last executing test programs:

7m7.6587451s ago: executing program 1 (id=985):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'tunl0\x00', <r2=>0x0})
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x0, r2}, 0x2a)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552da15f6", @ANYRES32=0x0, @ANYBLOB="000000293c000000280012800a00010076786c616e00000018000280140013"], 0x48}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r3, &(0x7f0000000140), 0x4924b68, 0x0)

7m7.312764302s ago: executing program 1 (id=987):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
eventfd(0x4)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x4, 0x4, 0x8, 0x40, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r4, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
bind$vsock_stream(r4, 0x0, 0x0)
listen(r4, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_ifreq(r6, 0x89fd, &(0x7f0000000100)={'bond0\x00', @ifru_names='pim6reg0\x00'})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @remote={0xac, 0x3}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x6, 0x16, 0x1, 0x0, [0x0, 0x0]}]}, 0x70}}, 0x0)

7m4.563398807s ago: executing program 1 (id=992):
iopl(0x3)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000647000/0x1000)=nil)
shutdown(0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000003d000d8632cd6bdccc8d0000047c0000040000000c00018006000600800a0000040002"], 0x28}}, 0xc000)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
preadv(r5, &(0x7f0000000100)=[{&(0x7f0000000140)=""/196, 0xc4}], 0x1, 0x200000, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmmsg(r7, &(0x7f00000055c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0xc}}], 0x1, 0x8844)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
poll(&(0x7f00000003c0)=[{r8}], 0x1, 0xfffffff9)

7m3.525324098s ago: executing program 1 (id=995):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000200)={0x1f, 0xffff, 0x3}, 0x62)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0xb09, 0x0, 0x25dfdbfb, {0x5}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffffbfffe9cc, 0xc, &(0x7f0000000000))
clock_adjtime(0x0, &(0x7f0000000040)={0x37db, 0xf423f, 0xfffffffffffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6})
clock_adjtime(0x0, &(0x7f0000000400)={0xd7, 0xb687, 0xc, 0x7336, 0x3, 0x0, 0x3, 0x5, 0x0, 0x8, 0x200, 0x37fc, 0x8001, 0x101, 0x8, 0x6, 0xc, 0x8000000000000001, 0xa, 0xf, 0x3, 0x1, 0x1, 0x9cf, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
add_key(&(0x7f0000000080)='big_key\x00', 0x0, &(0x7f0000000980)="475a251bdb", 0x5, 0xfffffffffffffffb)
mount$bind(0x0, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x189101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x3041008, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r3=>0xffffffffffffffff})
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00')
fchdir(r4)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d80000001e0081054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
utimes(&(0x7f0000002280)='./file0\x00', 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0xa, 0x7, 0x5})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r6=>r0, {0x9}}, './file0\x00'})
write$binfmt_misc(r6, &(0x7f0000000100)="6e5ac73101868b91a55823c9739f1978565349473deb1e8aed40471003c6311d6689330c8375e204ae4f4439400ea940bfdf8795eceffec08d2eda70784b84d44c4bf29a2a8a33e140df7d474210ed7f8e7565666e3b35cf666f335704de33281469cdbab63320172b0193d5fe5259ea9da04ddd27ebd12aa70c6151b7a2d0ed962c2e2c69f2ea929ce1a1ba9726f5c1fef61b61132ad33347ee166af7747157c559a9cbd89c81f0127399130b1a6c3627f1aebae7", 0xb5)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f00000004c0)={0x12})

7m3.143652736s ago: executing program 1 (id=998):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000040)=0x1, 0x4)
bind$unix(0xffffffffffffffff, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket(0xa, 0x6, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x4e23, 0x0, 'none\x00', 0x0, 0x80000}, 0x2c)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
syz_open_dev$hidraw(0x0, 0x5, 0x400040)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
readv(r5, 0x0, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
getsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0x4, 0x0, &(0x7f00000000c0))
r6 = socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYRES16=r6], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r7, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00'}, 0x18)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)

7m2.871921149s ago: executing program 1 (id=1000):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x40, 0x8, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000100)={0xffffff07, 0x101, "8acefd71a29b3bd75dfcded01ca22c933aa21bc1771f274fa66f62c1db0adad5", 0x4, 0x6d, 0xff, 0x8, 0x5, 0x4, 0x3ff, 0x1, [0x9, 0xfffff52c, 0xeed, 0x8]})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000080), &(0x7f0000000180)=@udp=r2, 0x1}, 0x20) (fail_nth: 1)

7m2.697667222s ago: executing program 32 (id=1000):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x40, 0x8, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000100)={0xffffff07, 0x101, "8acefd71a29b3bd75dfcded01ca22c933aa21bc1771f274fa66f62c1db0adad5", 0x4, 0x6d, 0xff, 0x8, 0x5, 0x4, 0x3ff, 0x1, [0x9, 0xfffff52c, 0xeed, 0x8]})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000080), &(0x7f0000000180)=@udp=r2, 0x1}, 0x20) (fail_nth: 1)

13.609890327s ago: executing program 3 (id=2277):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x23}, 0x800, 0x0, 0x2, 0x1, 0x0, 0x20}, 0x20)

13.401453059s ago: executing program 3 (id=2280):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="94000000", @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="7800028038000100240001006e6f746966795f70656572735f636f756e74000000000800000000000000000005000e000300000008"], 0x94}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840)

12.483390209s ago: executing program 3 (id=2283):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004001)
sendmsg$inet(r0, &(0x7f00000027c0)={0x0, 0xfddb, &(0x7f0000002740)=[{&(0x7f0000001500)="111a", 0x2}], 0x4b}, 0x4000)

12.282071966s ago: executing program 3 (id=2284):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_open_dev$dmmidi(&(0x7f0000000200), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r1, 0xc0245720, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="94000000", @ANYRES16=r2, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="7800028038000100240001006e6f746966795f70656572735f636f756e74000000000800000000000000000005000e000300000008"], 0x94}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=0x4)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r7=>0x0})
sendto$packet(r5, &(0x7f00000002c0)="12040500d3fc03fc01004788031c09100628", 0xfd35, 0x4, &(0x7f0000000140)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', <r8=>0x0})
r9 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000340), r6)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/bus/input/handlers\x00', 0x0, 0x0)
readv(r10, &(0x7f0000000080)=[{&(0x7f0000000100)=""/31, 0x1f}], 0x1)
r11 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r9)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r14=>0x0})
sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32=r14, @ANYBLOB="200001"], 0x38}}, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r10, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r11, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r14}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000020}, 0x24008862)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000580)={0x304, r2, 0x10, 0x70bd2d, 0x25dfdbfe, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r3}}}]}}, {{0x8, 0x1, r4}, {0x128, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffc}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}]}}, {{0x8, 0x1, r8}, {0x16c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7fffffff}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8001}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}]}}]}, 0x304}, 0x1, 0x0, 0x0, 0x800}, 0x1)

12.048179447s ago: executing program 3 (id=2288):
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000340)="5c000000010000", 0x7)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4800)
socket$nl_netfilter(0x10, 0x3, 0xc)

11.375512893s ago: executing program 0 (id=2293):
socket$key(0xf, 0x3, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x8000, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x0, 0x0, @mcast2}}}, 0x48)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r3, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000002c0)=""/59, 0x3b}], 0x1}}], 0x1, 0x2, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)

10.875760935s ago: executing program 3 (id=2297):
socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10e, 0x2, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000080)={0xa, 0x7, [{0xffffffff, 0x0, 0x10}, {0xfffffc00, 0x0, 0x7}, {0x2, 0x0, 0x7}, {0xc, 0x0, 0xbb8}, {0x7, 0x0, 0x9}, {0x8, 0x0, 0x7fff}, {0x65, 0x0, 0x40}, {0xcd, 0x0, 0x9}, {0x0, 0x0, 0x8b0}, {0x3, 0x0, 0x8}]})
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x7, 0x800000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3fe455fe)
syz_clone3(0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='net/vlan/vlan1\x00')
ftruncate(r2, 0x7fffffffffffffff)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000200)={0xfff, 0x0, 0xb, 0x82fb, 0x10, "f9ffffffffffffff"})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})

7.281525092s ago: executing program 5 (id=2303):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x24, r1, 0x801, 0x70bd21, 0x25ffdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}}, 0x20004804)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001280)=ANY=[@ANYBLOB="280000001000010400000000fcdbdf2500000000", @ANYRES32=r5, @ANYBLOB="026000000000000008000300", @ANYRESDEC=r5], 0x28}, 0x1, 0x8}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)) (async)
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x24, r1, 0x801, 0x70bd21, 0x25ffdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}}, 0x20004804) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x1, 0x803, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00'}) (async)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001280)=ANY=[@ANYBLOB="280000001000010400000000fcdbdf2500000000", @ANYRES32=r5, @ANYBLOB="026000000000000008000300", @ANYRESDEC=r5], 0x28}, 0x1, 0x8}, 0x0) (async)

7.280558422s ago: executing program 2 (id=2304):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x6, &(0x7f00000001c0)=0xffffffffffffffff, 0x80, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x5607, 0x38)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r3, 0x5607, 0x1)
ioctl$KDSETMODE(r3, 0x4b3a, 0x1)
ioctl$TCXONC(r3, 0x4b3a, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="180200000100000000000000000000001832000002000000000051763ee4adb88cf510768e3ac14e3e3c983cdc594d233e9153b87e0ffa5adaabf45d"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc4, &(0x7f0000000300)=""/196, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
fanotify_init(0x200, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0e00000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00eb00000000000000000000000000000000f000de6b6279002aa6aadec82836a2e8422d68378e254ec1a9700000000000000000000000000000a85b1fd179eb26738118d03dcc38db35aeaaa67edaf74942d7819b4a5f2a6ab1804ba9bbb7bfc85c79f98a7b8417096d5e1e1d466c0e85a5ea0447a9b1f14d0847b15bb93b030ebea83a85b76dd0205bad828e53b8eb2c637f134db829c24b2a0238264be71a655eacd44035b4b3eb31805e4cbb7410b6b24cb87d582c358f61e77bb2497e32a06c4c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=<r6=>r5, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='fd=', @ANYRES32=0x0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=r6, @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f00000021c0)={0x2020}, 0x2020)

7.212344382s ago: executing program 0 (id=2305):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0xb8, &(0x7f0000000200)=[{}, {}], 0x10, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0x83, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x7, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x10, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x0, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1a}}]}, &(0x7f0000000ac0)='syzkaller\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x20, 0xc, &(0x7f0000000400)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r3, @ANYRES32, @ANYRES32, @ANYRES8=0x0], &(0x7f0000000880)='GPL\x00', 0x0, 0x25, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="88000000", @ANYRES16=r4, @ANYBLOB="270e000000000000000004"], 0x88}, 0x1, 0x40030000000000}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r7, @ANYBLOB="0a000600080211000000000038005080080003000cac0f0011000100cabee339084eeef109002471f4000000080005"], 0x60}}, 0x0)

6.971559116s ago: executing program 5 (id=2306):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x600, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x38080862, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_mreq(r3, 0x29, 0x0, &(0x7f0000000040), &(0x7f00000000c0)=0x14)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = memfd_secret(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r5, r4, 0x2e, 0x4608, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r6, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sysfs(0xffffff9c, 0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xffffffffffffffe3, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x6}, {0x4, 0x3, 0x0, 0x1, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0xe}]}}]}, 0x60}}, 0x44080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
io_uring_setup(0x11bf, &(0x7f0000000a40)={0x0, 0x2d3b, 0x1, 0x0, 0x1d2})

6.619915097s ago: executing program 0 (id=2307):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$input_event(r1, &(0x7f00000004c0)={{}, 0x12}, 0x18)
setsockopt$netrom_NETROM_T2(0xffffffffffffffff, 0x103, 0x2, &(0x7f0000000040)=0x3ff, 0x4)
r2 = socket(0x1, 0x803, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f00000001c0)={0x7, 0x8004, 0x9f09, 0x4}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r7 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r7, &(0x7f0000000140)={'full'}, 0xfffffdef)
sendmsg$nl_route(r0, 0x0, 0x0)

6.027298319s ago: executing program 2 (id=2308):
ioperm(0x0, 0x9, 0x7)
io_setup(0x401, &(0x7f00000001c0)=<r0=>0x0)
io_pgetevents(r0, 0x4a6d730c7316a803, 0x4a6d730c7316a803, &(0x7f0000000240)=[{}, {}, {}, {}], &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000000)={&(0x7f00000000c0), 0x8})

4.010323848s ago: executing program 0 (id=2309):
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x143742, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000))
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r3, &(0x7f0000000080)=[{0xb, 0x0, 0xfe, 0xfd, @tick, {0x1, 0x8}, {0xe}, @result}], 0x1c)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, 0x3, 0x8, 0x401, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @fccp}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x85}]}, 0x20}}, 0x0)
unshare(0x28000400)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
r5 = creat(&(0x7f0000000140)='./file0\x00', 0x8)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x16)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r9 = dup(r8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r9, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x803}}, 0x50)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@local}, 0x0, @in=@local}}, &(0x7f00000001c0)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@aname}], [{@uid_gt={'uid>', r10}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@appraise}, {@euid_lt={'euid<', r10}}, {@appraise}, {@context={'context', 0x3d, 'root'}}, {@pcr={'pcr', 0x3d, 0x32}}], 0x6b}})
copy_file_range(r4, 0x0, r4, 0x0, 0x4, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="4c0000006d0001002cbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014003500766c616e30000000000000000000000018003480"], 0x4c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a40001e25f000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667df06dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
setns(r9, 0x20000)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000002140)={'wlan0\x00'})

3.836120311s ago: executing program 2 (id=2311):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x7c5f8f2f92ff25d2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000440)={0x6, 0x0, 0x8c1f, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2a, 0x0, 0xe, 0xfffffffffffffffc, 0x1, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000000000})
write(r0, &(0x7f00000001c0)="240000001a005f0400f9f4070009040180200000000000000000000800010000000000e8", 0x24)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0xd8}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000600)="27050200340f14000600002fb96dbcf706e10500000086ddffff1144ee162fd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000102821880b000000000000005743ce554b6df654cb0173677c4e2eaa2eb5035d135958831197684b763f499a2fafc724413afe7af5b53e61532895bae8d3f0f02cc4e729883f078a2552275a1486218834476323059f91a91c500e035c5c70afee9d16b5acd7cd4b94e3600c9c69aeb79e259488e089b1c59bc6fca826d38a7b3229ccd5b1bde01e63f1edd3c0f933e5c02936de55f2a4ee254bbe8aed1d2260c97783b615850d488b7f0c4a80715bed3cf1adb2dafb", 0xf5}, {0x0}, {&(0x7f0000000180)="34fb8fa8e6fc505f54a0d80d9f3b6484", 0x10}], 0x3}, 0x9cdc2384056b48b8)

