276780000230e6eeeb4d4dc582d43a159a01b00000083c534b0e3aefc4600"], 0x34}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r2)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000a000000380003801400020076657468305f766972745f7769666900060007004e2400000800030000000000080001"], 0x4c}}, 0x20000080)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="10002cbd7000fedbdf25020000004c00028008000600e5ff0000fc000b00020000001400010020010000000700000000000000000002080005000300000006000b00020000001400c400ac1e000100"/90], 0x60}, 0x1, 0x0, 0x0, 0x20004001}, 0x48001)

272.35366ms ago: executing program 1 (id=384):
umount2(0x0, 0x20)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x17)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000780)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x0, 0x0)
shutdown(r4, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
close_range(r5, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000020000000000f400040000000000000020"], 0x1c, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x1})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r0, @ANYBLOB="0000000000000000890000000000000095"], &(0x7f0000000d40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})

0s ago: executing program 0 (id=385):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)={0x24, r0, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.38' (ED25519) to the list of known hosts.
[   52.615436][ T5808] cgroup: Unknown subsys name 'net'
[   52.735708][ T5808] cgroup: Unknown subsys name 'cpuset'
[   52.744258][ T5808] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   54.043164][ T5808] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   56.283513][ T5829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   56.286007][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   56.292129][ T5829] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   56.298780][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   56.312967][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   56.317034][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   56.328444][ T5829] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   56.340587][ T5829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   56.348790][ T5829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   56.357547][ T5829] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   56.357989][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   56.365746][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   56.372378][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   56.382589][ T5829] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   56.393220][ T5829] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   56.401265][ T5829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   56.409481][ T5829] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   56.414062][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   56.416684][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   56.431555][ T5829] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   56.432706][ T5832] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   56.447057][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   56.449990][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   56.462894][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   56.467908][ T5840] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   56.477870][ T5840] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   56.485196][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   56.493526][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   56.500826][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   56.509474][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   56.834942][ T5819] chnl_net:caif_netlink_parms(): no params data found
[   56.911114][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   57.015617][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   57.034839][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.042170][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.049593][ T5819] bridge_slave_0: entered allmulticast mode
[   57.056191][ T5819] bridge_slave_0: entered promiscuous mode
[   57.084291][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   57.097383][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.104617][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.111718][ T5819] bridge_slave_1: entered allmulticast mode
[   57.118849][ T5819] bridge_slave_1: entered promiscuous mode
[   57.148700][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.156135][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.163570][ T5822] bridge_slave_0: entered allmulticast mode
[   57.170421][ T5822] bridge_slave_0: entered promiscuous mode
[   57.182761][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.190331][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.197714][ T5822] bridge_slave_1: entered allmulticast mode
[   57.204771][ T5822] bridge_slave_1: entered promiscuous mode
[   57.268518][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.282097][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.317243][ T5824] chnl_net:caif_netlink_parms(): no params data found
[   57.341259][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.360879][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.438466][ T5822] team0: Port device team_slave_0 added
[   57.453915][ T5819] team0: Port device team_slave_0 added
[   57.480850][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.488278][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.495562][ T5833] bridge_slave_0: entered allmulticast mode
[   57.502069][ T5833] bridge_slave_0: entered promiscuous mode
[   57.510175][ T5822] team0: Port device team_slave_1 added
[   57.524739][ T5819] team0: Port device team_slave_1 added
[   57.537883][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.545006][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.552124][ T5831] bridge_slave_0: entered allmulticast mode
[   57.559215][ T5831] bridge_slave_0: entered promiscuous mode
[   57.566573][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.574544][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.581680][ T5831] bridge_slave_1: entered allmulticast mode
[   57.588907][ T5831] bridge_slave_1: entered promiscuous mode
[   57.595309][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.602389][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.609838][ T5833] bridge_slave_1: entered allmulticast mode
[   57.616433][ T5833] bridge_slave_1: entered promiscuous mode
[   57.683870][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.690871][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.717254][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.730687][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.738062][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.764726][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.776768][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.784004][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.810085][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.828325][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.835509][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.842611][ T5824] bridge_slave_0: entered allmulticast mode
[   57.849718][ T5824] bridge_slave_0: entered promiscuous mode
[   57.865035][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.877664][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.892056][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.899247][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.925301][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.936879][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.944103][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.951233][ T5824] bridge_slave_1: entered allmulticast mode
[   57.957932][ T5824] bridge_slave_1: entered promiscuous mode
[   57.975961][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.003730][ T5833] team0: Port device team_slave_0 added
[   58.023820][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.044791][ T5833] team0: Port device team_slave_1 added
[   58.060292][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.100144][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.112462][ T5831] team0: Port device team_slave_0 added
[   58.120485][ T5831] team0: Port device team_slave_1 added
[   58.144623][ T5822] hsr_slave_0: entered promiscuous mode
[   58.151353][ T5822] hsr_slave_1: entered promiscuous mode
[   58.168768][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.175940][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.201948][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.215537][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.222496][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.248425][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.276643][ T5819] hsr_slave_0: entered promiscuous mode
[   58.282744][ T5819] hsr_slave_1: entered promiscuous mode
[   58.289097][ T5819] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.297104][ T5819] Cannot create hsr debugfs directory
[   58.337669][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.344673][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.370600][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.402681][ T5824] team0: Port device team_slave_0 added
[   58.410898][ T5824] team0: Port device team_slave_1 added
[   58.417285][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.424283][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.450536][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.478746][ T5833] hsr_slave_0: entered promiscuous mode
[   58.485568][ T5833] hsr_slave_1: entered promiscuous mode
[   58.491601][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.499909][ T5833] Cannot create hsr debugfs directory
[   58.529695][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.533646][ T5836] Bluetooth: hci3: command tx timeout
[   58.536796][ T5840] Bluetooth: hci1: command tx timeout
[   58.542330][ T5836] Bluetooth: hci0: command tx timeout
[   58.547827][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.579610][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.612992][ T5836] Bluetooth: hci4: command tx timeout
[   58.622930][ T5836] Bluetooth: hci2: command tx timeout
[   58.628224][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.638501][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.664759][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.724527][ T5831] hsr_slave_0: entered promiscuous mode
[   58.730976][ T5831] hsr_slave_1: entered promiscuous mode
[   58.737163][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.744879][ T5831] Cannot create hsr debugfs directory
[   58.837981][ T5824] hsr_slave_0: entered promiscuous mode
[   58.845191][ T5824] hsr_slave_1: entered promiscuous mode
[   58.851581][ T5824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.860081][ T5824] Cannot create hsr debugfs directory
[   58.998514][ T5819] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   59.038312][ T5819] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   59.051247][ T5819] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   59.065080][ T5819] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   59.119831][ T5822] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   59.138879][ T5822] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   59.148233][ T5822] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   59.171439][ T5822] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   59.217512][ T5833] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   59.250772][ T5833] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   59.269137][ T5833] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   59.295795][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   59.308380][ T5833] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   59.333760][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   59.366099][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   59.394397][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.404677][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   59.424273][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.456019][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.466617][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.510967][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.548285][ T5819] 8021q: adding VLAN 0 to HW filter on device team0
[   59.589964][ T3475] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.597190][ T3475] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.610397][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.617534][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.680058][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.692486][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.715210][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.732305][ T5819] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   59.746616][ T5819] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   59.787099][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   59.801378][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   59.829652][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   59.845467][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.852598][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.868981][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.876160][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.890485][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.926889][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.934035][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.946894][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.954070][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.967660][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.974809][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.983821][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.990895][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.069461][ T5831] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   60.080267][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.097335][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   60.159729][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.197323][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.204490][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.269192][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.276351][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.315711][ T5824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   60.343848][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.424798][ T5819] veth0_vlan: entered promiscuous mode
[   60.474372][ T5819] veth1_vlan: entered promiscuous mode
[   60.510302][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.544839][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.558433][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.615684][ T5827] Bluetooth: hci1: command tx timeout
[   60.616196][ T5840] Bluetooth: hci3: command tx timeout
[   60.621160][ T5836] Bluetooth: hci0: command tx timeout
[   60.641496][ T5819] veth0_macvtap: entered promiscuous mode
[   60.665014][ T5819] veth1_macvtap: entered promiscuous mode
[   60.675634][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.702243][ T5822] veth0_vlan: entered promiscuous mode
[   60.710297][ T5836] Bluetooth: hci2: command tx timeout
[   60.710306][ T5840] Bluetooth: hci4: command tx timeout
[   60.726010][ T5831] veth0_vlan: entered promiscuous mode
[   60.759397][ T5822] veth1_vlan: entered promiscuous mode
[   60.767250][ T5831] veth1_vlan: entered promiscuous mode
[   60.834197][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   60.860373][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   60.869517][ T5822] veth0_macvtap: entered promiscuous mode
[   60.878922][ T5822] veth1_macvtap: entered promiscuous mode
[   60.911457][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   60.928798][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   60.950922][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   60.960520][ T5824] veth0_vlan: entered promiscuous mode
[   60.967722][ T5819] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   60.984127][ T5819] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   60.993604][ T5819] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.002307][ T5819] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.021749][ T5831] veth0_macvtap: entered promiscuous mode
[   61.035101][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.045816][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.056697][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.066461][ T5831] veth1_macvtap: entered promiscuous mode
[   61.087077][ T5822] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.097235][ T5822] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.108125][ T5822] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.117001][ T5822] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.137444][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.149316][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.159508][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.170160][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.181353][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.193163][ T5824] veth1_vlan: entered promiscuous mode
[   61.218636][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.231352][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.241228][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.252012][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.263657][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.294453][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.303574][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.315816][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.325465][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.352583][ T5833] veth0_vlan: entered promiscuous mode
[   61.400911][ T5833] veth1_vlan: entered promiscuous mode
[   61.409125][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.420239][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.450133][ T5824] veth0_macvtap: entered promiscuous mode
[   61.467797][ T5824] veth1_macvtap: entered promiscuous mode
[   61.495326][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.507260][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.517977][ T5833] veth0_macvtap: entered promiscuous mode
[   61.546181][ T5833] veth1_macvtap: entered promiscuous mode
[   61.554868][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.557426][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.562677][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.576133][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.596509][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.606991][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.616869][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.627350][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.638494][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.668639][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.669830][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.688366][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.698402][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.708445][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.719131][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.729014][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.740205][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.750146][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.760985][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.772573][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.781478][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.792199][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.802550][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.813779][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.824887][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.835355][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.846904][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.860885][ T5824] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.870046][ T5824] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.874746][ T5819] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   61.893638][ T5824] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.893685][ T5824] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.926876][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.937716][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.947569][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.958068][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.968264][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.980012][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.989868][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.001060][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.011791][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.059233][ T5833] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.072531][ T5833] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.081531][ T5833] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.090694][ T5833] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.109670][ T3003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.117868][ T3003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.135845][ T5905] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4'.
[   62.150818][ T3027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.165320][ T3027] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.261769][ T3027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.294136][ T3027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.334105][ T3003] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.344195][ T5910] FAULT_INJECTION: forcing a failure.