3.707231487s ago: executing program 0 (id=2312):
socket$kcm(0x11, 0x200000000000002, 0x300)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000002f000000b7090000000000001801000020646c0a00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, 0x0, 0x20040800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket(0x200000100000011, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x3f0e0}, &(0x7f0000000040)=0x8)
listen(r3, 0x20000005)
landlock_restrict_self(0xffffffffffffffff, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

3.541394019s ago: executing program 5 (id=2313):
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xb0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(0xffffffffffffffff, 0x0, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x15)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300034700bb65e1c3c6ffff01000000010000005600000025000000190004000400000047fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$binderfs(0x0, 0x0, 0x0, 0x103c16, &(0x7f00000002c0)=ANY=[@ANYRES8=r3, @ANYRESDEC=r2, @ANYRESOCT=r2, @ANYRESDEC=r3, @ANYRES16=r2, @ANYRES64=r3, @ANYRES64=r2, @ANYRESOCT=r2, @ANYRES16=r2])
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000180)={0x9, 0x7c7, 0xb, 0x3, 0xa5, 0x30e, 0x7, 0x1}, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000080)=@x86={0x5, 0x1, 0x2, 0x0, 0x40, 0x6, 0xfb, 0x89, 0x18, 0xd, 0x7, 0x4, 0x0, 0x1000, 0x1000, 0x2, 0xc, 0x7, 0x19, '\x00', 0x3, 0x8000000000000001})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.395748342s ago: executing program 2 (id=2315):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x6, 0x0}, 0x3}, {0xa, 0x4, 0x0, @private2, 0x80000000}, r5, 0x8}}, 0x48)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r7, &(0x7f000001be80)={0x0, 0x0, &(0x7f000001be40)={&(0x7f0000000480)=@newchain={0xcc, 0x64, 0x800, 0x0, 0x0, {}, [@f_rsvp6={{0xa}, {0x9c, 0x2, [@TCA_RSVP_ACT={0x98, 0x6, [@m_mirred={0x94, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x65, 0x6, "c9884d8e16e9370d231296fe76063a8e6617cbdaef0ef28e2ece38f6b9798d3b2066f04efcd15734f711250c56f5629294b776497d6b0d2995306e1073d155b8a9b0e14f39058cb136b6a609c64a912f7aaf00f82ad3b3f78a6fa10efb4d9b5170"}, {0xc}, {0xc}}}]}]}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
recvmsg$can_j1939(r7, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001a00)=""/249, 0xf9}], 0x1}, 0x0)

2.180063063s ago: executing program 4 (id=2316):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
prlimit64(r0, 0x0, &(0x7f0000000040)={0x5, 0x5}, &(0x7f0000000080))

1.26058085s ago: executing program 4 (id=2317):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e21, @empty}}}, 0x0) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5) (async)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000240)={0xffffffffffffff82, 0x0, r5, {0x7, 0x1f, 0x0, 0x80282}}, 0x50) (async)
syz_fuse_handle_req(r4, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2039, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0xfffffffffffffff5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_fuse_handle_req(r4, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x28, 0xfffffffffffffff5, 0x71, {{0x2, 0x4000000000000, 0x1, r6}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) (async)
fcntl$lock(r0, 0x5, &(0x7f0000000200)={0x1})
socket$nl_generic(0x10, 0x3, 0x10) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r8}, 0x10) (async)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x46, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_on}, {@workdir={'workdir', 0x3d, './bus'}}, {@volatile}]})
chdir(&(0x7f00000000c0)='./bus\x00') (async)
creat(&(0x7f0000000440)='./file0\x00', 0x0)

1.202327845s ago: executing program 4 (id=2318):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0001800600060086dd0000040502"], 0x528}}, 0xc000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00'})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
pipe(&(0x7f0000000580))
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000e00)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local, {[@rr={0x7, 0x3, 0x12}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

1.116241455s ago: executing program 2 (id=2319):
ioperm(0x0, 0x9, 0x7)
io_setup(0x401, &(0x7f00000001c0))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
lseek(r0, 0x9, 0x1)
syz_io_uring_setup(0x55fb, &(0x7f0000000180)={0x0, 0x2fb3, 0xc6, 0x2, 0xe6}, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket(0x10, 0x3, 0x0)
recvmmsg(r2, &(0x7f0000002740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001a80)=""/7, 0x7}, 0xfffff107}], 0x1, 0x10122, 0x0)
setsockopt$sock_int(r2, 0x1, 0x10, &(0x7f0000000080)=0x1, 0xc21268d0491e3de4)
write(r2, &(0x7f0000000380)="240000001e005f0214e0ffffffffff8dd5d6d87c998ff807000000000000000000000003", 0x7e)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00020201"], 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[], 0xfc}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prctl$PR_SCHED_CORE(0x3e, 0x800000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7f, 0x8000)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x101b}})
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r6, 0x84, 0x21, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r6, 0x84, 0x6b, &(0x7f00000002c0)=[@in={0x2, 0x0, @rand_addr=0x64010101}, @in6={0xa, 0x4e22, 0x3, @mcast1, 0x4}, @in6={0xa, 0x4e22, 0xfff, @private2, 0x28000}], 0x48)
setsockopt(r6, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
readv(r6, &(0x7f0000000c80)=[{&(0x7f0000000a80)=""/214, 0xd6}], 0x1)
socket$inet6(0xa, 0x80002, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @multicast2}, 0x10)

1.022965167s ago: executing program 5 (id=2320):
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x1000000, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

1.010175004s ago: executing program 0 (id=2321):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb010018622d4f2317aeb0bffad51860bd000000000000001800000018000000030000000200000000000003000000000000"], 0x0, 0x33, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b0000000000000000fbfa38ffa470a34dce6a1000"/30, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000045b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r2 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
timer_create(0x2, &(0x7f0000000180)={0x0, 0x4, 0x4, @tid=r2}, &(0x7f0000000140))
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)
socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd9, 0x72, 0xa4, 0x40, 0x20b7, 0x1540, 0xb75a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r7, 0x0, 0x0, 0x1000f8)
sendfile(r7, r7, 0x0, 0x100000008)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)

886.959687ms ago: executing program 4 (id=2322):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x2c, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='\x00'}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x8, 0x49, [0xfac01]}]]}, 0x2c}}, 0x0)
getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, &(0x7f0000000000)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000140)=0x28)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r4, &(0x7f00000023c0)=[{{&(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000040)="1246", 0x2}, {0x0}], 0x2}}], 0x1, 0x8810)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000001108000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

280.092043ms ago: executing program 4 (id=2323):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRES8=r0], 0xcfa4)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x4000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xd50, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

211.714218ms ago: executing program 5 (id=2324):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c40000001900674c0000000000000000fc000000000000000000000000000002e000000200000000000000000000000000000006000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000fcffffffffffffff0000000000000000000000000000000000000000000100000000000000000000000400000000200000010000000000000a0010000100000000000000"], 0xc4}}, 0x4c050)
syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6000000000140600fe8000000000000000000000000000aafe8000000000000000000000000000aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500060fd3eb8000093945f5bf00988f602de69292ebcdd6eb58c924c1e0ac2e0a649b8a5a79f032ae4c1a44532f2ba6dceb59485fa4ed3a438ca92"], 0x0)

115.10837ms ago: executing program 2 (id=2325):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448dc, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="060000000000000002004e25e000000200000000000000000000000000000000f2ffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000001000012cadd628c61946aac1e0001000000000000000000000000000000000000000000000000000000000000000035ce6784000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002768dfbe4f47000000000000000000000000000000000000000000000000000000ed1f18e791ba63ed25bb2468d5dbcb74628bb37f2b36b89f229342feb03b8d4678924b5c0a8ba0ac0a2088a0b19724981db8b1d1af08049f9ba2e4a5a51ab1484dadd1cc4ff7d4283f2ededb66"], 0x10c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x51}, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="74050000003d66602c7266646e6f3d", @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',k'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x10)
quotactl_fd$Q_SETQUOTA(r1, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x3, 0x0, 0x0, 0xfefe})
splice(r1, 0x0, r2, 0x0, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x6, 0x200040)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r6, 0x80045700, &(0x7f00000001c0))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8b30, &(0x7f0000000400)={'wlan0\x00'})
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r11 = dup(r10)
write$UHID_INPUT(r11, &(0x7f0000001040)={0xfc, {"a2e3ad21ed0d09f91b25090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f330063090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f336e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3e0a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a624272643470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc78708000000cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210380106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c101e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d13768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b20c2fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b07c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72565ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa76893974d000000008f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x1000}}, 0x1006)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x5, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

68.728204ms ago: executing program 4 (id=2326):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000800)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r0, &(0x7f0000000c40)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445", 0x4fe, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=2327):
syz_emit_ethernet(0x3a, &(0x7f0000000e00)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local, {[@rr={0x7, 0x3, 0x12}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

s `syz.3.1841'.
[  658.166049][ T3159] usb 5-1: Using ep0 maxpacket: 16
[  658.172612][ T3159] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  658.182525][ T3159] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  658.202559][ T3159] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  658.245645][T12998] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input79
[  658.282168][ T3159] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  658.299934][ T3159] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.456029][ T3159] usb 5-1: Product: syz
[  658.492042][ T3159] usb 5-1: Manufacturer: syz
[  658.535069][ T3159] usb 5-1: SerialNumber: syz
[  661.548537][ T3159] usb 5-1: 0:2 : does not exist
[  661.561704][ T3159] usb 5-1: USB disconnect, device number 40
[  661.995404][ T5902] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  662.195704][ T5902] usb 1-1: Using ep0 maxpacket: 32
[  662.276526][ T5839] udevd[5839]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  662.308469][ T5902] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  662.316692][ T5902] usb 1-1: config 0 has no interface number 0
[  662.322814][ T5902] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  662.384075][ T5902] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  662.429326][ T5902] usb 1-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  662.465568][ T5902] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  662.498535][ T5902] usb 1-1: config 0 descriptor??
[  663.557922][ T5902] uclogic 0003:28BD:0094.0012: pen parameters not found
[  663.565228][ T5902] uclogic 0003:28BD:0094.0012: interface is invalid, ignoring
[  663.991325][T13067] netlink: 'syz.4.1864': attribute type 6 has an invalid length.
[  664.765444][ T5902] usb 1-1: USB disconnect, device number 50
[  665.159993][T13084] Bluetooth: hci5: Frame reassembly failed (-84)
[  665.748836][T13087] Smack: duplicate mount options
[  665.772144][ T5975] Bluetooth: hci5: Frame reassembly failed (-84)
[  666.217676][T13090] batadv0: entered promiscuous mode
[  666.223894][T13090] 8021q: adding VLAN 0 to HW filter on device batadv0
[  666.934820][T13095] FAULT_INJECTION: forcing a failure.
[  666.934820][T13095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  666.949222][T13095] CPU: 1 UID: 0 PID: 13095 Comm: syz.4.1870 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  666.960006][T13095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  666.970178][T13095] Call Trace:
[  666.973479][T13095]  <TASK>
[  666.976426][T13095]  dump_stack_lvl+0x241/0x360
[  666.981136][T13095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  666.986360][T13095]  ? __pfx__printk+0x10/0x10
[  666.990975][T13095]  ? __pfx_lock_release+0x10/0x10
[  666.996030][T13095]  should_fail_ex+0x3b0/0x4e0
[  667.000735][T13095]  _copy_from_iter+0x1e9/0x1c20
[  667.005613][T13095]  ? __virt_addr_valid+0x183/0x530
[  667.010759][T13095]  ? __alloc_skb+0x28f/0x440
[  667.015383][T13095]  ? __pfx__copy_from_iter+0x10/0x10
[  667.020787][T13095]  ? __virt_addr_valid+0x183/0x530
[  667.025924][T13095]  ? __virt_addr_valid+0x183/0x530
[  667.031058][T13095]  ? __virt_addr_valid+0x45f/0x530
[  667.036192][T13095]  ? __phys_addr_symbol+0x2f/0x70
[  667.041243][T13095]  ? __check_object_size+0x47a/0x730
[  667.046564][T13095]  netlink_sendmsg+0x73d/0xcb0
[  667.051369][T13095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  667.056688][T13095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  667.062009][T13095]  __sock_sendmsg+0x221/0x270
[  667.066719][T13095]  ____sys_sendmsg+0x52a/0x7e0
[  667.071509][T13095]  ? __pfx_____sys_sendmsg+0x10/0x10
[  667.076814][T13095]  ? __fget_files+0x2a/0x410
[  667.081428][T13095]  ? __fget_files+0x2a/0x410
[  667.086050][T13095]  __sys_sendmsg+0x269/0x350
[  667.090664][T13095]  ? __pfx_lock_release+0x10/0x10
[  667.095711][T13095]  ? __pfx___sys_sendmsg+0x10/0x10
[  667.100967][T13095]  ? __pfx_vfs_write+0x10/0x10
[  667.105869][T13095]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  667.112232][T13095]  ? do_syscall_64+0x100/0x230
[  667.117048][T13095]  ? do_syscall_64+0xb6/0x230
[  667.121757][T13095]  do_syscall_64+0xf3/0x230
[  667.126286][T13095]  ? clear_bhb_loop+0x35/0x90
[  667.130987][T13095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.136912][T13095] RIP: 0033:0x7f8fb5985d19
[  667.141356][T13095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  667.160996][T13095] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  667.169439][T13095] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  667.177435][T13095] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000008
[  667.185436][T13095] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  667.193431][T13095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  667.201413][T13095] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  667.209409][T13095]  </TASK>
[  667.515531][ T5833] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  668.005499][ T9930] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  668.225673][ T9930] usb 5-1: unable to get BOS descriptor or descriptor too short
[  668.234814][ T9930] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  668.261410][ T9930] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  668.282232][ T9930] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  668.298777][ T9930] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  668.326106][ T9930] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  668.335909][ T9930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  668.343937][ T9930] usb 5-1: Product: syz
[  668.360614][ T9930] usb 5-1: Manufacturer: syz
[  668.365251][ T9930] usb 5-1: SerialNumber: syz
[  668.669339][ T9930] cdc_ncm 5-1:1.0: skipping garbage
[  668.678676][ T9930] cdc_ncm 5-1:1.0: skipping garbage
[  668.684009][ T9930] cdc_ncm 5-1:1.0: invalid descriptor buffer length
[  668.718987][ T9930] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  668.741041][ T9930] cdc_ncm 5-1:1.0: bind() failure
[  668.763545][ T9930] usb 5-1: USB disconnect, device number 41
[  669.647915][T13097] syz.5.1871 (13097) used greatest stack depth: 18608 bytes left
[  671.847597][T13155] batadv1: entered promiscuous mode
[  671.853675][T13155] 8021q: adding VLAN 0 to HW filter on device batadv1
[  671.953827][    T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  672.185396][    T9] usb 6-1: Using ep0 maxpacket: 8
[  672.192674][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[  672.203418][    T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  672.229733][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  672.252378][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  672.281348][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  672.309905][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  672.332823][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 0
[  672.343964][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  672.381514][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 48059, setting to 1024
[  672.396338][T13164] kvm: emulating exchange as write
[  672.523934][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 1024
[  672.547414][    T9] usb 6-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  672.556707][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.564759][    T9] usb 6-1: Product: syz
[  672.571695][    T9] usb 6-1: Manufacturer: syz
[  672.578492][    T9] usb 6-1: SerialNumber: syz
[  672.603822][    T9] usb 6-1: config 0 descriptor??
[  672.622544][T13147] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  672.669569][    T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  672.799695][    T9] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -12
[  672.858136][ T8248] udevd[8248]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  672.910133][ T9930] usb 6-1: USB disconnect, device number 18
[  673.858955][T13184] kvm: pic: level sensitive irq not supported
[  673.859301][T13184] kvm: pic: non byte read
[  675.769171][T13203] FAULT_INJECTION: forcing a failure.
[  675.769171][T13203] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  675.875483][ T9930] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  675.925952][T13203] CPU: 1 UID: 0 PID: 13203 Comm: syz.2.1900 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  675.936770][T13203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  675.946850][T13203] Call Trace:
[  675.950154][T13203]  <TASK>
[  675.953111][T13203]  dump_stack_lvl+0x241/0x360
[  675.957818][T13203]  ? __pfx_dump_stack_lvl+0x10/0x10
[  675.963041][T13203]  ? __pfx__printk+0x10/0x10
[  675.967664][T13203]  ? snprintf+0xda/0x120
[  675.971934][T13203]  should_fail_ex+0x3b0/0x4e0
[  675.976659][T13203]  _copy_to_user+0x31/0xb0
[  675.981111][T13203]  simple_read_from_buffer+0xca/0x150
[  675.986520][T13203]  proc_fail_nth_read+0x1e9/0x250
[  675.991589][T13203]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  675.997184][T13203]  ? rw_verify_area+0x55e/0x6f0
[  676.002070][T13203]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  676.007657][T13203]  vfs_read+0x1fc/0xb70
[  676.011858][T13203]  ? __pfx___mutex_lock+0x10/0x10
[  676.017015][T13203]  ? __pfx_vfs_read+0x10/0x10
[  676.021729][T13203]  ? __fget_files+0x2a/0x410
[  676.026352][T13203]  ? __fget_files+0x395/0x410
[  676.031060][T13203]  ? __fget_files+0x2a/0x410
[  676.035689][T13203]  ksys_read+0x18f/0x2b0
[  676.039975][T13203]  ? __pfx_ksys_read+0x10/0x10
[  676.044773][T13203]  ? do_syscall_64+0x100/0x230
[  676.049572][T13203]  ? do_syscall_64+0xb6/0x230
[  676.054284][T13203]  do_syscall_64+0xf3/0x230
[  676.058823][T13203]  ? clear_bhb_loop+0x35/0x90
[  676.063630][T13203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.069565][T13203] RIP: 0033:0x7f51b7f8472c
[  676.074011][T13203] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  676.093645][T13203] RSP: 002b:00007f51b8dfe030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  676.102098][T13203] RAX: ffffffffffffffda RBX: 00007f51b8175fa0 RCX: 00007f51b7f8472c
[  676.110103][T13203] RDX: 000000000000000f RSI: 00007f51b8dfe0a0 RDI: 0000000000000005
[  676.118103][T13203] RBP: 00007f51b8dfe090 R08: 0000000000000000 R09: 0000000000000000
[  676.126102][T13203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.134104][T13203] R13: 0000000000000000 R14: 00007f51b8175fa0 R15: 00007ffc20e60f38
[  676.142123][T13203]  </TASK>
[  676.160735][T13208] batadv1: entered promiscuous mode
[  676.176305][T13208] 8021q: adding VLAN 0 to HW filter on device batadv1
[  676.291517][ T9930] usb 6-1: Using ep0 maxpacket: 32
[  676.312351][ T9930] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  676.339143][ T9930] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  676.351535][ T9930] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  676.383330][ T9930] usb 6-1: Product: syz
[  676.401098][ T9930] usb 6-1: Manufacturer: syz
[  676.417521][ T9930] usb 6-1: SerialNumber: syz
[  676.602615][ T9930] usb 6-1: config 0 descriptor??
[  676.620322][T13201] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  676.636102][    T9] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  676.825616][    T9] usb 3-1: Using ep0 maxpacket: 8
[  676.863178][    T9] usb 3-1: no configurations
[  676.925672][    T9] usb 3-1: can't read configurations, error -22
[  677.158746][T13201] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«QhQÿNd
[  677.275171][ T9930] usb 6-1: USB disconnect, device number 19
[  677.315620][    T9] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  677.535701][    T9] usb 3-1: Using ep0 maxpacket: 8
[  677.548201][    T9] usb 3-1: no configurations
[  677.552813][    T9] usb 3-1: can't read configurations, error -22
[  677.956049][    T9] usb usb3-port1: attempt power cycle
[  678.912845][T13233] xt_limit: Overflow, try lower: 4294967295/4294966784
[  679.008798][T13234] xt_limit: Overflow, try lower: 4294967295/4294966784
[  679.485567][    T9] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  679.539003][    T9] usb 3-1: device descriptor read/8, error -71
[  680.286573][T13254] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1912'.
[  681.076332][T13260] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1914'.
[  681.223115][T13265] batadv1: entered promiscuous mode
[  681.250649][T13265] 8021q: adding VLAN 0 to HW filter on device batadv1
[  681.325451][ T9930] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  681.370031][T13269] overlayfs: missing 'lowerdir'
[  681.528850][ T9930] usb 4-1: config 0 interface 0 has no altsetting 0
[  681.545562][ T9930] usb 4-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=de.ad
[  681.554782][ T9930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  681.752712][ T9930] usb 4-1: config 0 descriptor??
[  681.797225][ T9930] usb 4-1: selecting invalid altsetting 0
[  681.803430][ T9930] usb 4-1: can't set first interface for hiFace device.
[  681.810982][ T9930] snd-usb-hiface 4-1:0.0: probe with driver snd-usb-hiface failed with error -5
[  682.493504][T13279] xt_limit: Overflow, try lower: 4294967295/4294966784
[  683.428423][ T5902] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  683.768013][T13289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.777013][T13289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  683.845547][T13289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.893589][T13289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  684.106829][T13295] batadv3: entered promiscuous mode
[  684.211512][T13295] 8021q: adding VLAN 0 to HW filter on device batadv3
[  684.225411][ T5902] usb 5-1: Using ep0 maxpacket: 8
[  684.232365][ T5902] usb 5-1: no configurations
[  684.237422][ T5902] usb 5-1: can't read configurations, error -22
[  684.481245][T13297] netlink: 'syz.5.1925': attribute type 10 has an invalid length.
[  684.485439][ T5902] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  684.527009][T13297] 8021q: adding VLAN 0 to HW filter on device team0
[  684.536066][T13297] bond0: (slave team0): Enslaving as an active interface with an up link
[  684.589403][T13297] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:1428:deff:fe64:44ab error=-28
[  684.613813][T13300] Smack: duplicate mount options
[  684.645446][ T5902] usb 5-1: Using ep0 maxpacket: 8
[  684.662204][ T5902] usb 5-1: no configurations
[  684.667813][ T5902] usb 5-1: can't read configurations, error -22
[  684.679787][ T5902] usb usb5-port1: attempt power cycle
[  685.055776][ T5902] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  685.142640][ T5902] usb 5-1: Using ep0 maxpacket: 8
[  685.154731][ T5902] usb 5-1: no configurations
[  685.172011][ T5902] usb 5-1: can't read configurations, error -22
[  685.267898][    T9] usb 4-1: USB disconnect, device number 33
[  685.318000][ T5902] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  685.346758][ T5902] usb 5-1: Using ep0 maxpacket: 8
[  685.352552][ T5902] usb 5-1: no configurations