[   62.344195][ T5910] name failslab, interval 1, probability 0, space 0, times 1
[   62.360712][ T3003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.369668][ T5910] CPU: 0 UID: 0 PID: 5910 Comm: syz.2.3 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[   62.380107][ T5910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   62.390167][ T5910] Call Trace:
[   62.393442][ T5910]  <TASK>
[   62.396369][ T5910]  dump_stack_lvl+0x241/0x360
[   62.401057][ T5910]  ? __pfx_dump_stack_lvl+0x10/0x10
[   62.406251][ T5910]  ? __pfx__printk+0x10/0x10
[   62.410841][ T5910]  ? fs_reclaim_acquire+0x93/0x130
[   62.415957][ T5910]  ? __pfx___might_resched+0x10/0x10
[   62.421245][ T5910]  should_fail_ex+0x3b0/0x4e0
[   62.425923][ T5910]  should_failslab+0xac/0x100
[   62.430597][ T5910]  __kmalloc_noprof+0xdd/0x4c0
[   62.435355][ T5910]  ? kstrtouint_from_user+0x128/0x190
[   62.440721][ T5910]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[   62.446439][ T5910]  tomoyo_realpath_from_path+0xcf/0x5e0
[   62.451989][ T5910]  tomoyo_path_number_perm+0x236/0x860
[   62.457443][ T5910]  ? __lock_acquire+0x1397/0x2100
[   62.462464][ T5910]  ? tomoyo_path_number_perm+0x206/0x860
[   62.468091][ T5910]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   62.474102][ T5910]  ? __fget_files+0x2a/0x410
[   62.478694][ T5910]  ? __fget_files+0x2a/0x410
[   62.483283][ T5910]  security_file_ioctl+0xc6/0x2a0
[   62.488304][ T5910]  __se_sys_ioctl+0x46/0x170
[   62.492894][ T5910]  do_syscall_64+0xf3/0x230
[   62.497396][ T5910]  ? clear_bhb_loop+0x35/0x90
[   62.502070][ T5910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.507960][ T5910] RIP: 0033:0x7f825f580849
[   62.512378][ T5910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.531980][ T5910] RSP: 002b:00007f8260359058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   62.540390][ T5910] RAX: ffffffffffffffda RBX: 00007f825f745fa0 RCX: 00007f825f580849
[   62.548357][ T5910] RDX: 0000000020000040 RSI: 00000000c0405602 RDI: 0000000000000003
[   62.556320][ T5910] RBP: 00007f82603590a0 R08: 0000000000000000 R09: 0000000000000000
[   62.564281][ T5910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.572248][ T5910] R13: 0000000000000000 R14: 00007f825f745fa0 R15: 00007ffe49881298
[   62.580226][ T5910]  </TASK>
[   62.588651][ T5910] ERROR: Out of memory at tomoyo_realpath_from_path.
[   62.597341][ T3003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.630978][ T3003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.695038][ T5840] Bluetooth: hci3: command tx timeout
[   62.700869][ T5840] Bluetooth: hci0: command tx timeout
[   62.707282][ T5840] Bluetooth: hci1: command tx timeout
[   62.773858][ T5827] Bluetooth: hci2: command tx timeout
[   62.779301][ T5827] Bluetooth: hci4: command tx timeout
[   62.809421][ T3003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.853282][ T3003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.029886][ T5914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6'.
[   63.072054][ T5914] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6'.
[   63.132650][ T5920] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   63.218550][ T5920] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1'.
[   63.585535][   T58] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[   63.593589][ T5875] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   63.864396][ T5875] usb 1-1: Using ep0 maxpacket: 8
[   63.882141][   T58] usb 5-1: not running at top speed; connect to a high speed hub
[   63.980728][ T5875] usb 1-1: New USB device found, idVendor=0c45, idProduct=6100, bcdDevice=c4.6d
[   64.010742][   T58] usb 5-1: config 1 interface 0 has no altsetting 0
[   64.048641][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.069283][   T58] usb 5-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.40
[   64.089725][ T5930] FAULT_INJECTION: forcing a failure.
[   64.089725][ T5930] name failslab, interval 1, probability 0, space 0, times 0
[   64.105046][ T5875] usb 1-1: Product: syz
[   64.109241][ T5875] usb 1-1: Manufacturer: syz
[   64.114005][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.122008][   T58] usb 5-1: Product: П
[   64.136839][ T5875] usb 1-1: SerialNumber: syz
[   64.141597][ T5930] CPU: 1 UID: 0 PID: 5930 Comm: syz.2.9 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[   64.152028][ T5930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   64.162086][ T5930] Call Trace:
[   64.165363][ T5930]  <TASK>
[   64.168290][ T5930]  dump_stack_lvl+0x241/0x360
[   64.172974][ T5930]  ? __pfx_dump_stack_lvl+0x10/0x10
[   64.178168][ T5930]  ? __pfx__printk+0x10/0x10
[   64.182756][ T5930]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[   64.188738][ T5930]  ? __pfx___might_resched+0x10/0x10
[   64.194026][ T5930]  should_fail_ex+0x3b0/0x4e0
[   64.198702][ T5930]  should_failslab+0xac/0x100
[   64.203386][ T5930]  kmem_cache_alloc_node_noprof+0x77/0x380
[   64.209190][ T5930]  ? __alloc_skb+0x1c3/0x440
[   64.213780][ T5930]  __alloc_skb+0x1c3/0x440
[   64.218196][ T5930]  ? __pfx___alloc_skb+0x10/0x10
[   64.223129][ T5930]  ? netlink_has_listeners+0x2ea/0x3a0
[   64.228586][ T5930]  ? netlink_has_listeners+0x73/0x3a0
[   64.233960][ T5930]  nf_tables_flowtable_notify+0xce/0x440
[   64.239599][ T5930]  nf_tables_commit+0x4763/0x9140
[   64.244617][ T5930]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[   64.250537][ T5930]  ? __pfx_nf_tables_commit+0x10/0x10
[   64.255908][ T5930]  ? do_syscall_64+0xf3/0x230
[   64.260585][ T5930]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.266687][ T5930]  ? nfnetlink_rcv+0x12c6/0x2ab0
[   64.271626][ T5930]  nfnetlink_rcv+0xc77/0x2ab0
[   64.276325][ T5930]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   64.281468][ T5930]  ? netlink_deliver_tap+0x2e/0x1b0
[   64.286661][ T5930]  ? skb_clone+0x240/0x390
[   64.291075][ T5930]  ? __pfx_lock_release+0x10/0x10
[   64.296106][ T5930]  ? netlink_deliver_tap+0x2e/0x1b0
[   64.301301][ T5930]  netlink_unicast+0x7f6/0x990
[   64.306068][ T5930]  ? __pfx_netlink_unicast+0x10/0x10
[   64.311353][ T5930]  ? __virt_addr_valid+0x183/0x530
[   64.316462][ T5930]  ? __check_object_size+0x48e/0x900
[   64.321745][ T5930]  netlink_sendmsg+0x8e4/0xcb0
[   64.326514][ T5930]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.331805][ T5930]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.337082][ T5930]  __sock_sendmsg+0x221/0x270
[   64.341761][ T5930]  ____sys_sendmsg+0x52a/0x7e0
[   64.346527][ T5930]  ? __pfx_____sys_sendmsg+0x10/0x10
[   64.351812][ T5930]  ? __fget_files+0x2a/0x410
[   64.356408][ T5930]  ? __fget_files+0x2a/0x410
[   64.361002][ T5930]  __sys_sendmsg+0x269/0x350
[   64.365676][ T5930]  ? __pfx_lock_release+0x10/0x10
[   64.370701][ T5930]  ? __pfx___sys_sendmsg+0x10/0x10
[   64.375821][ T5930]  ? __pfx_vfs_write+0x10/0x10
[   64.380610][ T5930]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   64.386934][ T5930]  ? do_syscall_64+0x100/0x230
[   64.391700][ T5930]  ? do_syscall_64+0xb6/0x230
[   64.396378][ T5930]  do_syscall_64+0xf3/0x230
[   64.400880][ T5930]  ? clear_bhb_loop+0x35/0x90
[   64.405559][ T5930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.411449][ T5930] RIP: 0033:0x7f825f580849
[   64.415863][ T5930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.435463][ T5930] RSP: 002b:00007f8260359058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.443872][ T5930] RAX: ffffffffffffffda RBX: 00007f825f745fa0 RCX: 00007f825f580849
[   64.451840][ T5930] RDX: 0000000000000000 RSI: 0000000020000840 RDI: 0000000000000003
[   64.459807][ T5930] RBP: 00007f82603590a0 R08: 0000000000000000 R09: 0000000000000000
[   64.467784][ T5930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   64.475753][ T5930] R13: 0000000000000000 R14: 00007f825f745fa0 R15: 00007ffe49881298
[   64.483733][ T5930]  </TASK>
[   64.489048][   T58] usb 5-1: Manufacturer: 軞꜎떀�껲ᵗ鉩�ử몫甈�熪啞뮼�᪙ﳙ늟铅⌣ੈꯀꉙ☮��䀹�घ䌕䈤屲淆�妴鞈꣹礒�쵣�羡䙷垇鯓䋅墒※ �蚥畓犳푌࢚䑠ສ소��蠲䚓啪䦑�꡼�劧Ο궋ચ譕齙��﹪إ共๻幖㟀⨗ㅃ懷谳䕆푴Ａ᪞洇�ᆹ全䢆䃫榎
[   64.523328][   T58] usb 5-1: SerialNumber: syz
[   64.565127][ T5875] usb 1-1: config 0 descriptor??
[   64.582772][ T5875] gspca_main: sonixj-2.14.0 probing 0c45:6100
[   64.683090][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   64.693330][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   64.832901][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   64.967043][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   65.084838][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   65.366647][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   65.415036][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   65.437386][ T5875] gspca_sonixj: reg_w1 err -110
[   65.442703][ T5875] sonixj 1-1:0.0: probe with driver sonixj failed with error -110
[   65.451601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   65.461130][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   65.480232][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   65.681186][ T5827] Bluetooth: hci1: command tx timeout
[   65.702737][ T5827] Bluetooth: hci0: command tx timeout
[   65.750397][ T5827] Bluetooth: hci3: command tx timeout
[   65.755853][ T5827] Bluetooth: hci4: command tx timeout
[   65.761706][ T5827] Bluetooth: hci2: command tx timeout
[   65.793988][   T58] usbhid 5-1:1.0: can't add hid device: -71
[   65.800606][   T58] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[   65.829809][   T58] usb 5-1: USB disconnect, device number 2
[   66.329038][ T5924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'.
[   68.576799][   T58] usb 1-1: USB disconnect, device number 2
[   69.520441][ T5974] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   69.904449][ T5970] netlink: 132 bytes leftover after parsing attributes in process `syz.1.18'.
[   70.154677][ T5959] netlink: 132 bytes leftover after parsing attributes in process `syz.2.17'.
[   70.198829][ T5983] fuse: Bad value for 'user_id'
[   70.236078][ T5983] fuse: Bad value for 'user_id'
[   71.699635][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[   71.753911][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[   71.963400][ T6005] netlink: 'syz.3.28': attribute type 39 has an invalid length.
[   72.204247][ T6002] smc: net device wg0 applied user defined pnetid SYZ0
[   72.598632][ T6005] smc: removing net device wg0 with user defined pnetid SYZ0
[   73.347274][ T6023] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   73.751028][ T6026] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.783230][ T6026] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.018400][ T6030] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.036842][ T6030] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.150629][ T6033] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.157864][ T6033] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.107432][ T6033] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.114791][ T6033] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.123474][ T6041] Bluetooth: MGMT ver 1.23
[   75.150585][ T6038] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   75.318076][ T6030] Zero length message leads to an empty skb
[   75.392440][ T5821] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[   75.583857][ T5821] usb 5-1: device descriptor read/64, error -71
[   75.622688][ T6034] veth0_vlan: left promiscuous mode
[   75.651217][ T6034] veth0_vlan: entered promiscuous mode
[   75.728894][ T6047] warning: `syz.1.39' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   76.055249][ T5821] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   76.577789][ T6065] netlink: 'syz.2.44': attribute type 1 has an invalid length.
[   76.593045][ T5872] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   76.621090][  T977] cfg80211: failed to load regulatory.db
[   76.644578][ T6065] netlink: 224 bytes leftover after parsing attributes in process `syz.2.44'.
[   76.764487][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   76.776957][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   76.794244][ T5872] usb 4-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[   76.829644][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.862139][ T5872] usb 4-1: config 0 descriptor??
[   76.922977][ T6069] team0 (unregistering): Port device team_slave_0 removed
[   76.958207][ T6069] team0 (unregistering): Port device team_slave_1 removed
[   77.224689][ T6076] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   77.312538][ T5872] uclogic 0003:145F:0212.0001: interface is invalid, ignoring
[   77.485759][ T6064] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   78.313070][ T5874] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   78.402393][ T5821] usb 4-1: USB disconnect, device number 2
[   78.502945][ T5874] usb 1-1: Using ep0 maxpacket: 16
[   78.530987][ T5874] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   78.555063][ T5874] usb 1-1: config 1 interface 0 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   78.568731][ T5874] usb 1-1: config 1 interface 0 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 64
[   78.581215][ T5874] usb 1-1: config 1 interface 0 altsetting 255 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   78.603198][ T5874] usb 1-1: config 1 interface 0 has no altsetting 0
[   78.611874][ T5874] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   78.735264][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   78.743564][ T5874] usb 1-1: SerialNumber: syz
[   78.760466][ T6088] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   78.935496][ T6101] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.152984][ T5821] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   79.411888][ T6100] xt_CT: No such helper "netbios-ns"
[   80.029827][ T5821] usb 4-1: Using ep0 maxpacket: 16
[   80.128643][ T5821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.140106][ T5821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.157402][ T5821] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   80.185820][ T5821] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   80.195194][ T5821] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.226815][ T5821] usb 4-1: config 0 descriptor??