[  685.375538][ T5902] usb 5-1: can't read configurations, error -22
[  685.382266][ T5902] usb usb5-port1: unable to enumerate USB device
[  685.390549][T13310] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1927'.
[  685.506028][T13297] infiniband syz1: set active
[  685.513703][T13297] infiniband syz1: added team_slave_0
[  685.520914][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  685.522121][T13297] syz1: rxe_create_cq: returned err = -12
[  685.527589][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  685.533645][T13297] infiniband syz1: Couldn't create ib_mad CQ
[  685.546041][T13297] infiniband syz1: Couldn't open port 1
[  685.690261][T13297] RDS/IB: syz1: added
[  685.717148][T13297] smc: adding ib device syz1 with port count 1
[  685.737437][T13297] smc:    ib device syz1 port 1 has pnetid 
[  687.075518][T13271] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  687.227090][T13271] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  687.245719][ T9930] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  687.274100][T13271] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  687.325475][T13271] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  687.385502][T13271] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  687.415256][T13271] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  687.431450][ T9930] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  687.464099][ T9930] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  687.530371][T13271] usb 1-1: config 0 descriptor??
[  687.552096][T13333] xt_limit: Overflow, try lower: 4294967295/4294966784
[  687.654054][ T9930] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  687.853059][ T9930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.096301][T13322] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  688.108642][ T9930] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  688.187082][T13271] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  688.195219][T13271] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  688.216979][T13271] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  688.415613][    T9] usb 5-1: USB disconnect, device number 46
[  688.525798][T13271] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  688.553640][T13343] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1929'.
[  688.671731][T13341] netlink: 248 bytes leftover after parsing attributes in process `syz.4.1931'.
[  688.689899][T13341] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1931'.
[  688.698914][T13271] usb 4-1: Using ep0 maxpacket: 16
[  688.701504][T13271] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  688.720626][T13341] netlink: 227 bytes leftover after parsing attributes in process `syz.4.1931'.
[  688.725599][T13271] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  688.750843][T13271] usb 4-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice= 0.00
[  688.760423][T13271] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.771370][T13271] usb 4-1: config 0 descriptor??
[  688.956278][   T29] audit: type=1326 audit(1734188644.212:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13321 comm="syz.4.1931" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8fb5985d19 code=0x0
[  689.293817][T13343] team0 (unregistering): Port device team_slave_0 removed
[  689.317627][T13343] infiniband syz2: set down
[  689.326461][T13343] team0 (unregistering): Port device team_slave_1 removed
[  689.411119][T13271] apple 0003:05AC:0274.0014: unknown main item tag 0x0
[  689.436087][T13271] apple 0003:05AC:0274.0014: hidraw1: USB HID v0.00 Device [HID 05ac:0274] on usb-dummy_hcd.3-1/input0
[  689.612780][ T5873] usb 4-1: USB disconnect, device number 34
[  689.853689][T13357] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1938'.
[  690.615899][    T9] usb 1-1: USB disconnect, device number 51
[  691.092466][T13366] fuse: Unknown parameter 'd'
[  691.097429][   T29] audit: type=1326 audit(1734188646.462:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.209120][   T29] audit: type=1326 audit(1734188646.472:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.279775][   T29] audit: type=1326 audit(1734188646.472:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.586729][   T29] audit: type=1326 audit(1734188646.472:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.651413][   T29] audit: type=1326 audit(1734188646.472:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.679401][   T29] audit: type=1326 audit(1734188646.472:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.701261][   T29] audit: type=1326 audit(1734188646.472:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.723137][   T29] audit: type=1326 audit(1734188646.482:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  691.782311][   T29] audit: type=1326 audit(1734188646.482:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13362 comm="syz.0.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2035585d19 code=0x7ffc0000
[  693.656207][T13383] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  693.702411][T13383] overlayfs: failed to resolve './file1': -2
[  694.314413][T13407] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1950'.
[  694.390619][T13411] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1953'.
[  694.951889][    T9] hid-generic 0000:0D16:0000.0015: unknown main item tag 0x0
[  694.959538][    T9] hid-generic 0000:0D16:0000.0015: unknown main item tag 0x0
[  695.082180][    T9] hid-generic 0000:0D16:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  696.725722][T13454] xt_limit: Overflow, try lower: 4294967295/4294966784
[  697.046198][T13271] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  697.252113][T13462] netlink: 'syz.4.1966': attribute type 10 has an invalid length.
[  697.993913][T13271] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  698.018095][T13271] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  698.088404][ T5872] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  698.163749][T13271] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  698.271445][T13271] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.346273][ T5872] usb 6-1: Using ep0 maxpacket: 32
[  698.403916][T13271] usb 1-1: config 0 descriptor??
[  698.456290][ T5872] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  698.507113][T13474] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1969'.
[  698.553262][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.586489][ T5872] usb 6-1: config 0 descriptor??
[  698.616490][ T5872] gspca_main: nw80x-2.14.0 probing 055f:d001
[  698.729681][T13483] FAULT_INJECTION: forcing a failure.
[  698.729681][T13483] name failslab, interval 1, probability 0, space 0, times 0
[  698.754946][T13483] CPU: 0 UID: 0 PID: 13483 Comm: syz.4.1972 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  698.765767][T13483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  698.775856][T13483] Call Trace:
[  698.779154][T13483]  <TASK>
[  698.782095][T13483]  dump_stack_lvl+0x241/0x360
[  698.786785][T13483]  ? __pfx_dump_stack_lvl+0x10/0x10
[  698.791997][T13483]  ? __pfx__printk+0x10/0x10
[  698.796590][T13483]  ? __kmalloc_cache_noprof+0x48/0x390
[  698.802053][T13483]  ? __pfx___might_resched+0x10/0x10
[  698.807347][T13483]  should_fail_ex+0x3b0/0x4e0
[  698.812031][T13483]  should_failslab+0xac/0x100
[  698.816717][T13483]  __kmalloc_cache_noprof+0x70/0x390
[  698.822002][T13483]  ? hci_bdaddr_list_add+0x1e6/0x370
[  698.827301][T13483]  hci_bdaddr_list_add+0x1e6/0x370
[  698.832426][T13483]  ? __pfx_hci_bdaddr_list_add+0x10/0x10
[  698.838096][T13483]  ? __might_fault+0xc6/0x120
[  698.842783][T13483]  hci_sock_reject_list_add+0xd5/0x130
[  698.848255][T13483]  ? __pfx_hci_sock_reject_list_add+0x10/0x10
[  698.854326][T13483]  ? hci_sock_ioctl+0x735/0xa80
[  698.859192][T13483]  ? bpf_lsm_capable+0x9/0x10
[  698.863871][T13483]  ? security_capable+0x7e/0x2d0
[  698.868821][T13483]  hci_sock_ioctl+0x9af/0xa80
[  698.873503][T13483]  sock_do_ioctl+0x158/0x460
[  698.878101][T13483]  ? __pfx_smack_log+0x10/0x10
[  698.882886][T13483]  ? __pfx_sock_do_ioctl+0x10/0x10
[  698.888015][T13483]  ? smk_tskacc+0x300/0x370
[  698.892567][T13483]  ? smack_file_ioctl+0x29e/0x3a0
[  698.897605][T13483]  sock_ioctl+0x626/0x8e0
[  698.901943][T13483]  ? __pfx_sock_ioctl+0x10/0x10
[  698.906824][T13483]  ? __fget_files+0x2a/0x410
[  698.911415][T13483]  ? __fget_files+0x2a/0x410
[  698.916005][T13483]  ? __pfx_sock_ioctl+0x10/0x10
[  698.920858][T13483]  __se_sys_ioctl+0xf5/0x170
[  698.925450][T13483]  do_syscall_64+0xf3/0x230
[  698.929956][T13483]  ? clear_bhb_loop+0x35/0x90
[  698.934730][T13483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  698.940627][T13483] RIP: 0033:0x7f8fb5985d19
[  698.945040][T13483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  698.964757][T13483] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  698.973182][T13483] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  698.981169][T13483] RDX: 0000000020000000 RSI: 00000000400448e6 RDI: 0000000000000007
[  698.989152][T13483] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  698.997122][T13483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  699.005089][T13483] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  699.013094][T13483]  </TASK>
[  699.016256][    C0] vkms_vblank_simulate: vblank timer overrun
[  699.024968][T13271] keytouch 0003:0926:3333.0016: fixing up Keytouch IEC report descriptor
[  699.038391][T13271] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0016/input/input85
[  699.048676][T13470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  699.088840][T13470] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  699.157438][ T5872] gspca_nw80x: reg_w err -110
[  699.165201][T13271] keytouch 0003:0926:3333.0016: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  699.182256][ T5872] nw80x 6-1:0.0: probe with driver nw80x failed with error -110
[  699.224910][ T5872] usb 6-1: USB disconnect, device number 20
[  699.416088][    T8] usb 1-1: USB disconnect, device number 52
[  700.651791][T13494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1974'.
[  700.666671][T13494] IPVS: Error joining to the multicast group
[  701.692573][T13504] Smack: duplicate mount options
[  704.434924][T13541] netlink: 'syz.4.1987': attribute type 1 has an invalid length.
[  704.552852][T13544] Smack: duplicate mount options
[  705.612824][    T8] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  705.776944][    T8] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  705.787451][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.803409][T13562] FAULT_INJECTION: forcing a failure.
[  705.803409][T13562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  705.822590][    T8] usb 5-1: config 0 descriptor??
[  705.828356][T13562] CPU: 0 UID: 0 PID: 13562 Comm: syz.5.1992 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  705.839159][T13562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  705.849234][T13562] Call Trace:
[  705.852526][T13562]  <TASK>
[  705.855457][T13562]  dump_stack_lvl+0x241/0x360
[  705.860159][T13562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  705.865377][T13562]  ? __pfx__printk+0x10/0x10
[  705.869988][T13562]  ? __pfx_lock_release+0x10/0x10
[  705.875037][T13562]  should_fail_ex+0x3b0/0x4e0
[  705.879746][T13562]  _copy_from_iter+0x1e9/0x1c20
[  705.884610][T13562]  ? __virt_addr_valid+0x183/0x530
[  705.889743][T13562]  ? __alloc_skb+0x28f/0x440
[  705.894353][T13562]  ? __pfx__copy_from_iter+0x10/0x10
[  705.899651][T13562]  ? __virt_addr_valid+0x183/0x530
[  705.904784][T13562]  ? __virt_addr_valid+0x183/0x530
[  705.909903][T13562]  ? __virt_addr_valid+0x45f/0x530
[  705.915054][T13562]  ? __phys_addr_symbol+0x2f/0x70
[  705.920101][T13562]  ? __check_object_size+0x47a/0x730
[  705.925419][T13562]  netlink_sendmsg+0x73d/0xcb0
[  705.930203][T13562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  705.935509][T13562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  705.940800][T13562]  __sock_sendmsg+0x221/0x270
[  705.945501][T13562]  ____sys_sendmsg+0x52a/0x7e0
[  705.950307][T13562]  ? __pfx_____sys_sendmsg+0x10/0x10
[  705.955617][T13562]  ? __fget_files+0x2a/0x410
[  705.960234][T13562]  ? __fget_files+0x2a/0x410
[  705.964838][T13562]  __sys_sendmsg+0x269/0x350
[  705.969444][T13562]  ? __pfx_lock_release+0x10/0x10
[  705.974477][T13562]  ? __pfx___sys_sendmsg+0x10/0x10
[  705.979611][T13562]  ? __pfx_vfs_write+0x10/0x10
[  705.984398][T13562]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  705.990747][T13562]  ? do_syscall_64+0x100/0x230
[  705.995533][T13562]  ? do_syscall_64+0xb6/0x230
[  706.000225][T13562]  do_syscall_64+0xf3/0x230
[  706.004740][T13562]  ? clear_bhb_loop+0x35/0x90
[  706.009411][T13562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  706.015322][T13562] RIP: 0033:0x7f0421585d19
[  706.019742][T13562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  706.039344][T13562] RSP: 002b:00007f042238b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  706.047755][T13562] RAX: ffffffffffffffda RBX: 00007f0421775fa0 RCX: 00007f0421585d19
[  706.055731][T13562] RDX: 0000000004000080 RSI: 00000000200002c0 RDI: 0000000000000003
[  706.063717][T13562] RBP: 00007f042238b090 R08: 0000000000000000 R09: 0000000000000000
[  706.071696][T13562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  706.079671][T13562] R13: 0000000000000000 R14: 00007f0421775fa0 R15: 00007ffc2f1f5e68
[  706.087659][T13562]  </TASK>
[  706.090775][    C0] vkms_vblank_simulate: vblank timer overrun
[  706.366687][    T8] [drm] vendor descriptor length:6 data:06 5f 01 64 11 1c 00 00 00 00 00
[  706.379737][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  706.861775][    T8] [drm:udl_init] *ERROR* Selecting channel failed
[  706.989997][    T8] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  706.997226][    T8] [drm] Initialized udl on minor 2
[  707.005242][    T8] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  707.036750][    T8] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  707.057566][ T5872] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  707.071732][ T5872] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  707.081550][ T5872] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  707.105539][    T8] usb 5-1: USB disconnect, device number 47
[  707.559799][T13578] 9pnet_fd: Insufficient options for proto=fd
[  709.048308][T13599] openvswitch: netlink: Missing key (keys=40, expected=100)
[  709.212366][T13600] veth0_to_bridge: entered promiscuous mode
[  709.960232][T13618] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2007'.
[  710.626760][T13598] veth0_to_bridge: left promiscuous mode
[  710.885645][T13625] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2010'.
[  711.010940][T13626] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  711.033871][T13626] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  711.058536][T13626] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  712.898033][T13674] FAULT_INJECTION: forcing a failure.
[  712.898033][T13674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  712.911517][T13674] CPU: 0 UID: 0 PID: 13674 Comm: syz.2.2020 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  712.922318][T13674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  712.932411][T13674] Call Trace:
[  712.935719][T13674]  <TASK>
[  712.938677][T13674]  dump_stack_lvl+0x241/0x360
[  712.943392][T13674]  ? __pfx_dump_stack_lvl+0x10/0x10
[  712.948625][T13674]  ? __pfx__printk+0x10/0x10
[  712.953252][T13674]  ? __pfx_lock_release+0x10/0x10
[  712.958326][T13674]  should_fail_ex+0x3b0/0x4e0
[  712.963122][T13674]  _copy_from_iter+0x1e9/0x1c20
[  712.968089][T13674]  ? __virt_addr_valid+0x183/0x530
[  712.973239][T13674]  ? __alloc_skb+0x28f/0x440
[  712.977869][T13674]  ? __pfx__copy_from_iter+0x10/0x10
[  712.983187][T13674]  ? __virt_addr_valid+0x183/0x530
[  712.988379][T13674]  ? __virt_addr_valid+0x183/0x530
[  712.993517][T13674]  ? __virt_addr_valid+0x45f/0x530
[  712.998655][T13674]  ? __phys_addr_symbol+0x2f/0x70
[  713.003706][T13674]  ? __check_object_size+0x47a/0x730
[  713.009201][T13674]  netlink_sendmsg+0x73d/0xcb0
[  713.014087][T13674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  713.019411][T13674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  713.024723][T13674]  __sock_sendmsg+0x221/0x270
[  713.029485][T13674]  ____sys_sendmsg+0x52a/0x7e0
[  713.034283][T13674]  ? __pfx_____sys_sendmsg+0x10/0x10
[  713.039600][T13674]  ? __fget_files+0x2a/0x410
[  713.044217][T13674]  ? __fget_files+0x2a/0x410
[  713.048845][T13674]  __sys_sendmsg+0x269/0x350
[  713.053494][T13674]  ? __pfx_lock_release+0x10/0x10
[  713.058552][T13674]  ? __pfx___sys_sendmsg+0x10/0x10
[  713.063699][T13674]  ? __pfx_vfs_write+0x10/0x10
[  713.068515][T13674]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  713.074868][T13674]  ? do_syscall_64+0x100/0x230
[  713.079669][T13674]  ? do_syscall_64+0xb6/0x230
[  713.084382][T13674]  do_syscall_64+0xf3/0x230
[  713.088926][T13674]  ? clear_bhb_loop+0x35/0x90
[  713.093630][T13674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.099557][T13674] RIP: 0033:0x7f51b7f85d19
[  713.103994][T13674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.123631][T13674] RSP: 002b:00007f51b8dfe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  713.132081][T13674] RAX: ffffffffffffffda RBX: 00007f51b8175fa0 RCX: 00007f51b7f85d19
[  713.140078][T13674] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  713.148051][T13674] RBP: 00007f51b8dfe090 R08: 0000000000000000 R09: 0000000000000000
[  713.156026][T13674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.163994][T13674] R13: 0000000000000000 R14: 00007f51b8175fa0 R15: 00007ffc20e60f38
[  713.171976][T13674]  </TASK>
[  713.175108][    C0] vkms_vblank_simulate: vblank timer overrun
[  713.244300][T13679] FAULT_INJECTION: forcing a failure.
[  713.244300][T13679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  713.257707][T13679] CPU: 0 UID: 0 PID: 13679 Comm: syz.3.2022 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  713.268588][T13679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  713.278669][T13679] Call Trace:
[  713.281968][T13679]  <TASK>
[  713.284933][T13679]  dump_stack_lvl+0x241/0x360
[  713.289658][T13679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  713.294884][T13679]  ? __pfx__printk+0x10/0x10
[  713.299517][T13679]  ? snprintf+0xda/0x120
[  713.303787][T13679]  should_fail_ex+0x3b0/0x4e0
[  713.308495][T13679]  _copy_to_user+0x31/0xb0
[  713.312942][T13679]  simple_read_from_buffer+0xca/0x150
[  713.318345][T13679]  proc_fail_nth_read+0x1e9/0x250
[  713.323401][T13679]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  713.328977][T13679]  ? rw_verify_area+0x55e/0x6f0
[  713.333855][T13679]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  713.339429][T13679]  vfs_read+0x1fc/0xb70
[  713.343612][T13679]  ? __pfx___mutex_lock+0x10/0x10
[  713.348667][T13679]  ? __pfx_vfs_read+0x10/0x10
[  713.353373][T13679]  ? __fget_files+0x2a/0x410
[  713.357991][T13679]  ? __fget_files+0x395/0x410
[  713.362686][T13679]  ? __fget_files+0x2a/0x410
[  713.367336][T13679]  ksys_read+0x18f/0x2b0
[  713.371604][T13679]  ? __pfx_ksys_read+0x10/0x10
[  713.376397][T13679]  ? do_syscall_64+0x100/0x230
[  713.381192][T13679]  ? do_syscall_64+0xb6/0x230
[  713.385900][T13679]  do_syscall_64+0xf3/0x230
[  713.390431][T13679]  ? clear_bhb_loop+0x35/0x90
[  713.395130][T13679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.401052][T13679] RIP: 0033:0x7f442398472c
[  713.405485][T13679] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  713.425117][T13679] RSP: 002b:00007f442486d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  713.433566][T13679] RAX: ffffffffffffffda RBX: 00007f4423b75fa0 RCX: 00007f442398472c
[  713.441568][T13679] RDX: 000000000000000f RSI: 00007f442486d0a0 RDI: 0000000000000004
[  713.449563][T13679] RBP: 00007f442486d090 R08: 0000000000000000 R09: 0000000000000000
[  713.457543][T13679] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[  713.465521][T13679] R13: 0000000000000000 R14: 00007f4423b75fa0 R15: 00007ffc5e8bd148
[  713.473505][T13679]  </TASK>
[  713.476542][    C0] vkms_vblank_simulate: vblank timer overrun
[  714.921565][T13698] FAULT_INJECTION: forcing a failure.
[  714.921565][T13698] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  715.004955][T13698] CPU: 1 UID: 0 PID: 13698 Comm: syz.4.2027 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  715.015780][T13698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  715.025860][T13698] Call Trace:
[  715.029162][T13698]  <TASK>
[  715.032111][T13698]  dump_stack_lvl+0x241/0x360
[  715.036817][T13698]  ? __pfx_dump_stack_lvl+0x10/0x10
[  715.042039][T13698]  ? __pfx__printk+0x10/0x10
[  715.046665][T13698]  should_fail_ex+0x3b0/0x4e0
[  715.051369][T13698]  prepare_alloc_pages+0x1da/0x5b0
[  715.056519][T13698]  __alloc_pages_noprof+0x16f/0x710
[  715.061751][T13698]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  715.067504][T13698]  ? __mutex_unlock_slowpath+0x21e/0x790
[  715.073167][T13698]  ? __pfx___mutex_lock+0x10/0x10
[  715.078219][T13698]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  715.084237][T13698]  ___kmalloc_large_node+0x8b/0x1d0
[  715.089464][T13698]  __kmalloc_large_noprof+0x1f/0x80
[  715.094685][T13698]  hidp_connection_add+0x382/0x18c0
[  715.099927][T13698]  hidp_sock_ioctl+0x446/0x870
[  715.104715][T13698]  ? __pfx_hidp_sock_ioctl+0x10/0x10
[  715.110064][T13698]  ? tomoyo_path_number_perm+0x6f9/0x860
[  715.115716][T13698]  ? __lock_acquire+0x1397/0x2100
[  715.120755][T13698]  ? tomoyo_path_number_perm+0x206/0x860
[  715.126389][T13698]  sock_do_ioctl+0x158/0x460
[  715.130986][T13698]  ? __pfx_smack_log+0x10/0x10
[  715.135752][T13698]  ? __pfx_sock_do_ioctl+0x10/0x10
[  715.140967][T13698]  ? smk_tskacc+0x300/0x370
[  715.145488][T13698]  ? smack_file_ioctl+0x29e/0x3a0
[  715.150513][T13698]  sock_ioctl+0x626/0x8e0
[  715.154850][T13698]  ? __pfx_sock_ioctl+0x10/0x10
[  715.159707][T13698]  ? __fget_files+0x2a/0x410
[  715.164299][T13698]  ? __fget_files+0x2a/0x410
[  715.168895][T13698]  ? __pfx_sock_ioctl+0x10/0x10
[  715.173753][T13698]  __se_sys_ioctl+0xf5/0x170
[  715.178352][T13698]  do_syscall_64+0xf3/0x230
[  715.182858][T13698]  ? clear_bhb_loop+0x35/0x90
[  715.187530][T13698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.193425][T13698] RIP: 0033:0x7f8fb5985d19
[  715.197840][T13698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  715.217462][T13698] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  715.225882][T13698] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  715.233851][T13698] RDX: 0000000020000340 RSI: 00000000400448c8 RDI: 0000000000000005
[  715.241820][T13698] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  715.249791][T13698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  715.257842][T13698] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  715.265818][T13698]  </TASK>
[  715.614995][T13710] xt_limit: Overflow, try lower: 4294967295/4294966784
[  716.531158][T13730] netlink: 140 bytes leftover after parsing attributes in process `syz.5.2032'.
[  718.427286][T13756] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2037'.
[  720.427870][T13777] FAULT_INJECTION: forcing a failure.
[  720.427870][T13777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.441253][T13777] CPU: 0 UID: 0 PID: 13777 Comm: syz.4.2040 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  720.452062][T13777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  720.462148][T13777] Call Trace:
[  720.465429][T13777]  <TASK>
[  720.468366][T13777]  dump_stack_lvl+0x241/0x360
[  720.473041][T13777]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.478257][T13777]  ? __pfx__printk+0x10/0x10
[  720.482875][T13777]  ? __pfx_lock_release+0x10/0x10
[  720.487932][T13777]  should_fail_ex+0x3b0/0x4e0
[  720.492640][T13777]  _copy_from_iter+0x1e9/0x1c20
[  720.497516][T13777]  ? __virt_addr_valid+0x183/0x530
[  720.502663][T13777]  ? __alloc_skb+0x28f/0x440
[  720.507273][T13777]  ? __pfx__copy_from_iter+0x10/0x10
[  720.512598][T13777]  ? __virt_addr_valid+0x183/0x530
[  720.517733][T13777]  ? __virt_addr_valid+0x183/0x530
[  720.522863][T13777]  ? __virt_addr_valid+0x45f/0x530
[  720.528000][T13777]  ? __phys_addr_symbol+0x2f/0x70
[  720.533050][T13777]  ? __check_object_size+0x47a/0x730
[  720.538372][T13777]  netlink_sendmsg+0x73d/0xcb0
[  720.543616][T13777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  720.548942][T13777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  720.554245][T13777]  __sock_sendmsg+0x221/0x270
[  720.558952][T13777]  ____sys_sendmsg+0x52a/0x7e0
[  720.563751][T13777]  ? __pfx_____sys_sendmsg+0x10/0x10
[  720.569056][T13777]  ? __fget_files+0x2a/0x410
[  720.573673][T13777]  ? __fget_files+0x2a/0x410
[  720.578292][T13777]  __sys_sendmsg+0x269/0x350
[  720.582903][T13777]  ? __pfx_lock_release+0x10/0x10
[  720.587958][T13777]  ? __pfx___sys_sendmsg+0x10/0x10
[  720.593104][T13777]  ? __pfx_vfs_write+0x10/0x10
[  720.597920][T13777]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  720.604315][T13777]  ? do_syscall_64+0x100/0x230
[  720.609111][T13777]  ? do_syscall_64+0xb6/0x230
[  720.613813][T13777]  do_syscall_64+0xf3/0x230
[  720.618332][T13777]  ? clear_bhb_loop+0x35/0x90
[  720.623014][T13777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.628915][T13777] RIP: 0033:0x7f8fb5985d19
[  720.633327][T13777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.652926][T13777] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  720.661340][T13777] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  720.669314][T13777] RDX: 0000000004000000 RSI: 0000000020000100 RDI: 0000000000000003
[  720.677280][T13777] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  720.685244][T13777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  720.693206][T13777] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  720.701183][T13777]  </TASK>
[  720.704258][    C0] vkms_vblank_simulate: vblank timer overrun
[  721.282849][T13786] xt_limit: Overflow, try lower: 4294967295/4294966784
[  724.050641][T13825] FAULT_INJECTION: forcing a failure.
[  724.050641][T13825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  724.156334][T13825] CPU: 1 UID: 0 PID: 13825 Comm: syz.3.2049 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  724.167146][T13825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  724.177197][T13825] Call Trace:
[  724.180467][T13825]  <TASK>
[  724.183393][T13825]  dump_stack_lvl+0x241/0x360
[  724.188086][T13825]  ? __pfx_dump_stack_lvl+0x10/0x10
[  724.193279][T13825]  ? __pfx__printk+0x10/0x10
[  724.197862][T13825]  ? __pfx_lock_release+0x10/0x10
[  724.202876][T13825]  should_fail_ex+0x3b0/0x4e0
[  724.207538][T13825]  _copy_from_user+0x2f/0xc0
[  724.212121][T13825]  copy_msghdr_from_user+0xae/0x680
[  724.217319][T13825]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  724.223121][T13825]  ? __fget_files+0x2a/0x410
[  724.227723][T13825]  ? __fget_files+0x2a/0x410
[  724.232314][T13825]  __sys_sendmsg+0x209/0x350
[  724.236893][T13825]  ? __pfx_lock_release+0x10/0x10
[  724.241909][T13825]  ? __pfx___sys_sendmsg+0x10/0x10
[  724.247020][T13825]  ? __pfx_vfs_write+0x10/0x10
[  724.251784][T13825]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  724.258108][T13825]  ? do_syscall_64+0x100/0x230
[  724.262865][T13825]  ? do_syscall_64+0xb6/0x230
[  724.267536][T13825]  do_syscall_64+0xf3/0x230
[  724.272035][T13825]  ? clear_bhb_loop+0x35/0x90
[  724.276704][T13825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.282585][T13825] RIP: 0033:0x7f4423985d19
[  724.286994][T13825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.306587][T13825] RSP: 002b:00007f442482b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  724.314984][T13825] RAX: ffffffffffffffda RBX: 00007f4423b76160 RCX: 00007f4423985d19
[  724.322949][T13825] RDX: 0000000020008070 RSI: 0000000020002b00 RDI: 0000000000000006
[  724.330908][T13825] RBP: 00007f442482b090 R08: 0000000000000000 R09: 0000000000000000
[  724.338880][T13825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  724.346850][T13825] R13: 0000000000000000 R14: 00007f4423b76160 R15: 00007ffc5e8bd148
[  724.354830][T13825]  </TASK>
[  726.136744][T13850] xt_limit: Overflow, try lower: 4294967295/4294966784
[  726.650066][T13847] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  726.730448][T13847] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  727.256742][T13863] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2057'.
[  727.256758][T13855] netlink: 'syz.4.2055': attribute type 21 has an invalid length.
[  727.295831][T13863] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2057'.
[  727.304728][T13863] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2057'.
[  727.410422][T13863] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2057'.
[  727.768158][T13872] FAULT_INJECTION: forcing a failure.
[  727.768158][T13872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  727.781511][T13872] CPU: 0 UID: 0 PID: 13872 Comm: syz.4.2058 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  727.792300][T13872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  727.802378][T13872] Call Trace:
[  727.805677][T13872]  <TASK>
[  727.808621][T13872]  dump_stack_lvl+0x241/0x360
[  727.813330][T13872]  ? __pfx_dump_stack_lvl+0x10/0x10
[  727.818557][T13872]  ? __pfx__printk+0x10/0x10
[  727.823174][T13872]  ? __pfx_lock_release+0x10/0x10
[  727.828229][T13872]  should_fail_ex+0x3b0/0x4e0
[  727.832929][T13872]  _copy_from_iter+0x1e9/0x1c20
[  727.837799][T13872]  ? __virt_addr_valid+0x183/0x530
[  727.842938][T13872]  ? __alloc_skb+0x28f/0x440
[  727.847546][T13872]  ? __pfx__copy_from_iter+0x10/0x10
[  727.852872][T13872]  ? __virt_addr_valid+0x183/0x530
[  727.858012][T13872]  ? __virt_addr_valid+0x183/0x530