[   80.281176][ T6114] netlink: 36 bytes leftover after parsing attributes in process `syz.4.58'.
[   80.682291][ T6118] netlink: 'syz.1.60': attribute type 2 has an invalid length.
[   80.717758][ T5874] cdc_acm 1-1:1.0: probe with driver cdc_acm failed with error -12
[   81.031398][ T5874] usb 1-1: USB disconnect, device number 3
[   81.604696][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.611976][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.619306][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.627210][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.634614][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.641854][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.649346][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.656668][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.664287][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.671537][ T5821] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   81.685400][ T5821] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0002/input/input5
[   81.799473][ T5821] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[   82.979037][ T5821] usb 4-1: reset high-speed USB device number 3 using dummy_hcd
[   83.055169][ T6139] vivid-002: disconnect
[   83.094932][ T6138] vivid-002: reconnect
[   83.224017][ T6141] overlayfs: failed to resolve './file1': -2
[   83.512987][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   83.689505][    T9] usb 5-1: device descriptor read/64, error -71
[   84.014840][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   84.163343][    T9] usb 5-1: device descriptor read/64, error -71
[   84.210581][ T6163] FAULT_INJECTION: forcing a failure.
[   84.210581][ T6163] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   84.239654][ T6163] CPU: 0 UID: 0 PID: 6163 Comm: syz.2.73 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[   84.250205][ T6163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.260277][ T6163] Call Trace:
[   84.263571][ T6163]  <TASK>
[   84.266514][ T6163]  dump_stack_lvl+0x241/0x360
[   84.271226][ T6163]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.276443][ T6163]  ? __pfx__printk+0x10/0x10
[   84.281059][ T6163]  should_fail_ex+0x3b0/0x4e0
[   84.285754][ T6163]  _copy_from_user+0x2f/0xc0
[   84.290347][ T6163]  move_addr_to_kernel+0x82/0x150
[   84.295372][ T6163]  __sys_sendto+0x268/0x4c0
[   84.299871][ T6163]  ? __pfx___sys_sendto+0x10/0x10
[   84.304916][ T6163]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   84.310904][ T6163]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   84.317230][ T6163]  __x64_sys_sendto+0xde/0x100
[   84.321993][ T6163]  do_syscall_64+0xf3/0x230
[   84.326499][ T6163]  ? clear_bhb_loop+0x35/0x90
[   84.331179][ T6163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.337073][ T6163] RIP: 0033:0x7f825f580849
[   84.341487][ T6163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.361110][ T6163] RSP: 002b:00007f8260359058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   84.369519][ T6163] RAX: ffffffffffffffda RBX: 00007f825f745fa0 RCX: 00007f825f580849
[   84.377485][ T6163] RDX: 0000000000000001 RSI: 0000000020000480 RDI: 0000000000000003
[   84.385447][ T6163] RBP: 00007f82603590a0 R08: 0000000020000140 R09: 000000000000001c
[   84.393410][ T6163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.401370][ T6163] R13: 0000000000000000 R14: 00007f825f745fa0 R15: 00007ffe49881298
[   84.409345][ T6163]  </TASK>
[   84.421260][ T5872] usb 4-1: USB disconnect, device number 3
[   84.505020][    T9] usb usb5-port1: attempt power cycle
[   86.620225][ T6184] process 'syz.2.80' launched './file2' with NULL argv: empty string added
[   90.503579][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   90.562899][  T977] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   90.685853][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[   90.738919][    T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[   90.759315][  T977] usb 4-1: config index 0 descriptor too short (expected 65323, got 119)
[   90.781806][  T977] usb 4-1: config 1 has an invalid descriptor of length 16, skipping remainder of the config
[   90.843203][ T6211] FAULT_INJECTION: forcing a failure.
[   90.843203][ T6211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.882894][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[   90.922947][  T977] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   91.020828][    T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[   91.031210][ T6211] CPU: 0 UID: 0 PID: 6211 Comm: syz.2.87 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[   91.041732][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.051791][ T6211] Call Trace:
[   91.055089][ T6211]  <TASK>
[   91.058041][ T6211]  dump_stack_lvl+0x241/0x360
[   91.062750][ T6211]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.067972][ T6211]  ? __pfx__printk+0x10/0x10
[   91.072597][ T6211]  ? snprintf+0xda/0x120
[   91.076895][ T6211]  should_fail_ex+0x3b0/0x4e0
[   91.081597][ T6211]  _copy_to_user+0x31/0xb0
[   91.086042][ T6211]  simple_read_from_buffer+0xca/0x150
[   91.091447][ T6211]  proc_fail_nth_read+0x1e9/0x250
[   91.096490][ T6211]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.102056][ T6211]  ? rw_verify_area+0x55e/0x6f0
[   91.106924][ T6211]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.112485][ T6211]  vfs_read+0x1fc/0xb70
[   91.116663][ T6211]  ? __pfx___mutex_lock+0x10/0x10
[   91.121706][ T6211]  ? __pfx_vfs_read+0x10/0x10
[   91.126407][ T6211]  ? __fget_files+0x2a/0x410
[   91.131022][ T6211]  ? __fget_files+0x395/0x410
[   91.135721][ T6211]  ? __fget_files+0x2a/0x410
[   91.140343][ T6211]  ksys_read+0x18f/0x2b0
[   91.144613][ T6211]  ? __pfx_ksys_read+0x10/0x10
[   91.149401][ T6211]  ? rcu_is_watching+0x15/0xb0
[   91.154187][ T6211]  ? trace_sys_enter+0x25/0x120
[   91.159067][ T6211]  do_syscall_64+0xf3/0x230
[   91.163596][ T6211]  ? clear_bhb_loop+0x35/0x90
[   91.168306][ T6211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.174222][ T6211] RIP: 0033:0x7f825f57f25c
[   91.178655][ T6211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[   91.198284][ T6211] RSP: 002b:00007f8260359050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.206721][ T6211] RAX: ffffffffffffffda RBX: 00007f825f745fa0 RCX: 00007f825f57f25c
[   91.214714][ T6211] RDX: 000000000000000f RSI: 00007f82603590b0 RDI: 0000000000000006
[   91.222700][ T6211] RBP: 00007f82603590a0 R08: 0000000000000000 R09: 0000000000000000
[   91.230684][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   91.238666][ T6211] R13: 0000000000000000 R14: 00007f825f745fa0 R15: 00007ffe49881298
[   91.246676][ T6211]  </TASK>
[   91.254059][  T977] usb 4-1: config 1 has no interface number 1
[   91.260247][  T977] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   91.302923][  T977] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   91.315607][    T9] usb 2-1: string descriptor 0 read error: -71
[   91.321909][    T9] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[   91.331340][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.405461][    T9] usb 2-1: config 0 descriptor??
[   91.411374][    T9] usb 2-1: can't set config #0, error -71
[   91.419803][    T9] usb 2-1: USB disconnect, device number 2
[   91.440944][  T977] usb 4-1: string descriptor 0 read error: -71
[   91.461287][  T977] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   91.485572][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.566612][ T6226] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.076437][  T977] usb 4-1: can't set config #1, error -71
[   93.205407][ T6240] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   93.287362][   T58] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   93.593183][   T58] usb 2-1: Using ep0 maxpacket: 8
[   93.770347][   T58] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[   93.813135][   T58] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.865617][   T58] usb 2-1: Product: syz
[   93.892269][  T977] usb 4-1: USB disconnect, device number 4
[   93.896628][   T58] usb 2-1: Manufacturer: syz
[   93.933035][   T58] usb 2-1: SerialNumber: syz
[   93.951279][   T58] usb 2-1: config 0 descriptor??
[   94.359084][ T6246] evm: overlay not supported
[   94.760861][   T58] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[   95.250727][   T29] audit: type=1326 audit(1733141878.539:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.272354][   T29] audit: type=1326 audit(1733141878.539:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.294533][   T29] audit: type=1326 audit(1733141878.539:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.316315][   T29] audit: type=1326 audit(1733141878.539:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.337618][   T29] audit: type=1326 audit(1733141878.549:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.364210][   T29] audit: type=1326 audit(1733141878.559:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.397893][   T29] audit: type=1326 audit(1733141878.569:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.428654][   T29] audit: type=1326 audit(1733141878.569:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf6d97f1b0 code=0x7ffc0000
[   95.502667][   T29] audit: type=1326 audit(1733141878.569:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   95.531362][   T29] audit: type=1326 audit(1733141878.569:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6252 comm="syz.3.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf6d980849 code=0x7ffc0000
[   96.163398][   T58] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[   96.291699][   T58] usb 2-1: USB disconnect, device number 3
[   96.725641][ T6278] zonefs (nullb0) ERROR: Not a zoned block device
[   97.917307][ T5872] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   98.905303][ T6288] Invalid source name
[   98.909333][ T6288] UBIFS error (pid: 6288): cannot open "./file0", error -22
[   99.002862][ T5872] usb 1-1: Using ep0 maxpacket: 32
[   99.019385][ T5872] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   99.029630][ T5872] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 10
[   99.629300][ T5872] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   99.639806][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.652757][ T5872] usb 1-1: Product: syz
[   99.682945][ T5872] usb 1-1: Manufacturer: syz
[   99.720845][ T5872] usb 1-1: SerialNumber: syz
[   99.789860][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.789985][ T5872] usb 1-1: can't set config #1, error -71
[   99.803878][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.811298][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.818984][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.826494][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.834166][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.841570][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.847937][ T5872] usb 1-1: USB disconnect, device number 4
[   99.849090][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.862233][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.869713][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.877170][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.884628][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.892731][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.900939][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.908443][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.916021][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.923506][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.930907][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.938371][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.945835][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.953307][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.961015][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.968518][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.976666][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.984214][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[   99.993210][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.000621][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.008155][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.015627][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.023072][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.030487][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.037951][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.045393][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.052971][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.060377][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.067822][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.075280][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.083140][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.092304][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.099794][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.107230][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.114696][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.122110][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.129558][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.136993][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.144442][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.151839][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.159435][ T5874] hid-generic 0000:0000:0003.0003: unknown main item tag 0x0
[  100.184576][ T5877] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  100.286943][ T6309] macvlan0: entered promiscuous mode
[  100.300067][ T5874] hid-generic 0000:0000:0003.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  100.311088][ T6309] ipvlan0: entered promiscuous mode
[  100.328174][ T6309] ipvlan0: left promiscuous mode
[  100.344043][ T6309] macvlan0: left promiscuous mode
[  100.373005][ T5877] usb 2-1: device descriptor read/64, error -71
[  100.392037][ T6300] fuse: Unknown parameter ''
[  100.442959][   T58] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  100.582950][ T5872] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  100.614629][   T58] usb 4-1: config 0 has no interfaces?
[  100.622822][   T58] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  100.641246][ T5877] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  100.651561][   T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.677330][   T58] usb 4-1: config 0 descriptor??
[  100.755129][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.766750][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.777766][ T5872] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  100.786973][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.802896][ T5877] usb 2-1: device descriptor read/64, error -71
[  100.804825][ T5872] usb 3-1: config 0 descriptor??
[  100.915660][ T5877] usb usb2-port1: attempt power cycle
[  102.123433][ T6321] netlink: 16 bytes leftover after parsing attributes in process `syz.2.111'.
[  102.520033][ T6323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.529257][ T6323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.661579][ T5872] sony 0003:054C:024B.0004: unexpected long global item
[  102.669022][ T5872] sony 0003:054C:024B.0004: parse failed
[  102.674727][ T5872] sony 0003:054C:024B.0004: probe with driver sony failed with error -22
[  102.802681][ T6318] trusted_key: encrypted_key: insufficient parameters specified
[  103.495097][ T6339] program syz.0.118 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  104.571038][ T5821] usb 3-1: USB disconnect, device number 2
[  104.769089][ T6347] capability: warning: `syz.4.120' uses deprecated v2 capabilities in a way that may be insecure
[  105.511076][ T5821] usb 4-1: USB disconnect, device number 5
[  105.654674][ T5872] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  105.735584][ T6362] netlink: 'syz.0.123': attribute type 16 has an invalid length.
[  105.743575][ T6362] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.123'.