[  727.863149][T13872]  ? __virt_addr_valid+0x45f/0x530
[  727.868282][T13872]  ? __phys_addr_symbol+0x2f/0x70
[  727.873331][T13872]  ? __check_object_size+0x47a/0x730
[  727.878650][T13872]  netlink_sendmsg+0x73d/0xcb0
[  727.883444][T13872]  ? __pfx_netlink_sendmsg+0x10/0x10
[  727.888762][T13872]  ? __pfx_netlink_sendmsg+0x10/0x10
[  727.894069][T13872]  __sock_sendmsg+0x221/0x270
[  727.898781][T13872]  ____sys_sendmsg+0x52a/0x7e0
[  727.903574][T13872]  ? __pfx_____sys_sendmsg+0x10/0x10
[  727.908881][T13872]  ? __fget_files+0x2a/0x410
[  727.913502][T13872]  ? __fget_files+0x2a/0x410
[  727.918126][T13872]  __sys_sendmsg+0x269/0x350
[  727.922741][T13872]  ? __pfx_lock_release+0x10/0x10
[  727.927791][T13872]  ? __pfx___sys_sendmsg+0x10/0x10
[  727.932935][T13872]  ? __pfx_vfs_write+0x10/0x10
[  727.937753][T13872]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  727.944110][T13872]  ? do_syscall_64+0x100/0x230
[  727.948907][T13872]  ? do_syscall_64+0xb6/0x230
[  727.953611][T13872]  do_syscall_64+0xf3/0x230
[  727.958141][T13872]  ? clear_bhb_loop+0x35/0x90
[  727.962835][T13872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.968755][T13872] RIP: 0033:0x7f8fb5985d19
[  727.973188][T13872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.992812][T13872] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  728.001257][T13872] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  728.010124][T13872] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  728.018118][T13872] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  728.026112][T13872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.034108][T13872] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  728.042122][T13872]  </TASK>
[  728.045277][    C0] vkms_vblank_simulate: vblank timer overrun
[  728.132783][T13883] Smack: duplicate mount options
[  728.588148][T13887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2063'.
[  728.652153][T13891] FAULT_INJECTION: forcing a failure.
[  728.652153][T13891] name failslab, interval 1, probability 0, space 0, times 0
[  728.665579][T13891] CPU: 1 UID: 0 PID: 13891 Comm: syz.4.2062 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  728.676371][T13891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  728.686448][T13891] Call Trace:
[  728.689747][T13891]  <TASK>
[  728.692700][T13891]  dump_stack_lvl+0x241/0x360
[  728.697410][T13891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  728.702641][T13891]  ? __pfx__printk+0x10/0x10
[  728.707275][T13891]  should_fail_ex+0x3b0/0x4e0
[  728.711984][T13891]  should_failslab+0xac/0x100
[  728.716790][T13891]  __kmalloc_noprof+0xdd/0x4c0
[  728.721578][T13891]  ? io_cqring_event_overflow+0xd2/0x660
[  728.727244][T13891]  io_cqring_event_overflow+0xd2/0x660
[  728.732733][T13891]  io_req_cqe_overflow+0xf2/0x150
[  728.737781][T13891]  __io_submit_flush_completions+0x2b7/0xd70
[  728.743778][T13891]  ? __pfx___io_submit_flush_completions+0x10/0x10
[  728.750277][T13891]  ? io_alloc_async_data+0xa7/0x120
[  728.755481][T13891]  io_submit_sqes+0x18cd/0x1d60
[  728.760351][T13891]  __se_sys_io_uring_enter+0x2c8/0x33b0
[  728.765904][T13891]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  728.771797][T13891]  ? ksys_write+0x22a/0x2b0
[  728.776300][T13891]  ? __pfx_lock_release+0x10/0x10
[  728.781329][T13891]  ? vfs_write+0x730/0xd30
[  728.785780][T13891]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  728.791764][T13891]  ? __mutex_unlock_slowpath+0x21e/0x790
[  728.797399][T13891]  ? __pfx_vfs_write+0x10/0x10
[  728.802166][T13891]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  728.808171][T13891]  ? __fget_files+0x2a/0x410
[  728.812761][T13891]  ? __fget_files+0x2a/0x410
[  728.817352][T13891]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  728.823329][T13891]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  728.829651][T13891]  ? do_syscall_64+0x100/0x230
[  728.834418][T13891]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  728.839981][T13891]  do_syscall_64+0xf3/0x230
[  728.844504][T13891]  ? clear_bhb_loop+0x35/0x90
[  728.849187][T13891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.855087][T13891] RIP: 0033:0x7f8fb5985d19
[  728.859507][T13891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.879119][T13891] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  728.887559][T13891] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  728.895531][T13891] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000006
[  728.903505][T13891] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  728.911482][T13891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.919448][T13891] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  728.927427][T13891]  </TASK>
[  730.175953][T13905] openvswitch: netlink: Missing key (keys=40, expected=100)
[  730.719286][T13906] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  731.604824][T13924] netlink: 'syz.3.2071': attribute type 1 has an invalid length.
[  731.938488][T13926] fuse: Bad value for 'fd'
[  732.343198][T13932] FAULT_INJECTION: forcing a failure.
[  732.343198][T13932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  732.381059][T13918] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  732.397498][T13932] CPU: 1 UID: 0 PID: 13932 Comm: syz.5.2073 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  732.408323][T13932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  732.418408][T13932] Call Trace:
[  732.421716][T13932]  <TASK>
[  732.424679][T13932]  dump_stack_lvl+0x241/0x360
[  732.429464][T13932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  732.434694][T13932]  ? __pfx__printk+0x10/0x10
[  732.439315][T13932]  ? __pfx_lock_release+0x10/0x10
[  732.444376][T13932]  should_fail_ex+0x3b0/0x4e0
[  732.449084][T13932]  _copy_from_iter+0x1e9/0x1c20
[  732.453960][T13932]  ? __virt_addr_valid+0x183/0x530
[  732.459106][T13932]  ? __alloc_skb+0x28f/0x440
[  732.463717][T13932]  ? __pfx__copy_from_iter+0x10/0x10
[  732.463853][T13918] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  732.469009][T13932]  ? __virt_addr_valid+0x183/0x530
[  732.469036][T13932]  ? __virt_addr_valid+0x183/0x530
[  732.469053][T13932]  ? __virt_addr_valid+0x45f/0x530
[  732.469073][T13932]  ? __phys_addr_symbol+0x2f/0x70
[  732.469092][T13932]  ? __check_object_size+0x47a/0x730
[  732.500615][T13932]  netlink_sendmsg+0x73d/0xcb0
[  732.505425][T13932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.510738][T13932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.516028][T13932]  __sock_sendmsg+0x221/0x270
[  732.520712][T13932]  ____sys_sendmsg+0x52a/0x7e0
[  732.525479][T13932]  ? __pfx_____sys_sendmsg+0x10/0x10
[  732.530757][T13932]  ? __fget_files+0x2a/0x410
[  732.535344][T13932]  ? __fget_files+0x2a/0x410
[  732.539937][T13932]  __sys_sendmsg+0x269/0x350
[  732.544528][T13932]  ? __pfx_lock_release+0x10/0x10
[  732.549548][T13932]  ? __pfx___sys_sendmsg+0x10/0x10
[  732.554667][T13932]  ? __pfx_vfs_write+0x10/0x10
[  732.559451][T13932]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  732.565779][T13932]  ? do_syscall_64+0x100/0x230
[  732.570546][T13932]  ? do_syscall_64+0xb6/0x230
[  732.575223][T13932]  do_syscall_64+0xf3/0x230
[  732.579726][T13932]  ? clear_bhb_loop+0x35/0x90
[  732.584407][T13932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.590300][T13932] RIP: 0033:0x7f0421585d19
[  732.594710][T13932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.614312][T13932] RSP: 002b:00007f042238b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  732.622724][T13932] RAX: ffffffffffffffda RBX: 00007f0421775fa0 RCX: 00007f0421585d19
[  732.630692][T13932] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003
[  732.638659][T13932] RBP: 00007f042238b090 R08: 0000000000000000 R09: 0000000000000000
[  732.646626][T13932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.654597][T13932] R13: 0000000000000000 R14: 00007f0421775fa0 R15: 00007ffc2f1f5e68
[  732.662576][T13932]  </TASK>
[  732.771653][T13918] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  732.842323][T13936] Smack: duplicate mount options
[  734.086731][ T5873] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  734.455872][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  734.820771][T13955] Bluetooth: MGMT ver 1.23
[  734.835381][ T5873] usb 6-1: Using ep0 maxpacket: 16
[  734.843446][ T5873] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  734.853773][ T5873] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  734.869775][ T5873] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  734.876277][ T5902] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  734.888612][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  734.905369][ T5873] usb 6-1: Product: syz
[  734.909600][ T5873] usb 6-1: Manufacturer: syz
[  734.914203][ T5873] usb 6-1: SerialNumber: syz
[  734.962758][T13957] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  735.025565][ T5902] usb 3-1: device descriptor read/64, error -71
[  735.275580][ T5902] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  735.381430][    T8] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[  735.415428][ T5902] usb 3-1: device descriptor read/64, error -71
[  735.416185][    T8] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  735.535779][ T5902] usb usb3-port1: attempt power cycle
[  735.591311][T13966] FAULT_INJECTION: forcing a failure.
[  735.591311][T13966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  735.604956][T13966] CPU: 0 UID: 0 PID: 13966 Comm: syz.4.2084 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  735.615746][T13966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  735.625803][T13966] Call Trace:
[  735.629080][T13966]  <TASK>
[  735.632003][T13966]  dump_stack_lvl+0x241/0x360
[  735.636686][T13966]  ? __pfx_dump_stack_lvl+0x10/0x10
[  735.641881][T13966]  ? __pfx__printk+0x10/0x10
[  735.646469][T13966]  ? __pfx_lock_release+0x10/0x10
[  735.651496][T13966]  should_fail_ex+0x3b0/0x4e0
[  735.656174][T13966]  _copy_from_user+0x2f/0xc0
[  735.660771][T13966]  copy_msghdr_from_user+0xae/0x680
[  735.665967][T13966]  ? __pfx___might_resched+0x10/0x10
[  735.671256][T13966]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  735.677070][T13966]  ? do_recvmmsg+0x44e/0xab0
[  735.681656][T13966]  ? __might_fault+0xaa/0x120
[  735.686335][T13966]  do_recvmmsg+0x3bd/0xab0
[  735.690761][T13966]  ? __pfx_do_recvmmsg+0x10/0x10
[  735.695707][T13966]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  735.701597][T13966]  ? ksys_write+0x22a/0x2b0
[  735.706099][T13966]  ? __pfx_lock_release+0x10/0x10
[  735.711128][T13966]  ? vfs_write+0x730/0xd30
[  735.715551][T13966]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  735.721530][T13966]  ? __fget_files+0x2a/0x410
[  735.726122][T13966]  __x64_sys_recvmmsg+0x199/0x250
[  735.731144][T13966]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  735.736692][T13966]  ? do_syscall_64+0x100/0x230
[  735.741456][T13966]  ? do_syscall_64+0xb6/0x230
[  735.746133][T13966]  do_syscall_64+0xf3/0x230
[  735.750634][T13966]  ? clear_bhb_loop+0x35/0x90
[  735.755318][T13966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  735.761225][T13966] RIP: 0033:0x7f8fb5985d19
[  735.765634][T13966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  735.785233][T13966] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  735.793649][T13966] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  735.801614][T13966] RDX: 0400000000000284 RSI: 0000000020000040 RDI: 0000000000000003
[  735.809593][T13966] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  735.817573][T13966] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  735.825552][T13966] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  735.833538][T13966]  </TASK>
[  735.836661][    C0] vkms_vblank_simulate: vblank timer overrun
[  735.874215][T13939] netlink: 'syz.5.2075': attribute type 1 has an invalid length.
[  735.892004][ T5873] usb 6-1: 0:2 : does not exist
[  735.915477][ T5902] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  735.931798][ T5873] usb 6-1: USB disconnect, device number 21
[  735.946301][ T5902] usb 3-1: device descriptor read/8, error -71
[  736.035606][T13972] netlink: 'syz.4.2086': attribute type 4 has an invalid length.
[  736.147631][ T5839] udevd[5839]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  736.198687][ T5902] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  736.231072][ T5902] usb 3-1: device descriptor read/8, error -71
[  736.346475][ T5902] usb usb3-port1: unable to enumerate USB device
[  736.397206][T13988] 0000: renamed from bridge_slave_0 (while UP)
[  736.468847][T13988] bridge0: port 1(0000) entered disabled state
[  736.484819][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  738.426190][ T5872] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  738.555811][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  738.596875][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  738.608241][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  738.630574][ T5872] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  738.652022][T14001] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2095'.
[  738.671464][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.700831][ T5872] usb 4-1: config 0 descriptor??
[  738.845870][ T5873] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  738.889852][T14012] FAULT_INJECTION: forcing a failure.
[  738.889852][T14012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  738.903169][T14012] CPU: 1 UID: 0 PID: 14012 Comm: syz.5.2099 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  738.913952][T14012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  738.915033][T13995] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2094'.
[  738.924010][T14012] Call Trace:
[  738.924023][T14012]  <TASK>
[  738.924032][T14012]  dump_stack_lvl+0x241/0x360
[  738.924065][T14012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  738.924086][T14012]  ? __pfx__printk+0x10/0x10
[  738.924110][T14012]  ? __pfx_lock_release+0x10/0x10
[  738.934219][T13995] NCSI netlink: No device for ifindex 0
[  738.936395][T14012]  should_fail_ex+0x3b0/0x4e0
[  738.936425][T14012]  _copy_from_iter+0x1e9/0x1c20
[  738.936450][T14012]  ? __virt_addr_valid+0x183/0x530
[  738.978956][T14012]  ? __alloc_skb+0x28f/0x440
[  738.983550][T14012]  ? __pfx__copy_from_iter+0x10/0x10
[  738.988841][T14012]  ? __virt_addr_valid+0x183/0x530
[  738.993962][T14012]  ? __virt_addr_valid+0x183/0x530
[  738.999078][T14012]  ? __virt_addr_valid+0x45f/0x530
[  739.004188][T14012]  ? __phys_addr_symbol+0x2f/0x70
[  739.009225][T14012]  ? __check_object_size+0x47a/0x730
[  739.014527][T14012]  netlink_sendmsg+0x73d/0xcb0
[  739.019306][T14012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  739.024606][T14012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  739.029900][T14012]  __sock_sendmsg+0x221/0x270
[  739.034591][T14012]  ____sys_sendmsg+0x52a/0x7e0