[  106.202888][ T5872] usb 2-1: Using ep0 maxpacket: 8
[  106.215631][ T5872] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  106.264034][ T5872] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  106.356289][ T5872] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  106.427385][ T5872] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  106.540586][ T5872] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  106.578904][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.937999][ T5872] usb 2-1: GET_CAPABILITIES returned 0
[  107.011809][ T5872] usbtmc 2-1:16.0: can't read capabilities
[  107.318187][ T5872] usb 2-1: USB disconnect, device number 7
[  109.252320][ T6398] FAULT_INJECTION: forcing a failure.
[  109.252320][ T6398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.314497][ T6398] CPU: 0 UID: 0 PID: 6398 Comm: syz.0.132 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  109.325132][ T6398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.335187][ T6398] Call Trace:
[  109.338458][ T6398]  <TASK>
[  109.341386][ T6398]  dump_stack_lvl+0x241/0x360
[  109.346067][ T6398]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.351264][ T6398]  ? __pfx__printk+0x10/0x10
[  109.355850][ T6398]  ? __pfx_lock_release+0x10/0x10
[  109.360873][ T6398]  should_fail_ex+0x3b0/0x4e0
[  109.365546][ T6398]  _copy_from_user+0x2f/0xc0
[  109.370135][ T6398]  __sys_bpf+0x1a4/0x810
[  109.374377][ T6398]  ? __pfx___sys_bpf+0x10/0x10
[  109.379146][ T6398]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  109.385122][ T6398]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  109.391443][ T6398]  ? do_syscall_64+0x100/0x230
[  109.396208][ T6398]  __x64_sys_bpf+0x7c/0x90
[  109.400626][ T6398]  do_syscall_64+0xf3/0x230
[  109.405125][ T6398]  ? clear_bhb_loop+0x35/0x90
[  109.409807][ T6398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.415706][ T6398] RIP: 0033:0x7f0428380849
[  109.420118][ T6398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.439719][ T6398] RSP: 002b:00007f0429235058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  109.448132][ T6398] RAX: ffffffffffffffda RBX: 00007f0428545fa0 RCX: 00007f0428380849
[  109.456097][ T6398] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000009
[  109.464064][ T6398] RBP: 00007f04292350a0 R08: 0000000000000000 R09: 0000000000000000
[  109.472025][ T6398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.479989][ T6398] R13: 0000000000000000 R14: 00007f0428545fa0 R15: 00007ffe759e4ac8
[  109.487965][ T6398]  </TASK>
[  109.491386][ T5877] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  109.805032][ T5877] usb 3-1: unable to get BOS descriptor or descriptor too short
[  109.814034][ T5877] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  109.825421][ T5877] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  109.837307][ T5877] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  109.863607][ T5877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.008496][ T5877] usb 3-1: Product: syz
[  110.073168][ T5877] usb 3-1: Manufacturer: syz
[  110.166071][ T5877] usb 3-1: SerialNumber: syz
[  110.522951][ T5821] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  111.647768][ T6419] netlink: 'syz.0.137': attribute type 2 has an invalid length.
[  112.512841][ T6421] netlink: 16 bytes leftover after parsing attributes in process `syz.1.133'.
[  112.527362][ T6421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.536755][ T6421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.133927][ T5872] usb 3-1: USB disconnect, device number 3
[  115.705568][ T6437] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  118.946742][ T5872] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  119.031522][ T6460] syz.3.149 uses obsolete (PF_INET,SOCK_PACKET)
[  119.132903][ T5872] usb 1-1: Using ep0 maxpacket: 32
[  119.139904][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.155956][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.167430][ T5872] usb 1-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  119.177162][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.193885][ T5872] usb 1-1: config 0 descriptor??
[  119.464273][ T6464] dvmrp1: entered allmulticast mode
[  119.707115][ T5872] wacom 0003:056A:00F0.0005: unknown main item tag 0x0
[  119.767275][ T5872] wacom 0003:056A:00F0.0005: hidraw0: USB HID v0.00 Device [HID 056a:00f0] on usb-dummy_hcd.0-1/input0
[  119.900227][ T6450] netlink: 156 bytes leftover after parsing attributes in process `syz.0.144'.
[  119.989618][ T6450] mkiss: ax0: crc mode is auto.
[  121.022902][ T5872] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  121.065507][ T6485] mkiss: ax0: crc mode is auto.
[  121.100781][ T5821] usb 1-1: USB disconnect, device number 5
[  121.187480][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.229435][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.260227][ T5872] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  121.288641][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.320340][ T5872] usb 5-1: config 0 descriptor??
[  121.409309][ T6490] =======================================================
[  121.409309][ T6490] WARNING: The mand mount option has been deprecated and
[  121.409309][ T6490]          and is ignored by this kernel. Remove the mand
[  121.409309][ T6490]          option from the mount to silence this warning.
[  121.409309][ T6490] =======================================================
[  122.386860][ T6497] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  122.392872][ T6498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.153'.
[  122.770373][ T6496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.779146][ T6496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.806435][ T5872] sony 0003:054C:024B.0006: unexpected long global item
[  122.816936][ T5872] sony 0003:054C:024B.0006: parse failed
[  122.823357][ T5872] sony 0003:054C:024B.0006: probe with driver sony failed with error -22
[  123.205592][ T6500] exFAT-fs (nullb0): invalid boot record signature
[  123.238609][ T6500] exFAT-fs (nullb0): failed to read boot sector
[  123.245134][ T6500] exFAT-fs (nullb0): failed to recognize exfat type
[  124.526662][  T977] usb 5-1: USB disconnect, device number 8
[  126.688639][ T6528] fuse: Bad value for 'user_id'
[  126.709678][ T6528] fuse: Bad value for 'user_id'
[  126.930392][ T6534] syzkaller1: entered promiscuous mode
[  126.949180][ T6534] syzkaller1: entered allmulticast mode
[  127.223300][ T5874] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  127.445052][ T6547] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  128.096193][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 239, changing to 11
[  128.107564][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33382, setting to 1024
[  128.118905][ T5874] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  128.128042][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.154955][ T5874] usb 5-1: config 0 descriptor??
[  129.124665][ T5874] hid-led 0003:1D34:000A.0007: probe with driver hid-led failed with error -71
[  129.163960][ T5874] usb 5-1: USB disconnect, device number 9
[  129.726141][ T6564] netlink: 'syz.2.173': attribute type 16 has an invalid length.
[  129.734784][ T6564] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.173'.
[  130.337728][ T6546] binder_alloc: 6545: binder_alloc_buf, no vma
[  131.111076][ T6578] serio: Serial port ptm0
[  132.280253][ T6598] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  132.953215][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  133.487416][   T58] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  134.449117][ T6614] netlink: 16 bytes leftover after parsing attributes in process `syz.1.187'.
[  134.488942][   T58] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  134.504335][   T58] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  134.517118][   T58] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  134.527011][ T6619] fuse: Bad value for 'user_id'
[  134.532088][ T6619] fuse: Bad value for 'user_id'
[  134.712807][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.796356][ T6623] netlink: 'syz.4.189': attribute type 16 has an invalid length.
[  134.805030][ T6623] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.189'.
[  135.516751][ T6605] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  135.593008][   T58] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  135.919628][ T5872] usb 1-1: USB disconnect, device number 6
[  136.014140][   T58] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  136.274615][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.285752][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.296257][   T58] usb 2-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  136.305547][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.332973][   T58] usb 2-1: config 0 descriptor??
[  136.400522][ T6646] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  138.165160][ T6635] netlink: 16 bytes leftover after parsing attributes in process `syz.1.193'.
[  138.259317][ T6653] netlink: zone id is out of range
[  138.268013][ T6657] netlink: 84 bytes leftover after parsing attributes in process `syz.3.198'.
[  138.287106][ T6653] netlink: zone id is out of range
[  138.292409][ T6653] netlink: zone id is out of range
[  138.376241][ T6635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.384994][ T6635] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.397084][   T58] sony 0003:054C:024B.0008: unexpected long global item
[  138.463404][   T58] sony 0003:054C:024B.0008: parse failed
[  138.510201][   T58] sony 0003:054C:024B.0008: probe with driver sony failed with error -22
[  138.746064][ T6664] fuse: Bad value for 'user_id'
[  138.761271][ T6664] fuse: Bad value for 'user_id'
[  138.986972][ T6668] netlink: 'syz.2.202': attribute type 16 has an invalid length.
[  138.994854][ T6668] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.202'.
[  139.863996][  T977] usb 2-1: USB disconnect, device number 9
[  140.325424][ T6684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  140.362884][   T58] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  140.512900][   T58] usb 1-1: Using ep0 maxpacket: 8
[  140.558677][   T58] usb 1-1: New USB device found, idVendor=0681, idProduct=0010, bcdDevice=ab.e9
[  140.588284][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.615804][   T58] usb 1-1: config 0 descriptor??
[  141.005518][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.4.211'.
[  141.376055][ T6701] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  141.989693][ T6704] fuse: Bad value for 'user_id'
[  142.019602][ T6704] fuse: Bad value for 'user_id'
[  143.450111][  T977] usb 1-1: USB disconnect, device number 7
[  143.659855][ T6726] FAULT_INJECTION: forcing a failure.
[  143.659855][ T6726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.674412][ T6726] CPU: 1 UID: 0 PID: 6726 Comm: syz.0.220 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  143.685033][ T6726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.695177][ T6726] Call Trace:
[  143.698450][ T6726]  <TASK>
[  143.701375][ T6726]  dump_stack_lvl+0x241/0x360
[  143.706058][ T6726]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.711253][ T6726]  ? __pfx__printk+0x10/0x10
[  143.715848][ T6726]  ? __pfx_lock_release+0x10/0x10
[  143.720873][ T6726]  ? __local_bh_enable_ip+0x168/0x200
[  143.726252][ T6726]  should_fail_ex+0x3b0/0x4e0
[  143.730927][ T6726]  _copy_from_user+0x2f/0xc0
[  143.735519][ T6726]  isotp_setsockopt+0x387/0xbb0
[  143.740377][ T6726]  ? __pfx_isotp_setsockopt+0x10/0x10
[  143.745747][ T6726]  ? __pfx_lock_acquire+0x10/0x10
[  143.750766][ T6726]  ? __fget_files+0x2a/0x410
[  143.755353][ T6726]  ? __pfx_isotp_setsockopt+0x10/0x10
[  143.760722][ T6726]  do_sock_setsockopt+0x3af/0x720
[  143.765744][ T6726]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  143.771289][ T6726]  ? __fget_files+0x395/0x410
[  143.775979][ T6726]  ? __fget_files+0x2a/0x410
[  143.780571][ T6726]  __x64_sys_setsockopt+0x1ee/0x280
[  143.785770][ T6726]  do_syscall_64+0xf3/0x230
[  143.790270][ T6726]  ? clear_bhb_loop+0x35/0x90
[  143.794952][ T6726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.800847][ T6726] RIP: 0033:0x7f0428380849
[  143.805259][ T6726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.824870][ T6726] RSP: 002b:00007f0429235058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  143.833295][ T6726] RAX: ffffffffffffffda RBX: 00007f0428545fa0 RCX: 00007f0428380849
[  143.841268][ T6726] RDX: 0000000000000004 RSI: 000000000000006a RDI: 0000000000000004
[  143.849238][ T6726] RBP: 00007f04292350a0 R08: 0000000000000004 R09: 0000000000000000
[  143.857207][ T6726] R10: 0000000020000002 R11: 0000000000000246 R12: 0000000000000001
[  143.865176][ T6726] R13: 0000000000000000 R14: 00007f0428545fa0 R15: 00007ffe759e4ac8
[  143.873158][ T6726]  </TASK>
[  143.876355][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  144.035311][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.047284][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.057554][    T9] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  144.067095][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.078595][    T9] usb 4-1: config 0 descriptor??
[  144.148855][ T6711] binder_alloc: 6710: binder_alloc_buf, no vma
[  145.218598][ T6745] netlink: 16 bytes leftover after parsing attributes in process `syz.3.215'.
[  145.693890][ T6745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.703019][ T6745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.746002][   T58] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  145.846637][    T9] sony 0003:054C:024B.0009: unexpected long global item
[  145.854590][    T9] sony 0003:054C:024B.0009: parse failed
[  145.860302][    T9] sony 0003:054C:024B.0009: probe with driver sony failed with error -22
[  145.864205][ T6747] overlay: Unknown parameter 'obj_role'
[  145.980161][   T58] usb 3-1: Using ep0 maxpacket: 32
[  145.987270][   T58] usb 3-1: unable to get BOS descriptor or descriptor too short
[  145.996664][   T58] usb 3-1: config 2 has an invalid interface number: 155 but max is 1
[  146.198235][   T58] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  146.209085][   T58] usb 3-1: config 2 has 1 interface, different from the descriptor's value: 2
[  146.218462][   T58] usb 3-1: config 2 has no interface number 0
[  146.979776][   T58] usb 3-1: too many endpoints for config 2 interface 155 altsetting 15: 96, using maximum allowed: 30
[  146.991565][   T58] usb 3-1: config 2 interface 155 altsetting 15 has 0 endpoint descriptors, different from the interface descriptor's value: 96
[  147.005401][   T58] usb 3-1: config 2 interface 155 has no altsetting 0
[  147.456362][ T6757] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  147.491124][   T58] usb 3-1: string descriptor 0 read error: -22
[  147.497891][   T58] usb 3-1: New USB device found, idVendor=0781, idProduct=0100, bcdDevice= 1.00
[  147.991161][  T977] usb 4-1: USB disconnect, device number 6
[  148.006908][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.019525][   T58] usb 3-1: can't set config #2, error -71
[  148.026654][   T58] usb 3-1: USB disconnect, device number 4
[  148.473149][ T6767] netlink: 'syz.2.229': attribute type 16 has an invalid length.
[  148.480981][ T6767] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.229'.
[  151.331198][ T6792] block device autoloading is deprecated and will be removed.
[  151.343632][ T6792] netlink: 'syz.3.237': attribute type 21 has an invalid length.
[  151.351385][ T6792] netlink: 'syz.3.237': attribute type 6 has an invalid length.
[  151.359048][ T6792] netlink: 132 bytes leftover after parsing attributes in process `syz.3.237'.
[  151.502106][ T6792] netlink: 28 bytes leftover after parsing attributes in process `syz.3.237'.
[  151.686016][ T6799] FAULT_INJECTION: forcing a failure.
[  151.686016][ T6799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.700925][ T6799] CPU: 0 UID: 0 PID: 6799 Comm: syz.4.239 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  151.711534][ T6799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  151.721574][ T6799] Call Trace:
[  151.724847][ T6799]  <TASK>
[  151.727773][ T6799]  dump_stack_lvl+0x241/0x360
[  151.732440][ T6799]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.737626][ T6799]  ? __pfx__printk+0x10/0x10
[  151.742202][ T6799]  ? __pfx_lock_release+0x10/0x10
[  151.747215][ T6799]  should_fail_ex+0x3b0/0x4e0
[  151.751887][ T6799]  _copy_from_user+0x2f/0xc0
[  151.756477][ T6799]  copy_msghdr_from_user+0xae/0x680
[  151.761668][ T6799]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  151.767493][ T6799]  ? __fget_files+0x2a/0x410
[  151.772067][ T6799]  ? __fget_files+0x2a/0x410
[  151.776645][ T6799]  __sys_sendmmsg+0x32b/0x720
[  151.781312][ T6799]  ? __pfx___sys_sendmmsg+0x10/0x10
[  151.786497][ T6799]  ? __pfx_lock_release+0x10/0x10
[  151.791504][ T6799]  ? kstrtouint_from_user+0x128/0x190
[  151.796871][ T6799]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  151.802768][ T6799]  ? ksys_write+0x22a/0x2b0
[  151.807289][ T6799]  ? __pfx_lock_release+0x10/0x10
[  151.812311][ T6799]  ? vfs_write+0x730/0xd30
[  151.816719][ T6799]  ? __mutex_unlock_slowpath+0x21e/0x790
[  151.822357][ T6799]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  151.828324][ T6799]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  151.834635][ T6799]  ? do_syscall_64+0x100/0x230
[  151.839389][ T6799]  __x64_sys_sendmmsg+0xa0/0xb0
[  151.844227][ T6799]  do_syscall_64+0xf3/0x230
[  151.848719][ T6799]  ? clear_bhb_loop+0x35/0x90
[  151.853387][ T6799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.859268][ T6799] RIP: 0033:0x7fcdf3780849
[  151.863671][ T6799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.883264][ T6799] RSP: 002b:00007fcdf4533058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  151.891665][ T6799] RAX: ffffffffffffffda RBX: 00007fcdf3945fa0 RCX: 00007fcdf3780849
[  151.899622][ T6799] RDX: 0000000000000001 RSI: 0000000020003f40 RDI: 0000000000000003
[  151.907584][ T6799] RBP: 00007fcdf45330a0 R08: 0000000000000000 R09: 0000000000000000
[  151.915547][ T6799] R10: 00000000200000d0 R11: 0000000000000246 R12: 0000000000000001
[  151.923508][ T6799] R13: 0000000000000000 R14: 00007fcdf3945fa0 R15: 00007ffc6733b978
[  151.931472][ T6799]  </TASK>
[  153.667225][ T6824] netlink: 'syz.3.246': attribute type 16 has an invalid length.
[  153.675165][ T6824] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.246'.
[  154.473312][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  154.876542][ T6843] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  154.876542][ T6843] The task syz.4.251 (6843) triggered the difference, watch for misbehavior.
[  155.758646][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.228706][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.238967][    T9] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  156.248489][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.259147][    T9] usb 3-1: config 0 descriptor??
[  156.879890][ T6854] netlink: 16 bytes leftover after parsing attributes in process `syz.2.247'.
[  157.096350][ T6854] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.106344][ T6854] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.590161][ T6853] tracefs: Unknown parameter '0x0000000000000000'
[  157.647674][    T9] sony 0003:054C:024B.000A: unexpected long global item
[  157.659304][    T9] sony 0003:054C:024B.000A: parse failed
[  157.668890][    T9] sony 0003:054C:024B.000A: probe with driver sony failed with error -22
[  158.482552][ T6861] netlink: 75 bytes leftover after parsing attributes in process `syz.0.254'.
[  159.268531][ T5874] usb 3-1: USB disconnect, device number 5
[  159.929631][ T6881] syz_tun: entered promiscuous mode
[  159.960954][ T6881] batadv_slave_0: entered promiscuous mode
[  160.100001][ T6886] netlink: 'syz.2.260': attribute type 16 has an invalid length.
[  160.107905][ T6886] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.260'.
[  164.067331][ T6919] FAULT_INJECTION: forcing a failure.
[  164.067331][ T6919] name failslab, interval 1, probability 0, space 0, times 0
[  164.080988][ T6919] CPU: 1 UID: 0 PID: 6919 Comm: syz.2.274 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  164.091610][ T6919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  164.101685][ T6919] Call Trace:
[  164.104984][ T6919]  <TASK>
[  164.107928][ T6919]  dump_stack_lvl+0x241/0x360
[  164.112633][ T6919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.117864][ T6919]  ? __pfx__printk+0x10/0x10
[  164.122478][ T6919]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  164.128394][ T6919]  ? __pfx___might_resched+0x10/0x10
[  164.133702][ T6919]  ? __asan_memset+0x23/0x50
[  164.138321][ T6919]  should_fail_ex+0x3b0/0x4e0
[  164.143021][ T6919]  should_failslab+0xac/0x100
[  164.147718][ T6919]  ? __alloc_workqueue+0x709/0x1f20
[  164.152938][ T6919]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  164.158687][ T6919]  __alloc_workqueue+0x709/0x1f20
[  164.163737][ T6919]  ? bd_prepare_to_claim+0x432/0x4d0
[  164.169062][ T6919]  alloc_workqueue+0xd6/0x210
[  164.173759][ T6919]  ? __pfx___mutex_lock+0x10/0x10
[  164.178809][ T6919]  ? loop_configure+0x425/0xeb0
[  164.183683][ T6919]  ? __pfx_alloc_workqueue+0x10/0x10
[  164.188990][ T6919]  ? __asan_memcpy+0x40/0x70
[  164.193605][ T6919]  ? loop_set_status_from_info+0x181/0x2b0
[  164.199433][ T6919]  loop_configure+0x519/0xeb0
[  164.204145][ T6919]  lo_ioctl+0x846/0x1f50
[  164.208406][ T6919]  ? mark_lock+0x9a/0x360
[  164.212755][ T6919]  ? validate_chain+0x11e/0x5920
[  164.217713][ T6919]  ? __pfx_lo_ioctl+0x10/0x10
[  164.222409][ T6919]  ? mark_lock+0x9a/0x360
[  164.226763][ T6919]  ? __lock_acquire+0x1397/0x2100
[  164.231840][ T6919]  ? __pfx_lock_acquire+0x10/0x10
[  164.236884][ T6919]  ? is_bpf_text_address+0x26/0x2a0
[  164.242101][ T6919]  ? __pfx_lock_release+0x10/0x10
[  164.247144][ T6919]  ? unwind_next_frame+0x18e6/0x22d0
[  164.252451][ T6919]  ? preempt_count_add+0x93/0x190
[  164.257501][ T6919]  ? 0xffffffffa00038c0
[  164.261679][ T6919]  ? 0xffffffffa00038c0
[  164.265853][ T6919]  ? is_bpf_text_address+0x285/0x2a0
[  164.271159][ T6919]  ? is_bpf_text_address+0x26/0x2a0
[  164.276378][ T6919]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  164.282559][ T6919]  ? kernel_text_address+0xa7/0xe0
[  164.287693][ T6919]  ? __kernel_text_address+0xd/0x40
[  164.292917][ T6919]  ? unwind_get_return_address+0x4d/0x90
[  164.298569][ T6919]  ? arch_stack_walk+0xfd/0x150
[  164.303454][ T6919]  ? stack_trace_save+0x118/0x1d0
[  164.308506][ T6919]  ? __pfx_stack_trace_save+0x10/0x10
[  164.313909][ T6919]  ? stack_depot_save_flags+0x29/0x830
[  164.319395][ T6919]  ? kasan_save_track+0x51/0x80
[  164.324270][ T6919]  ? kasan_save_track+0x3f/0x80
[  164.329142][ T6919]  ? kasan_save_free_info+0x40/0x50
[  164.334359][ T6919]  ? __kasan_slab_free+0x59/0x70
[  164.339318][ T6919]  ? kfree+0x196/0x430
[  164.343404][ T6919]  ? tomoyo_path_number_perm+0x679/0x860
[  164.349058][ T6919]  ? security_file_ioctl+0xc6/0x2a0
[  164.354275][ T6919]  ? __se_sys_ioctl+0x46/0x170
[  164.359060][ T6919]  ? do_syscall_64+0xf3/0x230
[  164.363760][ T6919]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.369859][ T6919]  ? do_vfs_ioctl+0xf07/0x2e40
[  164.374652][ T6919]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  164.379704][ T6919]  ? mark_lock+0x9a/0x360
[  164.384070][ T6919]  ? tomoyo_path_number_perm+0x206/0x860
[  164.389722][ T6919]  ? __pfx_lock_release+0x10/0x10
[  164.394775][ T6919]  ? tomoyo_path_number_perm+0x679/0x860
[  164.400434][ T6919]  ? tomoyo_path_number_perm+0x679/0x860
[  164.406089][ T6919]  ? blkdev_common_ioctl+0xfb2/0x2460
[  164.411484][ T6919]  ? __lock_acquire+0x1397/0x2100
[  164.416531][ T6919]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  164.422185][ T6919]  ? tomoyo_path_number_perm+0x206/0x860
[  164.427880][ T6919]  ? __pfx_smack_file_ioctl+0x10/0x10
[  164.433274][ T6919]  ? file_to_blk_mode+0xcc/0x140
[  164.438231][ T6919]  ? __pfx_lo_ioctl+0x10/0x10
[  164.442931][ T6919]  blkdev_ioctl+0x57d/0x6a0
[  164.447457][ T6919]  ? __pfx_blkdev_ioctl+0x10/0x10
[  164.452503][ T6919]  ? __pfx_blkdev_ioctl+0x10/0x10
[  164.457548][ T6919]  __se_sys_ioctl+0xf5/0x170
[  164.462166][ T6919]  do_syscall_64+0xf3/0x230
[  164.466697][ T6919]  ? clear_bhb_loop+0x35/0x90
[  164.471400][ T6919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.477316][ T6919] RIP: 0033:0x7f825f580849
[  164.481749][ T6919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.501370][ T6919] RSP: 002b:00007f8260359058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.509812][ T6919] RAX: ffffffffffffffda RBX: 00007f825f745fa0 RCX: 00007f825f580849
[  164.517810][ T6919] RDX: 00000000200002c0 RSI: 0000000000004c0a RDI: 0000000000000003
[  164.525797][ T6919] RBP: 00007f82603590a0 R08: 0000000000000000 R09: 0000000000000000
[  164.533790][ T6919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.541780][ T6919] R13: 0000000000000000 R14: 00007f825f745fa0 R15: 00007ffe49881298
[  164.549790][ T6919]  </TASK>
[  165.442561][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  165.442602][   T29] audit: type=1326 audit(1733141948.399:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  165.510670][   T29] audit: type=1326 audit(1733141948.429:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  165.754075][   T29] audit: type=1326 audit(1733141948.499:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  165.776303][   T29] audit: type=1326 audit(1733141948.499:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  165.802684][   T29] audit: type=1326 audit(1733141948.499:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  165.971591][ T6940] netlink: 28 bytes leftover after parsing attributes in process `syz.3.279'.
[  166.083523][   T29] audit: type=1326 audit(1733141948.509:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  166.213006][   T29] audit: type=1326 audit(1733141948.509:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  166.235245][   T29] audit: type=1326 audit(1733141948.509:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  166.257564][   T29] audit: type=1326 audit(1733141948.509:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  166.280740][   T29] audit: type=1326 audit(1733141948.509:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb242380849 code=0x7ffc0000
[  167.574919][ T6952] FAULT_INJECTION: forcing a failure.
[  167.574919][ T6952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.641921][ T6952] CPU: 0 UID: 0 PID: 6952 Comm: syz.3.282 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  167.652551][ T6952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.662624][ T6952] Call Trace:
[  167.665920][ T6952]  <TASK>
[  167.668876][ T6952]  dump_stack_lvl+0x241/0x360
[  167.673588][ T6952]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.678813][ T6952]  ? __pfx__printk+0x10/0x10
[  167.683435][ T6952]  ? snprintf+0xda/0x120
[  167.687703][ T6952]  should_fail_ex+0x3b0/0x4e0
[  167.692402][ T6952]  _copy_to_user+0x31/0xb0
[  167.696847][ T6952]  simple_read_from_buffer+0xca/0x150
[  167.702247][ T6952]  proc_fail_nth_read+0x1e9/0x250
[  167.707301][ T6952]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  167.712882][ T6952]  ? rw_verify_area+0x55e/0x6f0
[  167.717767][ T6952]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  167.723337][ T6952]  vfs_read+0x1fc/0xb70
[  167.727520][ T6952]  ? __pfx___mutex_lock+0x10/0x10
[  167.732572][ T6952]  ? __pfx_vfs_read+0x10/0x10
[  167.737278][ T6952]  ? __fget_files+0x2a/0x410
[  167.741885][ T6952]  ? __fget_files+0x395/0x410
[  167.746562][ T6952]  ? __fget_files+0x2a/0x410
[  167.751159][ T6952]  ksys_read+0x18f/0x2b0
[  167.755404][ T6952]  ? __pfx_ksys_read+0x10/0x10
[  167.760173][ T6952]  ? do_syscall_64+0x100/0x230
[  167.764937][ T6952]  ? do_syscall_64+0xb6/0x230
[  167.769618][ T6952]  do_syscall_64+0xf3/0x230
[  167.774120][ T6952]  ? clear_bhb_loop+0x35/0x90
[  167.778803][ T6952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.784698][ T6952] RIP: 0033:0x7fcf6d97f25c
[  167.789112][ T6952] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  167.808715][ T6952] RSP: 002b:00007fcf6b7f6050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  167.817146][ T6952] RAX: ffffffffffffffda RBX: 00007fcf6db45fa0 RCX: 00007fcf6d97f25c
[  167.825126][ T6952] RDX: 000000000000000f RSI: 00007fcf6b7f60b0 RDI: 0000000000000004
[  167.833094][ T6952] RBP: 00007fcf6b7f60a0 R08: 0000000000000000 R09: 0000000000000000
[  167.841063][ T6952] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  167.849033][ T6952] R13: 0000000000000000 R14: 00007fcf6db45fa0 R15: 00007ffd623b4f18
[  167.857019][ T6952]  </TASK>
[  169.032382][ T6974] 9pnet_fd: Insufficient options for proto=fd
[  169.056268][ T6972] netlink: 20 bytes leftover after parsing attributes in process `syz.4.286'.
[  169.164865][ T6978] fuse: Unknown parameter 'gwᕤ'
[  169.243203][ T5874] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  169.403093][ T5874] usb 1-1: Using ep0 maxpacket: 16
[  169.425894][ T5874] usb 1-1: New USB device found, idVendor=07c4, idProduct=a109, bcdDevice=e8.ef
[  169.441358][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.527721][ T6984] netlink: 8 bytes leftover after parsing attributes in process `syz.1.291'.
[  170.162132][ T5874] usb 1-1: config 0 descriptor??
[  170.258835][ T5874] ums-datafab 1-1:0.0: USB Mass Storage device detected
[  170.359541][ T5874] ums-sddr55 1-1:0.0: USB Mass Storage device detected
[  170.653004][ T5874] usb 1-1: USB disconnect, device number 8
[  170.734961][ T7002] mkiss: ax0: crc mode is auto.
[  171.132650][ T7006] netlink: 'syz.0.296': attribute type 11 has an invalid length.
[  171.736700][ T7008] FAULT_INJECTION: forcing a failure.
[  171.736700][ T7008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.807421][ T7008] CPU: 1 UID: 0 PID: 7008 Comm: syz.4.297 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  171.818071][ T7008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  171.828149][ T7008] Call Trace:
[  171.831440][ T7008]  <TASK>
[  171.834385][ T7008]  dump_stack_lvl+0x241/0x360
[  171.839089][ T7008]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.844314][ T7008]  ? __pfx__printk+0x10/0x10
[  171.848941][ T7008]  ? __pfx_lock_release+0x10/0x10
[  171.854018][ T7008]  should_fail_ex+0x3b0/0x4e0
[  171.858723][ T7008]  _copy_from_user+0x2f/0xc0
[  171.863340][ T7008]  __sys_bpf+0x1a4/0x810
[  171.867601][ T7008]  ? __pfx___sys_bpf+0x10/0x10
[  171.872394][ T7008]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  171.878398][ T7008]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  171.884745][ T7008]  ? do_syscall_64+0x100/0x230
[  171.889534][ T7008]  __x64_sys_bpf+0x7c/0x90
[  171.893970][ T7008]  do_syscall_64+0xf3/0x230
[  171.898491][ T7008]  ? clear_bhb_loop+0x35/0x90
[  171.903192][ T7008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.909107][ T7008] RIP: 0033:0x7fcdf3780849
[  171.913536][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.933167][ T7008] RSP: 002b:00007fcdf4533058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  171.941630][ T7008] RAX: ffffffffffffffda RBX: 00007fcdf3945fa0 RCX: 00007fcdf3780849
[  171.949625][ T7008] RDX: 0000000000000048 RSI: 0000000020000340 RDI: 000000000000000a
[  171.957624][ T7008] RBP: 00007fcdf45330a0 R08: 0000000000000000 R09: 0000000000000000
[  171.965618][ T7008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.973611][ T7008] R13: 0000000000000000 R14: 00007fcdf3945fa0 R15: 00007ffc6733b978
[  171.981626][ T7008]  </TASK>
[  172.640634][ T7028] program syz.2.299 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  173.178070][ T5875] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  173.262284][ T7029] netlink: 140 bytes leftover after parsing attributes in process `syz.0.301'.
[  173.529853][ T7020] random: crng reseeded on system resumption
[  173.738342][ T7034] Invalid logical block size (201)
[  173.823198][ T5875] usb 4-1: Using ep0 maxpacket: 8
[  173.835324][ T5875] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  173.871558][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  173.923681][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  173.958680][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  173.983803][ T5875] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  173.991241][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  174.017241][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  174.028898][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  174.042396][ T7038] batadv0: entered promiscuous mode
[  174.056930][ T7038] macvtap1: entered promiscuous mode
[  174.065154][ T7038] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  174.067649][ T5875] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  174.079569][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  174.090473][ T7042] netlink: 144 bytes leftover after parsing attributes in process `syz.4.309'.
[  174.090887][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  174.110978][ T5875] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  174.111610][ T7038] batadv0: left promiscuous mode
[  174.154830][ T5875] usb 4-1: string descriptor 0 read error: -22
[  174.161201][ T5875] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  174.178427][    T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  174.191552][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.210695][ T5875] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  174.334633][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  174.341412][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  174.355930][ T7049] netlink: 144 bytes leftover after parsing attributes in process `syz.2.311'.
[  174.365620][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.380614][    T9] usb 1-1: config 0 descriptor??
[  174.450714][ T5821] usb 4-1: USB disconnect, device number 7
[  174.657340][ T7011] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  174.672875][ T5875] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  174.902149][ T7055] xt_CT: You must specify a L4 protocol and not use inversions on it
[  175.076273][ T7057] netlink: 12 bytes leftover after parsing attributes in process `syz.4.313'.
[  175.107776][ T7057] xfrm1: entered promiscuous mode
[  175.114247][ T7057] xfrm1: entered allmulticast mode
[  175.204247][ T7040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.218683][ T5875] usb 2-1: unable to get BOS descriptor or descriptor too short
[  175.244005][ T5875] usb 2-1: unable to read config index 0 descriptor/start: -71
[  175.248996][ T7040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.289612][ T5875] usb 2-1: can't read configurations, error -71
[  175.321837][    T9] video4linux radio48: keene_cmd_main failed (-71)
[  175.346168][    T9] radio-keene 1-1:0.0: V4L2 device registered as radio48
[  175.364733][    T9] usb 1-1: USB disconnect, device number 9
[  176.627348][ T7072] netlink: 'syz.4.317': attribute type 16 has an invalid length.
[  176.635237][ T7072] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.317'.
[  178.389007][ T7099] netlink: 144 bytes leftover after parsing attributes in process `syz.4.325'.
[  178.662667][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  178.833377][    T9] usb 3-1: Using ep0 maxpacket: 16
[  178.846028][    T9] usb 3-1: config index 0 descriptor too short (expected 16456, got 72)
[  178.873779][    T9] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  178.908225][    T9] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  178.945773][    T9] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  178.991678][    T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  179.001143][    T9] usb 3-1: config 0 has no interface number 0
[  179.007832][    T9] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  179.028956][    T9] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  179.042838][ T5875] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  179.044078][    T9] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  179.222533][ T5875] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.317202][ T5875] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.470833][ T5875] usb 2-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  179.612261][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.707033][    T9] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  179.720594][    T9] usb 3-1: config 0 interface 125 has no altsetting 0
[  179.761750][ T5875] usb 2-1: config 0 descriptor??
[  179.822614][    T9] usb 3-1: config 0 interface 125 has no altsetting 2
[  179.832003][    T9] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  179.842018][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.850749][    T9] usb 3-1: Product: syz
[  179.855542][    T9] usb 3-1: Manufacturer: syz
[  179.860687][    T9] usb 3-1: SerialNumber: syz
[  179.867839][    T9] usb 3-1: config 0 descriptor??
[  179.885781][    T9] usb 3-1: selecting invalid altsetting 2
[  180.494953][    C0] usb 3-1: async_complete: urb error -71
[  180.500763][    C0] usb 3-1: async_complete: urb error -71
[  180.506494][    C0] usb 3-1: async_complete: urb error -71
[  180.524050][    T9] get_1284_register: usb error -71
[  180.529901][    T9] uss720 3-1:0.125: probe with driver uss720 failed with error -71
[  181.138822][ T5832] Bluetooth: hci1: command 0x0406 tx timeout
[  181.156403][ T5832] Bluetooth: hci3: command 0x0406 tx timeout
[  181.162548][ T5832] Bluetooth: hci4: command 0x0405 tx timeout
[  181.169568][ T5832] Bluetooth: hci0: command 0x0406 tx timeout
[  181.175705][ T5832] Bluetooth: hci2: command 0x0406 tx timeout
[  181.362875][ T7129] netlink: 16 bytes leftover after parsing attributes in process `syz.1.327'.
[  181.474140][    T9] usb 3-1: USB disconnect, device number 6
[  181.580959][ T7127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.589992][ T7127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.603649][ T5875] sony 0003:054C:024B.000B: unexpected long global item
[  181.631544][ T5875] sony 0003:054C:024B.000B: parse failed
[  181.687864][ T5875] sony 0003:054C:024B.000B: probe with driver sony failed with error -22
[  181.971851][ T7137] VFS: could not find a valid V7 on nullb0.
[  181.992899][ T7137] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  182.010046][ T7137] netlink: 12 bytes leftover after parsing attributes in process `syz.0.335'.
[  183.199811][ T7149] netlink: 144 bytes leftover after parsing attributes in process `syz.4.340'.
[  183.726500][   T58] usb 2-1: USB disconnect, device number 12
[  185.252953][ T5872] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  185.470817][ T5872] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  185.519940][ T5872] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  185.553324][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.600758][ T5872] usb 2-1: config 0 descriptor??
[  185.609350][ T5872] pwc: Askey VC010 type 2 USB webcam detected.
[  185.755816][ T7170] netlink: 8 bytes leftover after parsing attributes in process `syz.4.345'.
[  186.107136][ T5875] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  186.170177][ T5872] pwc: recv_control_msg error -32 req 02 val 2b00
[  186.261183][ T5872] pwc: recv_control_msg error -32 req 02 val 2700
[  186.330818][ T5872] pwc: recv_control_msg error -32 req 02 val 2c00
[  186.343988][ T5872] pwc: recv_control_msg error -32 req 04 val 1000
[  186.384173][ T5875] usb 1-1: Using ep0 maxpacket: 16
[  186.394212][ T5875] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  186.425775][ T5875] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  186.435317][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.444486][ T5875] usb 1-1: Product: syz
[  186.448896][ T5875] usb 1-1: Manufacturer: syz
[  186.670437][ T5875] usb 1-1: SerialNumber: syz
[  187.417331][ T5875] usb 1-1: config 0 descriptor??
[  187.445571][ T5875] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  187.458398][ T5872] pwc: recv_control_msg error -71 req 04 val 1400
[  187.459662][ T5875] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  187.648530][ T5872] pwc: recv_control_msg error -71 req 02 val 2000
[  187.735622][ T5872] pwc: recv_control_msg error -71 req 02 val 2100
[  187.756038][ T5872] pwc: recv_control_msg error -71 req 04 val 1500
[  187.773117][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  187.792161][ T5872] pwc: recv_control_msg error -71 req 02 val 2500
[  187.817958][ T5872] pwc: recv_control_msg error -71 req 02 val 2400
[  187.830170][ T5872] pwc: recv_control_msg error -71 req 02 val 2600
[  187.842664][ T5872] pwc: recv_control_msg error -71 req 02 val 2900
[  187.858755][ T5872] pwc: recv_control_msg error -71 req 02 val 2800
[  187.867900][ T5872] pwc: recv_control_msg error -71 req 04 val 1100
[  187.904834][ T5872] pwc: recv_control_msg error -71 req 04 val 1200
[  187.920104][ T5872] pwc: Registered as video103.
[  187.929599][ T5872] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input9
[  187.939756][    T9] usb 4-1: Using ep0 maxpacket: 16
[  187.950721][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.972128][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.028983][ T5872] usb 2-1: USB disconnect, device number 13
[  188.050687][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  188.146171][    T9] usb 4-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[  188.180802][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.205077][    T9] usb 4-1: config 0 descriptor??
[  188.294496][ T5821] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  188.386001][ T7197] IPVS: set_ctl: invalid protocol: 59 224.0.0.1:0
[  188.402513][ T5875] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  188.419015][ T7197] tipc: Started in network mode
[  188.424416][ T7197] tipc: Node identity ac1414aa, cluster identity 4711
[  188.432150][ T7197] tipc: Enabled bearer <udp:s>, priority 10
[  189.029476][ T5821] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.081078][ T5821] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.095838][ T5821] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  189.181339][ T5821] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.423922][ T5821] usb 3-1: config 0 descriptor??
[  189.549967][    T8] tipc: Node number set to 2886997162
[  189.923716][ T5875] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  189.932485][ T5875] em28xx 1-1:0.0: board has no eeprom
[  190.045332][ T7210] netlink: 16 bytes leftover after parsing attributes in process `syz.2.351'.
[  190.263482][ T7210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.273492][ T7210] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.592576][    T9] usbhid 4-1:0.0: can't add hid device: -71
[  190.604509][    T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  190.620425][ T5821] sony 0003:054C:024B.000C: unexpected long global item
[  190.628444][ T5821] sony 0003:054C:024B.000C: parse failed
[  190.634826][ T5821] sony 0003:054C:024B.000C: probe with driver sony failed with error -22
[  190.653263][    T9] usb 4-1: USB disconnect, device number 8
[  191.038914][ T5875] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  191.052886][ T5875] em28xx 1-1:0.0: dvb set to bulk mode.
[  191.192778][   T25] em28xx 1-1:0.0: Binding DVB extension
[  191.391969][ T5875] usb 1-1: USB disconnect, device number 10
[  191.598950][ T5875] em28xx 1-1:0.0: Disconnecting em28xx
[  191.917852][   T25] em28xx 1-1:0.0: Registering input extension
[  192.911535][ T5875] em28xx 1-1:0.0: Closing input extension
[  192.932965][ T5875] em28xx 1-1:0.0: Freeing device
[  193.871233][ T7238] FAULT_INJECTION: forcing a failure.
[  193.871233][ T7238] name failslab, interval 1, probability 0, space 0, times 0
[  193.884341][ T7238] CPU: 0 UID: 0 PID: 7238 Comm: syz.1.362 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  193.894955][ T7238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  193.905036][ T7238] Call Trace:
[  193.908325][ T7238]  <TASK>
[  193.911265][ T7238]  dump_stack_lvl+0x241/0x360
[  193.915975][ T7238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.921196][ T7238]  ? __pfx__printk+0x10/0x10
[  193.925803][ T7238]  ? __pfx_lock_acquire+0x10/0x10
[  193.930821][ T7238]  should_fail_ex+0x3b0/0x4e0
[  193.935487][ T7238]  should_failslab+0xac/0x100
[  193.940152][ T7238]  ? __inet_hash_connect+0xa2e/0x2170
[  193.945527][ T7238]  kmem_cache_alloc_noprof+0x70/0x380
[  193.950930][ T7238]  __inet_hash_connect+0xa2e/0x2170
[  193.956167][ T7238]  ? __pfx___inet_check_established+0x10/0x10
[  193.962275][ T7238]  ? __pfx___inet_hash_connect+0x10/0x10
[  193.967930][ T7238]  ? inet_hash_connect+0xac/0x140
[  193.972967][ T7238]  tcp_v4_connect+0xd04/0x1ba0
[  193.977745][ T7238]  ? __pfx_tcp_v4_connect+0x10/0x10
[  193.982938][ T7238]  ? mptcp_connect+0x656/0xb20
[  193.987700][ T7238]  ? do_raw_spin_unlock+0x13c/0x8b0
[  193.992915][ T7238]  mptcp_connect+0x701/0xb20
[  193.997557][ T7238]  __inet_stream_connect+0x262/0xf30
[  194.002852][ T7238]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  194.009180][ T7238]  ? __local_bh_enable_ip+0x168/0x200
[  194.014552][ T7238]  ? lockdep_hardirqs_on+0x99/0x150
[  194.019747][ T7238]  ? __pfx___inet_stream_connect+0x10/0x10
[  194.025544][ T7238]  ? __local_bh_enable_ip+0x168/0x200
[  194.030915][ T7238]  ? inet_stream_connect+0x50/0xa0
[  194.036023][ T7238]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  194.041748][ T7238]  inet_stream_connect+0x65/0xa0
[  194.046687][ T7238]  __sys_connect+0x288/0x2d0
[  194.051271][ T7238]  ? __fget_files+0x2a/0x410
[  194.055858][ T7238]  ? __pfx___sys_connect+0x10/0x10
[  194.060979][ T7238]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  194.067305][ T7238]  ? do_syscall_64+0x100/0x230
[  194.072069][ T7238]  __x64_sys_connect+0x7a/0x90
[  194.076828][ T7238]  do_syscall_64+0xf3/0x230
[  194.081332][ T7238]  ? clear_bhb_loop+0x35/0x90
[  194.086020][ T7238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.091909][ T7238] RIP: 0033:0x7fb242380849
[  194.096323][ T7238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.115926][ T7238] RSP: 002b:00007fb2431bd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  194.124344][ T7238] RAX: ffffffffffffffda RBX: 00007fb242545fa0 RCX: 00007fb242380849
[  194.132311][ T7238] RDX: 0000000000000010 RSI: 0000000020003580 RDI: 0000000000000003
[  194.140282][ T7238] RBP: 00007fb2431bd0a0 R08: 0000000000000000 R09: 0000000000000000
[  194.148271][ T7238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.156237][ T7238] R13: 0000000000000000 R14: 00007fb242545fa0 R15: 00007fffb37df1d8
[  194.164214][ T7238]  </TASK>
[  194.263813][ T5872] usb 3-1: USB disconnect, device number 7
[  194.389602][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  194.557978][   T58] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  195.056733][   T58] usb 1-1: Using ep0 maxpacket: 16
[  195.098797][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.110762][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.149504][   T58] usb 1-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[  195.191970][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.240705][   T58] usb 1-1: config 0 descriptor??
[  195.457611][   T51] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  195.621566][   T51] usb 2-1: device descriptor read/64, error -71
[  195.690649][ T7242] batman_adv: batadv0: Adding interface: erspan1
[  195.723246][ T7242] batman_adv: batadv0: Not using interface erspan1 (retrying later): interface not active
[  196.465636][   T58] macally 0003:060B:0001.000D: unexpected long global item
[  196.473540][   T58] macally 0003:060B:0001.000D: probe with driver macally failed with error -22
[  196.745127][ T7242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.792883][   T51] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  196.808158][ T7242] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.890146][ T5872] usb 1-1: USB disconnect, device number 11
[  196.994628][   T51] usb 2-1: device descriptor read/64, error -71
[  197.029642][ T7280] xt_l2tp: missing protocol rule (udp|l2tpip)
[  197.245172][   T51] usb usb2-port1: attempt power cycle
[  197.510756][ T7288] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  197.610303][   T51] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  197.765232][   T51] usb 2-1: device descriptor read/8, error -71
[  198.239195][ T5821] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  198.403237][ T5821] usb 4-1: Using ep0 maxpacket: 16
[  198.564243][ T5821] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  198.576634][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.620573][ T5821] usb 4-1: Product: syz
[  198.679236][ T5821] usb 4-1: Manufacturer: syz
[  198.690929][ T5821] usb 4-1: SerialNumber: syz
[  198.799200][ T5821] usb 4-1: config 0 descriptor??
[  198.807252][ T5821] ums-onetouch 4-1:0.0: USB Mass Storage device detected
[  199.094067][ T5821] usb 4-1: USB disconnect, device number 9
[  201.751847][ T7314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.383'.
[  307.202693][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  307.209689][    C0] rcu: 	1-...!: (1 GPs behind) idle=79d4/1/0x4000000000000000 softirq=17795/17796 fqs=2
[  307.220525][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=14569, q=214 ncpus=2)
[  307.228268][    C0] Sending NMI from CPU 0 to CPUs 1:
[  307.228306][    C1] NMI backtrace for cpu 1
[  307.228319][    C1] CPU: 1 UID: 0 PID: 7316 Comm: syz.1.384 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  307.228337][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  307.228346][    C1] RIP: 0010:kasan_check_range+0x86/0x290
[  307.228373][    C1] Code: 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd 41 80 3b 00 <0f> 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 00 45 89 dc
[  307.228385][    C1] RSP: 0018:ffffc90000a18a70 EFLAGS: 00000002
[  307.228399][    C1] RAX: 0000000000000001 RBX: 1ffff92000143160 RCX: ffffffff817c15cf
[  307.228411][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000a18b00
[  307.228421][    C1] RBP: ffffffffffffffff R08: ffffc90000a18b03 R09: 1ffff92000143160
[  307.228432][    C1] R10: dffffc0000000000 R11: fffff52000143160 R12: ffffffff9a5b2480
[  307.228443][    C1] R13: 1ffff92000143160 R14: dffffc0000000001 R15: fffff52000143161
[  307.228455][    C1] FS:  00007fb2431bd6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  307.228468][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.228479][    C1] CR2: 000000110c40e27b CR3: 0000000033890000 CR4: 00000000003526f0
[  307.228495][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  307.228504][    C1] DR3: 0000000000000007 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  307.228514][    C1] Call Trace:
[  307.228520][    C1]  <NMI>
[  307.228528][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  307.228548][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  307.228566][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  307.228581][    C1]  ? nmi_handle+0x2a/0x5a0
[  307.228605][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  307.228625][    C1]  ? nmi_handle+0x14f/0x5a0
[  307.228640][    C1]  ? nmi_handle+0x2a/0x5a0
[  307.228656][    C1]  ? kasan_check_range+0x86/0x290
[  307.228671][    C1]  ? default_do_nmi+0x63/0x160
[  307.228686][    C1]  ? exc_nmi+0x123/0x1f0
[  307.228701][    C1]  ? end_repeat_nmi+0xf/0x53
[  307.228725][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  307.228745][    C1]  ? kasan_check_range+0x86/0x290
[  307.228760][    C1]  ? kasan_check_range+0x86/0x290
[  307.228775][    C1]  ? kasan_check_range+0x86/0x290
[  307.228790][    C1]  </NMI>
[  307.228795][    C1]  <IRQ>
[  307.228801][    C1]  do_raw_spin_lock+0x14f/0x370
[  307.228824][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  307.228845][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  307.228865][    C1]  _raw_spin_lock_irqsave+0xe1/0x120
[  307.228887][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  307.228909][    C1]  debug_object_deactivate+0x158/0x390
[  307.228932][    C1]  ? __pfx_debug_object_deactivate+0x10/0x10
[  307.228954][    C1]  ? timerqueue_add+0x260/0x290
[  307.228969][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  307.228988][    C1]  debug_deactivate+0x1b/0x220
[  307.229008][    C1]  __hrtimer_run_queues+0x305/0xd30
[  307.229035][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  307.229052][    C1]  ? sched_clock+0x4a/0x70
[  307.229071][    C1]  ? read_tsc+0x9/0x20
[  307.229089][    C1]  ? ktime_get_update_offsets_now+0x393/0x3b0
[  307.229108][    C1]  hrtimer_interrupt+0x403/0xa40
[  307.229136][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[  307.229154][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  307.229173][    C1]  </IRQ>
[  307.229178][    C1]  <TASK>
[  307.229184][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.229204][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[  307.229222][    C1] Code: c9 50 e8 a9 07 0c 00 48 83 c4 08 4c 89 f7 e8 ed 39 00 00 0f 1f 44 00 00 4c 89 f7 e8 e0 ea 5b 0a e8 4b 98 38 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[  307.229234][    C1] RSP: 0018:ffffc9000bfb71a8 EFLAGS: 00000286
[  307.229247][    C1] RAX: 75537ecbb7a80100 RBX: ffff8880277f3c00 RCX: ffffffff9a389903
[  307.229258][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0a9680 RDI: ffffffff8c5e90a0
[  307.229269][    C1] RBP: ffffc9000bfb71f0 R08: ffffffff90181b77 R09: 1ffffffff203036e
[  307.229281][    C1] R10: dffffc0000000000 R11: fffffbfff203036f R12: 1ffff110170e7eac
[  307.229292][    C1] R13: dffffc0000000000 R14: ffff8880b873e740 R15: ffff8880b873f560
[  307.229311][    C1]  ? finish_task_switch+0x1e5/0x870
[  307.229330][    C1]  __schedule+0x1803/0x4be0
[  307.229359][    C1]  ? __pfx___schedule+0x10/0x10
[  307.229377][    C1]  ? __pfx_lock_release+0x10/0x10
[  307.229399][    C1]  ? schedule+0x90/0x320
[  307.229415][    C1]  schedule+0x14b/0x320
[  307.229432][    C1]  schedule_timeout+0xb0/0x290
[  307.229448][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  307.229467][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  307.229486][    C1]  ? prepare_to_wait_exclusive+0x84/0x230
[  307.229504][    C1]  unix_wait_for_peer+0x250/0x340
[  307.229522][    C1]  ? __pfx_unix_wait_for_peer+0x10/0x10
[  307.229538][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  307.229553][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  307.229572][    C1]  ? hook_unix_may_send+0x11e/0x5b0
[  307.229594][    C1]  unix_dgram_sendmsg+0x127f/0x1f80
[  307.229622][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  307.229640][    C1]  ? __import_iovec+0x3a8/0x870
[  307.229663][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  307.229678][    C1]  __sock_sendmsg+0x221/0x270
[  307.229700][    C1]  ____sys_sendmsg+0x52a/0x7e0
[  307.229720][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.229736][    C1]  ? __fget_files+0x2a/0x410
[  307.229755][    C1]  ? __sys_sendmmsg+0x392/0x720
[  307.229771][    C1]  ? __might_fault+0xaa/0x120
[  307.229790][    C1]  __sys_sendmmsg+0x36a/0x720
[  307.229812][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[  307.229843][    C1]  ? futex_hash+0x1e/0x1f0
[  307.229864][    C1]  ? futex_wait+0x285/0x360
[  307.229885][    C1]  ? __pfx_futex_wait+0x10/0x10
[  307.229906][    C1]  ? unix_dgram_connect+0xaec/0xd80
[  307.229925][    C1]  ? do_futex+0x33b/0x560
[  307.229948][    C1]  ? __sys_connect+0x119/0x2d0
[  307.229967][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  307.229984][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  307.230000][    C1]  ? do_syscall_64+0x100/0x230
[  307.230021][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  307.230038][    C1]  do_syscall_64+0xf3/0x230
[  307.230057][    C1]  ? clear_bhb_loop+0x35/0x90
[  307.230077][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.230096][    C1] RIP: 0033:0x7fb242380849
[  307.230113][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.230125][    C1] RSP: 002b:00007fb2431bd058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  307.230140][    C1] RAX: ffffffffffffffda RBX: 00007fb242545fa0 RCX: 00007fb242380849
[  307.230151][    C1] RDX: 0000000000000651 RSI: 0000000020000000 RDI: 0000000000000005
[  307.230161][    C1] RBP: 00007fb2423f3986 R08: 0000000000000000 R09: 0000000000000000
[  307.230171][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.230180][    C1] R13: 0000000000000000 R14: 00007fb242545fa0 R15: 00007fffb37df1d8
[  307.230199][    C1]  </TASK>
[  307.230293][    C0] rcu: rcu_preempt kthread starved for 10498 jiffies! g14569 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  307.921732][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  307.931708][    C0] rcu: RCU grace-period kthread stack dump:
[  307.937598][    C0] task:rcu_preempt     state:R  running task     stack:26072 pid:17    tgid:17    ppid:2      flags:0x00004000
[  307.949357][    C0] Call Trace:
[  307.952642][    C0]  <TASK>
[  307.955582][    C0]  __schedule+0x17fb/0x4be0
[  307.960123][    C0]  ? __pfx___schedule+0x10/0x10
[  307.964986][    C0]  ? __pfx_lock_release+0x10/0x10
[  307.970032][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  307.976371][    C0]  ? schedule+0x90/0x320
[  307.980623][    C0]  schedule+0x14b/0x320
[  307.984793][    C0]  schedule_timeout+0x15a/0x290
[  307.989657][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  307.995038][    C0]  ? __pfx_process_timeout+0x10/0x10
[  308.000341][    C0]  ? prepare_to_swait_event+0x330/0x350
[  308.005897][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  308.010754][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  308.015978][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  308.022139][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  308.027444][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  308.032045][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  308.037251][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  308.043155][    C0]  ? __kthread_parkme+0x169/0x1d0
[  308.048188][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  308.053395][    C0]  kthread+0x2f0/0x390
[  308.057471][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  308.062675][    C0]  ? __pfx_kthread+0x10/0x10
[  308.067273][    C0]  ret_from_fork+0x4b/0x80
[  308.071703][    C0]  ? __pfx_kthread+0x10/0x10
[  308.076301][    C0]  ret_from_fork_asm+0x1a/0x30
[  308.081089][    C0]  </TASK>
[  308.084126][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  308.090451][    C0] CPU: 0 UID: 0 PID: 63 Comm: kworker/u8:4 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  308.101126][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  308.111185][    C0] Workqueue: events_unbound toggle_allocation_gate
[  308.117701][    C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2c60
[  308.124472][    C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 66 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 11 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 f5 e4
[  308.144098][    C0] RSP: 0018:ffffc900015476e0 EFLAGS: 00000293
[  308.150173][    C0] RAX: ffffffff81938cdb RBX: 1ffff110170e88b9 RCX: ffff88801bbabc00
[  308.158150][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  308.166123][    C0] RBP: ffffc900015478e0 R08: ffffffff81938caa R09: 1ffffffff2850510
[  308.174100][    C0] R10: dffffc0000000000 R11: fffffbfff2850511 R12: dffffc0000000000
[  308.182075][    C0] R13: ffff8880b87445c8 R14: ffff8880b863f940 R15: 0000000000000001
[  308.190058][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  308.198991][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  308.205577][    C0] CR2: 00007f0428366020 CR3: 000000000e736000 CR4: 00000000003526f0
[  308.213555][    C0] Call Trace:
[  308.216841][    C0]  <IRQ>
[  308.219690][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  308.226034][    C0]  ? print_other_cpu_stall+0x1481/0x15c0
[  308.231690][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  308.237519][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  308.243799][    C0]  ? rcu_sched_clock_irq+0xa26/0x10e0
[  308.249201][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  308.254861][    C0]  ? update_process_times+0x242/0x2f0
[  308.260261][    C0]  ? tick_nohz_handler+0x37c/0x500
[  308.265398][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  308.270872][    C0]  ? __hrtimer_run_queues+0x551/0xd30
[  308.276273][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  308.282000][    C0]  ? handle_softirqs+0x7e0/0x9b0
[  308.286966][    C0]  ? read_tsc+0x9/0x20
[  308.291050][    C0]  ? ktime_get_update_offsets_now+0x393/0x3b0
[  308.297143][    C0]  ? hrtimer_interrupt+0x403/0xa40
[  308.302287][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[  308.308454][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  308.314270][    C0]  </IRQ>
[  308.317207][    C0]  <TASK>
[  308.320146][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  308.326321][    C0]  ? smp_call_function_many_cond+0x19da/0x2c60
[  308.332487][    C0]  ? smp_call_function_many_cond+0x1a0b/0x2c60
[  308.338654][    C0]  ? smp_call_function_many_cond+0x19f3/0x2c60
[  308.344859][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  308.349904][    C0]  ? __pfx___text_poke+0x10/0x10
[  308.354848][    C0]  ? process_scheduled_works+0x976/0x1840
[  308.360585][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  308.366924][    C0]  ? __pfx___might_resched+0x10/0x10
[  308.372224][    C0]  ? __pfx___mutex_trylock_common+0x10/0x10
[  308.378134][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  308.383171][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[  308.388297][    C0]  text_poke_bp_batch+0x352/0xb30
[  308.393337][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  308.399335][    C0]  ? arch_jump_label_transform_apply+0x17/0x30
[  308.405505][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  308.411069][    C0]  ? arch_jump_label_transform_queue+0x9b/0x100
[  308.417327][    C0]  ? process_scheduled_works+0x976/0x1840
[  308.423065][    C0]  text_poke_finish+0x30/0x50
[  308.427752][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  308.433742][    C0]  static_key_enable_cpuslocked+0x136/0x260
[  308.439648][    C0]  static_key_enable+0x1a/0x20
[  308.444425][    C0]  toggle_allocation_gate+0xbc/0x260
[  308.449723][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  308.455622][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  308.461972][    C0]  process_scheduled_works+0xa66/0x1840
[  308.467567][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  308.473571][    C0]  ? assign_work+0x364/0x3d0
[  308.478178][    C0]  worker_thread+0x870/0xd30
[  308.482815][    C0]  ? __kthread_parkme+0x169/0x1d0
[  308.487861][    C0]  ? __pfx_worker_thread+0x10/0x10
[  308.492984][    C0]  kthread+0x2f0/0x390
[  308.497064][    C0]  ? __pfx_worker_thread+0x10/0x10
[  308.502184][    C0]  ? __pfx_kthread+0x10/0x10
[  308.506782][    C0]  ret_from_fork+0x4b/0x80
[  308.511207][    C0]  ? __pfx_kthread+0x10/0x10
[  308.515808][    C0]  ret_from_fork_asm+0x1a/0x30
[  308.520613][    C0]  </TASK>