[  739.039367][T14012]  ? __pfx_____sys_sendmsg+0x10/0x10
[  739.044655][T14012]  ? __fget_files+0x2a/0x410
[  739.049242][T14012]  ? __fget_files+0x2a/0x410
[  739.053836][T14012]  __sys_sendmsg+0x269/0x350
[  739.058425][T14012]  ? __pfx_lock_release+0x10/0x10
[  739.063448][T14012]  ? __pfx___sys_sendmsg+0x10/0x10
[  739.068569][T14012]  ? __pfx_vfs_write+0x10/0x10
[  739.073357][T14012]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  739.079686][T14012]  ? do_syscall_64+0x100/0x230
[  739.084454][T14012]  ? do_syscall_64+0xb6/0x230
[  739.089137][T14012]  do_syscall_64+0xf3/0x230
[  739.093643][T14012]  ? clear_bhb_loop+0x35/0x90
[  739.098404][T14012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.104310][T14012] RIP: 0033:0x7f0421585d19
[  739.108735][T14012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  739.128356][T14012] RSP: 002b:00007f042238b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  739.136798][T14012] RAX: ffffffffffffffda RBX: 00007f0421775fa0 RCX: 00007f0421585d19
[  739.144782][T14012] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[  739.152757][T14012] RBP: 00007f042238b090 R08: 0000000000000000 R09: 0000000000000000
[  739.160733][T14012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  739.168712][T14012] R13: 0000000000000000 R14: 00007f0421775fa0 R15: 00007ffc2f1f5e68
[  739.176697][T14012]  </TASK>
[  739.276654][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  739.287863][ T5873] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  739.297724][ T5873] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  739.308329][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  739.330153][ T5873] usb 3-1: config 0 descriptor??
[  740.014314][T13995] netlink: 'syz.3.2094': attribute type 1 has an invalid length.
[  740.045385][ T5873] usb 3-1: USB disconnect, device number 50
[  740.056787][ T9930] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  740.099382][ T5872] usbhid 4-1:0.0: can't add hid device: -71
[  740.112856][ T5872] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  740.185456][ T9930] usb 5-1: device descriptor read/64, error -71
[  740.325263][ T5872] usb 4-1: USB disconnect, device number 35
[  740.542169][T14033] xt_limit: Overflow, try lower: 4294967295/4294966784
[  741.177927][T14035] batadv2: entered promiscuous mode
[  741.184235][T14035] 8021q: adding VLAN 0 to HW filter on device batadv2
[  741.200532][ T9930] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  741.355467][ T9930] usb 5-1: device descriptor read/64, error -71
[  741.476036][ T9930] usb usb5-port1: attempt power cycle
[  741.672352][T14047] FAULT_INJECTION: forcing a failure.
[  741.672352][T14047] name failslab, interval 1, probability 0, space 0, times 0
[  742.365565][T14047] CPU: 1 UID: 0 PID: 14047 Comm: syz.0.2107 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  742.376399][T14047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  742.386496][T14047] Call Trace:
[  742.389800][T14047]  <TASK>
[  742.392756][T14047]  dump_stack_lvl+0x241/0x360
[  742.397472][T14047]  ? __pfx_dump_stack_lvl+0x10/0x10
[  742.402698][T14047]  ? __pfx__printk+0x10/0x10
[  742.407316][T14047]  ? __kmalloc_cache_noprof+0x48/0x390
[  742.412802][T14047]  ? __pfx___might_resched+0x10/0x10
[  742.418123][T14047]  should_fail_ex+0x3b0/0x4e0
[  742.422827][T14047]  should_failslab+0xac/0x100
[  742.427538][T14047]  __kmalloc_cache_noprof+0x70/0x390
[  742.432844][T14047]  ? sctp_association_new+0x8a/0x2400
[  742.438223][T14047]  ? __asan_memcpy+0x40/0x70
[  742.442820][T14047]  sctp_association_new+0x8a/0x2400
[  742.448027][T14047]  ? sctp_do_bind+0x679/0x950
[  742.452706][T14047]  ? __ipv6_addr_type+0x23c/0x2f0
[  742.457734][T14047]  sctp_connect_new_asoc+0x2d8/0x6c0
[  742.463038][T14047]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  742.468838][T14047]  ? sctp_sendmsg+0xbb9/0x3520
[  742.473603][T14047]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  742.479414][T14047]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  742.484965][T14047]  sctp_sendmsg+0x219a/0x3520
[  742.489656][T14047]  ? __pfx_sctp_sendmsg+0x10/0x10
[  742.494684][T14047]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  742.501458][T14047]  ? inet_sendmsg+0x330/0x390
[  742.506136][T14047]  __sock_sendmsg+0x1a6/0x270
[  742.510906][T14047]  __sys_sendto+0x363/0x4c0
[  742.515424][T14047]  ? __pfx___sys_sendto+0x10/0x10
[  742.520453][T14047]  ? __mutex_unlock_slowpath+0x21e/0x790
[  742.526099][T14047]  ? __fget_files+0x2a/0x410
[  742.530692][T14047]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  742.536669][T14047]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  742.542995][T14047]  __x64_sys_sendto+0xde/0x100
[  742.547761][T14047]  do_syscall_64+0xf3/0x230
[  742.552272][T14047]  ? clear_bhb_loop+0x35/0x90
[  742.556945][T14047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.562835][T14047] RIP: 0033:0x7f2035585d19
[  742.567245][T14047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.586851][T14047] RSP: 002b:00007f2036418038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  742.595262][T14047] RAX: ffffffffffffffda RBX: 00007f2035775fa0 RCX: 00007f2035585d19
[  742.603229][T14047] RDX: 0000000000000001 RSI: 0000000020000580 RDI: 0000000000000003
[  742.611197][T14047] RBP: 00007f2036418090 R08: 0000000020000100 R09: 000000000000001c
[  742.619170][T14047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.627141][T14047] R13: 0000000000000000 R14: 00007f2035775fa0 R15: 00007ffee46e2f08
[  742.635122][T14047]  </TASK>
[  742.685436][ T9930] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  742.895523][ T9930] usb 5-1: device not accepting address 50, error -71
[  743.825897][T14063] input: syz1 as /devices/virtual/input/input87
[  744.268618][T14090] xt_limit: Overflow, try lower: 4294967295/4294966784
[  745.015560][    T9] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  745.175900][    T9] usb 3-1: Using ep0 maxpacket: 32
[  745.195632][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  745.207109][    T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 128, using maximum allowed: 30
[  745.225034][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 128
[  745.239758][    T9] usb 3-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[  745.261227][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.286647][    T9] usb 3-1: config 0 descriptor??
[  745.295451][ T5872] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  745.326546][    T9] usb 3-1: bad CDC descriptors
[  745.462313][ T5873] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  745.470214][ T5872] usb 1-1: Using ep0 maxpacket: 32
[  745.478723][ T5872] usb 1-1: config 0 has an invalid interface number: 186 but max is 0
[  745.491081][ T5872] usb 1-1: config 0 has no interface number 0
[  745.555500][ T5872] usb 1-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=a8.3c
[  745.564772][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.573047][ T5872] usb 1-1: Product: syz
[  745.577558][ T5872] usb 1-1: Manufacturer: syz
[  745.583308][ T5872] usb 1-1: SerialNumber: syz
[  745.662672][ T9930] usb 3-1: USB disconnect, device number 51
[  745.745398][ T5872] usb 1-1: config 0 descriptor??
[  746.085624][ T5873] usb 6-1: Using ep0 maxpacket: 16
[  746.119137][ T5873] usb 6-1: config index 0 descriptor too short (expected 31780, got 36)
[  746.119169][ T5873] usb 6-1: config 27 has too many interfaces: 185, using maximum allowed: 32
[  746.119193][ T5873] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  746.119240][ T5873] usb 6-1: config 27 has 1 interface, different from the descriptor's value: 185
[  746.121439][ T5873] usb 6-1: New USB device found, idVendor=0c45, idProduct=6240, bcdDevice=86.ae
[  746.169251][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.169281][ T5873] usb 6-1: Product: syz
[  746.169324][ T5873] usb 6-1: Manufacturer: syz
[  746.169341][ T5873] usb 6-1: SerialNumber: syz
[  746.588251][ T9930] usb 5-1: new full-speed USB device number 52 using dummy_hcd
[  746.739792][ T9930] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  746.739826][ T9930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.739848][ T9930] usb 5-1: Product: syz
[  746.739864][ T9930] usb 5-1: Manufacturer: syz
[  746.739928][ T9930] usb 5-1: SerialNumber: syz
[  746.742074][ T9930] usb 5-1: config 0 descriptor??
[  746.957718][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  746.957832][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  747.059017][ T9930] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  747.059067][ T9930] usb 5-1: setting power ON
[  747.065451][ T9930] dvb-usb: bulk message failed: -22 (2/0)
[  747.137303][ T9930] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  747.153077][ T9930] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) error while loading driver (-19)
[  747.158328][ T9930] dvb_usb_cxusb 5-1:0.0: probe with driver dvb_usb_cxusb failed with error -22
[  747.307351][ T9930] usb 5-1: USB disconnect, device number 52
[  747.883775][T14142] xt_limit: Overflow, try lower: 4294967295/4294966784
[  748.469697][ T5872] mos7840 1-1:0.186: missing endpoints
[  748.479924][ T5872] usb 1-1: USB disconnect, device number 53
[  749.686897][ T5873] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6240
[  749.735503][ T5873] gspca_sn9c20x: Write register 1000 failed -71
[  749.741848][ T5873] gspca_sn9c20x: Device initialization failed
[  749.765528][ T5873] gspca_sn9c20x 6-1:27.0: probe with driver gspca_sn9c20x failed with error -71
[  749.857775][ T5873] usb 6-1: USB disconnect, device number 22
[  749.966175][T14167] FAULT_INJECTION: forcing a failure.
[  749.966175][T14167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  749.988392][T14167] CPU: 0 UID: 0 PID: 14167 Comm: syz.0.2135 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  749.999209][T14167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  750.009289][T14167] Call Trace:
[  750.012588][T14167]  <TASK>
[  750.015544][T14167]  dump_stack_lvl+0x241/0x360
[  750.020258][T14167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  750.025486][T14167]  ? __pfx__printk+0x10/0x10
[  750.030108][T14167]  ? __pfx_lock_release+0x10/0x10
[  750.035164][T14167]  should_fail_ex+0x3b0/0x4e0
[  750.039875][T14167]  _copy_from_user+0x2f/0xc0
[  750.044510][T14167]  copy_msghdr_from_user+0xae/0x680
[  750.049738][T14167]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  750.055552][T14167]  ? __fget_files+0x2a/0x410
[  750.060144][T14167]  ? __fget_files+0x2a/0x410
[  750.064826][T14167]  __sys_sendmsg+0x209/0x350
[  750.069419][T14167]  ? __pfx_lock_release+0x10/0x10
[  750.074454][T14167]  ? __pfx___sys_sendmsg+0x10/0x10
[  750.079573][T14167]  ? __pfx_vfs_write+0x10/0x10
[  750.084358][T14167]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  750.090687][T14167]  ? do_syscall_64+0x100/0x230
[  750.095541][T14167]  ? do_syscall_64+0xb6/0x230
[  750.100219][T14167]  do_syscall_64+0xf3/0x230
[  750.104725][T14167]  ? clear_bhb_loop+0x35/0x90
[  750.109421][T14167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.115330][T14167] RIP: 0033:0x7f2035585d19
[  750.119748][T14167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.139349][T14167] RSP: 002b:00007f20363f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  750.147776][T14167] RAX: ffffffffffffffda RBX: 00007f2035776080 RCX: 00007f2035585d19
[  750.155770][T14167] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000008
[  750.163754][T14167] RBP: 00007f20363f7090 R08: 0000000000000000 R09: 0000000000000000
[  750.171743][T14167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.179723][T14167] R13: 0000000000000000 R14: 00007f2035776080 R15: 00007ffee46e2f08
[  750.187707][T14167]  </TASK>
[  750.190738][    C0] vkms_vblank_simulate: vblank timer overrun
[  750.198060][T14168] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2135'.
[  750.647850][T14187] FAULT_INJECTION: forcing a failure.
[  750.647850][T14187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  750.662016][T14187] CPU: 1 UID: 0 PID: 14187 Comm: syz.0.2138 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  750.672826][T14187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  750.682929][T14187] Call Trace:
[  750.686228][T14187]  <TASK>
[  750.689171][T14187]  dump_stack_lvl+0x241/0x360
[  750.693877][T14187]  ? __pfx_dump_stack_lvl+0x10/0x10
[  750.699101][T14187]  ? __pfx__printk+0x10/0x10
[  750.703719][T14187]  ? __pfx_lock_release+0x10/0x10
[  750.708781][T14187]  should_fail_ex+0x3b0/0x4e0
[  750.713487][T14187]  _copy_from_iter+0x1e9/0x1c20
[  750.718372][T14187]  ? __virt_addr_valid+0x183/0x530
[  750.723515][T14187]  ? __alloc_skb+0x28f/0x440
[  750.728126][T14187]  ? __pfx__copy_from_iter+0x10/0x10
[  750.733430][T14187]  ? __virt_addr_valid+0x183/0x530
[  750.738564][T14187]  ? __virt_addr_valid+0x183/0x530
[  750.743704][T14187]  ? __virt_addr_valid+0x45f/0x530
[  750.748842][T14187]  ? __phys_addr_symbol+0x2f/0x70
[  750.753891][T14187]  ? __check_object_size+0x47a/0x730
[  750.759209][T14187]  netlink_sendmsg+0x73d/0xcb0
[  750.764011][T14187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  750.769328][T14187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  750.774630][T14187]  __sock_sendmsg+0x221/0x270
[  750.779330][T14187]  ____sys_sendmsg+0x52a/0x7e0
[  750.784121][T14187]  ? __pfx_____sys_sendmsg+0x10/0x10
[  750.789424][T14187]  ? __fget_files+0x2a/0x410
[  750.794031][T14187]  ? __fget_files+0x2a/0x410
[  750.798644][T14187]  __sys_sendmsg+0x269/0x350
[  750.803258][T14187]  ? __pfx_lock_release+0x10/0x10
[  750.808308][T14187]  ? __pfx___sys_sendmsg+0x10/0x10
[  750.813452][T14187]  ? __pfx_vfs_write+0x10/0x10
[  750.818264][T14187]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  750.824615][T14187]  ? do_syscall_64+0x100/0x230
[  750.829407][T14187]  ? do_syscall_64+0xb6/0x230
[  750.834110][T14187]  do_syscall_64+0xf3/0x230
[  750.838636][T14187]  ? clear_bhb_loop+0x35/0x90
[  750.843333][T14187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.849251][T14187] RIP: 0033:0x7f2035585d19
[  750.853683][T14187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.873308][T14187] RSP: 002b:00007f2036418038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  750.881747][T14187] RAX: ffffffffffffffda RBX: 00007f2035775fa0 RCX: 00007f2035585d19
[  750.889739][T14187] RDX: 0000000000040000 RSI: 0000000020000200 RDI: 0000000000000003
[  750.897729][T14187] RBP: 00007f2036418090 R08: 0000000000000000 R09: 0000000000000000
[  750.905719][T14187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.913709][T14187] R13: 0000000000000000 R14: 00007f2035775fa0 R15: 00007ffee46e2f08
[  750.921715][T14187]  </TASK>
[  750.996546][T14191] FAULT_INJECTION: forcing a failure.
[  750.996546][T14191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  751.075604][T14191] CPU: 1 UID: 0 PID: 14191 Comm: syz.5.2139 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  751.086422][T14191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  751.096500][T14191] Call Trace:
[  751.099799][T14191]  <TASK>
[  751.102744][T14191]  dump_stack_lvl+0x241/0x360
[  751.107454][T14191]  ? __pfx_dump_stack_lvl+0x10/0x10
[  751.112688][T14191]  ? __pfx__printk+0x10/0x10
[  751.117308][T14191]  ? __pfx_lock_release+0x10/0x10
[  751.122357][T14191]  should_fail_ex+0x3b0/0x4e0
[  751.127056][T14191]  _copy_from_iter+0x1e9/0x1c20
[  751.131933][T14191]  ? __virt_addr_valid+0x183/0x530
[  751.137065][T14191]  ? __alloc_skb+0x28f/0x440
[  751.141662][T14191]  ? __pfx__copy_from_iter+0x10/0x10
[  751.146941][T14191]  ? __virt_addr_valid+0x183/0x530
[  751.152038][T14191]  ? __virt_addr_valid+0x183/0x530
[  751.157137][T14191]  ? __virt_addr_valid+0x45f/0x530
[  751.162237][T14191]  ? __phys_addr_symbol+0x2f/0x70
[  751.167246][T14191]  ? __check_object_size+0x47a/0x730
[  751.172522][T14191]  netlink_sendmsg+0x73d/0xcb0
[  751.177304][T14191]  ? __pfx_netlink_sendmsg+0x10/0x10
[  751.182625][T14191]  ? __pfx_netlink_sendmsg+0x10/0x10
[  751.187936][T14191]  __sock_sendmsg+0x221/0x270
[  751.192647][T14191]  ____sys_sendmsg+0x52a/0x7e0
[  751.197444][T14191]  ? __pfx_____sys_sendmsg+0x10/0x10
[  751.202756][T14191]  ? __fget_files+0x2a/0x410
[  751.207372][T14191]  ? __fget_files+0x2a/0x410
[  751.211988][T14191]  __sys_sendmsg+0x269/0x350
[  751.216604][T14191]  ? __pfx_lock_release+0x10/0x10
[  751.221655][T14191]  ? __pfx___sys_sendmsg+0x10/0x10
[  751.226801][T14191]  ? __pfx_vfs_write+0x10/0x10
[  751.231614][T14191]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  751.237971][T14191]  ? do_syscall_64+0x100/0x230
[  751.242773][T14191]  ? do_syscall_64+0xb6/0x230
[  751.247480][T14191]  do_syscall_64+0xf3/0x230
[  751.252016][T14191]  ? clear_bhb_loop+0x35/0x90
[  751.256713][T14191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.262641][T14191] RIP: 0033:0x7f0421585d19
[  751.267081][T14191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.286718][T14191] RSP: 002b:00007f042238b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.295169][T14191] RAX: ffffffffffffffda RBX: 00007f0421775fa0 RCX: 00007f0421585d19
[  751.303167][T14191] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  751.311165][T14191] RBP: 00007f042238b090 R08: 0000000000000000 R09: 0000000000000000
[  751.319158][T14191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.327150][T14191] R13: 0000000000000000 R14: 00007f0421775fa0 R15: 00007ffc2f1f5e68
[  751.335161][T14191]  </TASK>
[  751.523862][T14200] xt_limit: Overflow, try lower: 4294967295/4294966784
[  752.162966][T14213] FAULT_INJECTION: forcing a failure.
[  752.162966][T14213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  752.620696][T14221] xt_limit: Overflow, try lower: 4294967295/4294966784
[  753.174067][T14222] block nbd4: NBD_DISCONNECT
[  753.320565][T14213] CPU: 1 UID: 0 PID: 14213 Comm: syz.3.2147 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  753.331380][T14213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  753.341463][T14213] Call Trace:
[  753.344761][T14213]  <TASK>
[  753.347705][T14213]  dump_stack_lvl+0x241/0x360
[  753.352406][T14213]  ? __pfx_dump_stack_lvl+0x10/0x10
[  753.357621][T14213]  ? __pfx__printk+0x10/0x10
[  753.362231][T14213]  ? __pfx_lock_release+0x10/0x10
[  753.367284][T14213]  should_fail_ex+0x3b0/0x4e0
[  753.371991][T14213]  _copy_from_iter+0x1e9/0x1c20
[  753.376875][T14213]  ? __virt_addr_valid+0x183/0x530
[  753.382017][T14213]  ? __alloc_skb+0x28f/0x440
[  753.386639][T14213]  ? __pfx__copy_from_iter+0x10/0x10
[  753.391960][T14213]  ? __virt_addr_valid+0x183/0x530
[  753.397097][T14213]  ? __virt_addr_valid+0x183/0x530
[  753.402224][T14213]  ? __virt_addr_valid+0x45f/0x530
[  753.407352][T14213]  ? __phys_addr_symbol+0x2f/0x70
[  753.412390][T14213]  ? __check_object_size+0x47a/0x730
[  753.417705][T14213]  netlink_sendmsg+0x73d/0xcb0
[  753.422508][T14213]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.427832][T14213]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.433134][T14213]  __sock_sendmsg+0x221/0x270
[  753.437836][T14213]  ____sys_sendmsg+0x52a/0x7e0
[  753.442622][T14213]  ? __pfx_____sys_sendmsg+0x10/0x10
[  753.447918][T14213]  ? __fget_files+0x2a/0x410
[  753.452529][T14213]  ? __fget_files+0x2a/0x410
[  753.457147][T14213]  __sys_sendmsg+0x269/0x350
[  753.461757][T14213]  ? __pfx_lock_release+0x10/0x10
[  753.466803][T14213]  ? __pfx___sys_sendmsg+0x10/0x10
[  753.471951][T14213]  ? __pfx_vfs_write+0x10/0x10
[  753.476749][T14213]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  753.483075][T14213]  ? do_syscall_64+0x100/0x230
[  753.487842][T14213]  ? do_syscall_64+0xb6/0x230
[  753.492525][T14213]  do_syscall_64+0xf3/0x230
[  753.497035][T14213]  ? clear_bhb_loop+0x35/0x90
[  753.501708][T14213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.507600][T14213] RIP: 0033:0x7f4423985d19
[  753.512011][T14213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.531611][T14213] RSP: 002b:00007f442486d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  753.540022][T14213] RAX: ffffffffffffffda RBX: 00007f4423b75fa0 RCX: 00007f4423985d19
[  753.547989][T14213] RDX: 0000000000008800 RSI: 0000000020000500 RDI: 0000000000000004
[  753.555954][T14213] RBP: 00007f442486d090 R08: 0000000000000000 R09: 0000000000000000
[  753.563919][T14213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  753.571890][T14213] R13: 0000000000000000 R14: 00007f4423b75fa0 R15: 00007ffc5e8bd148
[  753.579869][T14213]  </TASK>
[  755.155511][ T9930] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  755.337668][ T9930] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  755.355427][ T9930] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.372647][ T9930] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  755.382855][ T9930] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  755.392567][ T9930] usb 5-1: Manufacturer: syz
[  755.410120][ T9930] usb 5-1: config 0 descriptor??
[  755.497533][ T9930] rc_core: IR keymap rc-hauppauge not found
[  755.508886][ T9930] Registered IR keymap rc-empty
[  755.524629][ T9930] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  755.544355][ T9930] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input88
[  755.686125][T13271] usb 5-1: USB disconnect, device number 53
[  755.956671][T14272] xt_limit: Overflow, try lower: 4294967295/4294966784
[  757.916598][T14300] Falling back ldisc for ttyS3.
[  759.198932][T14324] Smack: duplicate mount options
[  760.117946][T14333] netlink: 'syz.5.2178': attribute type 21 has an invalid length.
[  760.907163][T14371] FAULT_INJECTION: forcing a failure.
[  760.907163][T14371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  760.934347][T14371] CPU: 0 UID: 0 PID: 14371 Comm: syz.4.2185 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  760.945167][T14371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  760.955247][T14371] Call Trace:
[  760.958904][T14371]  <TASK>
[  760.961839][T14371]  dump_stack_lvl+0x241/0x360
[  760.966522][T14371]  ? __pfx_dump_stack_lvl+0x10/0x10
[  760.971733][T14371]  ? __pfx__printk+0x10/0x10
[  760.976317][T14371]  ? __pfx_lock_release+0x10/0x10
[  760.981326][T14371]  ? vfs_write+0x730/0xd30
[  760.985756][T14371]  should_fail_ex+0x3b0/0x4e0
[  760.990424][T14371]  _copy_from_user+0x2f/0xc0
[  760.995005][T14371]  __se_sys_mount_setattr+0x2a7/0x1c10
[  761.000463][T14371]  ? __pfx___se_sys_mount_setattr+0x10/0x10
[  761.006358][T14371]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  761.012330][T14371]  ? do_syscall_64+0x100/0x230
[  761.017086][T14371]  ? __x64_sys_mount_setattr+0x20/0xc0
[  761.022539][T14371]  do_syscall_64+0xf3/0x230
[  761.027035][T14371]  ? clear_bhb_loop+0x35/0x90
[  761.031710][T14371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.037605][T14371] RIP: 0033:0x7f8fb5985d19
[  761.042004][T14371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.061602][T14371] RSP: 002b:00007f8fb6815038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[  761.070006][T14371] RAX: ffffffffffffffda RBX: 00007f8fb5b76080 RCX: 00007f8fb5985d19
[  761.077965][T14371] RDX: 0000000000000000 RSI: 0000000020000780 RDI: ffffffffffffff9c
[  761.085927][T14371] RBP: 00007f8fb6815090 R08: 0000000000000020 R09: 0000000000000000
[  761.093893][T14371] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000001
[  761.101851][T14371] R13: 0000000000000000 R14: 00007f8fb5b76080 R15: 00007ffedde6bde8
[  761.109830][T14371]  </TASK>
[  761.112938][    C0] vkms_vblank_simulate: vblank timer overrun
[  762.641069][T14392] netlink: 'syz.4.2192': attribute type 21 has an invalid length.
[  763.867397][T14412] batadv4: entered promiscuous mode
[  763.873229][T14412] 8021q: adding VLAN 0 to HW filter on device batadv4
[  763.896677][T13271] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  764.063465][T13271] usb 6-1: Using ep0 maxpacket: 16
[  764.107359][T13271] usb 6-1: New USB device found, idVendor=046d, idProduct=08b5, bcdDevice=d7.01
[  764.116779][T13271] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.124809][T13271] usb 6-1: Product: syz
[  764.142215][T13271] usb 6-1: Manufacturer: syz
[  764.150159][T13271] usb 6-1: SerialNumber: syz
[  764.176174][T13271] usb 6-1: config 0 descriptor??
[  764.190847][T13271] pwc: Logitech QuickCam Orbit/Sphere USB webcam detected.
[  764.515432][ T5902] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  764.675497][ T5902] usb 4-1: Using ep0 maxpacket: 8
[  764.705623][ T5902] usb 4-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[  764.725137][ T5902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.733803][ T5902] usb 4-1: Product: syz
[  764.752288][ T5902] usb 4-1: Manufacturer: syz
[  764.768326][ T5902] usb 4-1: SerialNumber: syz
[  764.798234][ T5902] usb 4-1: config 0 descriptor??
[  764.895355][    C1] hrtimer: interrupt took 77476 ns
[  765.146036][T14418] lo speed is unknown, defaulting to 1000
[  765.226541][T14427] netlink: 'syz.4.2203': attribute type 1 has an invalid length.
[  765.280468][T14429] netlink: 'syz.4.2203': attribute type 1 has an invalid length.
[  765.894235][T13271] pwc: Warning: more than 1 configuration available.
[  765.902291][T13271] pwc: Failed to set LED on/off time (-71)
[  765.908621][T13271] pwc: send_video_command error -71
[  765.913904][T13271] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  765.922337][T13271] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[  765.979337][T13271] usb 6-1: USB disconnect, device number 23
[  766.829521][T14442] netlink: 'syz.5.2206': attribute type 2 has an invalid length.
[  766.850960][T14442] Tq€: entered promiscuous mode
[  767.829535][T14468] batadv3: entered promiscuous mode
[  767.837117][T14468] 8021q: adding VLAN 0 to HW filter on device batadv3
[  768.700078][ T5902] usb 4-1: USB disconnect, device number 36
[  769.381105][ T5839] udevd[5839]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  769.399523][T14488] FAULT_INJECTION: forcing a failure.
[  769.399523][T14488] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  769.425426][T14488] CPU: 0 UID: 0 PID: 14488 Comm: syz.2.2218 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  769.436237][T14488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  769.446299][T14488] Call Trace:
[  769.449575][T14488]  <TASK>
[  769.452501][T14488]  dump_stack_lvl+0x241/0x360
[  769.457186][T14488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  769.462385][T14488]  ? __pfx__printk+0x10/0x10
[  769.466983][T14488]  should_fail_ex+0x3b0/0x4e0
[  769.471662][T14488]  prepare_alloc_pages+0x1da/0x5b0
[  769.476778][T14488]  __alloc_pages_noprof+0x16f/0x710
[  769.481979][T14488]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  769.487714][T14488]  ? __might_fault+0xaa/0x120
[  769.492394][T14488]  alloc_pages_mpol_noprof+0x3e8/0x680
[  769.497863][T14488]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  769.503848][T14488]  ? _copy_from_user+0x99/0xc0
[  769.508618][T14488]  ? bpf_test_init+0x15a/0x180
[  769.513377][T14488]  ? alloc_pages_noprof+0xef/0x170
[  769.518491][T14488]  bpf_prog_test_run_xdp+0xcc0/0x11e0
[  769.523871][T14488]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  769.529669][T14488]  ? __fget_files+0x2a/0x410
[  769.534263][T14488]  ? __fget_files+0x2a/0x410
[  769.538846][T14488]  ? fput+0x21b/0x290
[  769.542821][T14488]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  769.548621][T14488]  bpf_prog_test_run+0x2e4/0x360
[  769.553554][T14488]  __sys_bpf+0x48d/0x810
[  769.557798][T14488]  ? __pfx___sys_bpf+0x10/0x10
[  769.562562][T14488]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  769.568535][T14488]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  769.574858][T14488]  ? do_syscall_64+0x100/0x230
[  769.579622][T14488]  __x64_sys_bpf+0x7c/0x90
[  769.584047][T14488]  do_syscall_64+0xf3/0x230
[  769.588550][T14488]  ? clear_bhb_loop+0x35/0x90
[  769.593218][T14488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.599111][T14488] RIP: 0033:0x7f51b7f85d19
[  769.603521][T14488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.623129][T14488] RSP: 002b:00007f51b8dfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  769.631542][T14488] RAX: ffffffffffffffda RBX: 00007f51b8175fa0 RCX: 00007f51b7f85d19
[  769.639506][T14488] RDX: 0000000000000050 RSI: 0000000020000600 RDI: 000000000000000a
[  769.647469][T14488] RBP: 00007f51b8dfe090 R08: 0000000000000000 R09: 0000000000000000
[  769.655435][T14488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  769.663399][T14488] R13: 0000000000000000 R14: 00007f51b8175fa0 R15: 00007ffc20e60f38
[  769.671376][T14488]  </TASK>
[  769.674479][    C0] vkms_vblank_simulate: vblank timer overrun
[  770.115956][T14494] xt_limit: Overflow, try lower: 4294967295/4294966784
[  771.141517][T14502] xt_limit: Overflow, try lower: 4294967295/4294966784
[  771.785094][T14505] FAULT_INJECTION: forcing a failure.
[  771.785094][T14505] name failslab, interval 1, probability 0, space 0, times 0
[  771.815156][T14505] CPU: 0 UID: 0 PID: 14505 Comm: syz.2.2223 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  771.825948][T14505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  771.836041][T14505] Call Trace:
[  771.839332][T14505]  <TASK>
[  771.842280][T14505]  dump_stack_lvl+0x241/0x360
[  771.847016][T14505]  ? __pfx_dump_stack_lvl+0x10/0x10
[  771.852243][T14505]  ? __pfx__printk+0x10/0x10
[  771.856853][T14505]  ? kmem_cache_alloc_noprof+0x48/0x380
[  771.862397][T14505]  ? __pfx___might_resched+0x10/0x10
[  771.867681][T14505]  should_fail_ex+0x3b0/0x4e0
[  771.872350][T14505]  should_failslab+0xac/0x100
[  771.877023][T14505]  ? ep_insert+0x267/0x1ab0
[  771.881533][T14505]  kmem_cache_alloc_noprof+0x70/0x380
[  771.886902][T14505]  ep_insert+0x267/0x1ab0
[  771.891219][T14505]  ? __fget_files+0x2a/0x410
[  771.895803][T14505]  ? do_epoll_ctl+0x41d/0xf80
[  771.900473][T14505]  ? __pfx_ep_insert+0x10/0x10
[  771.905230][T14505]  ? __pfx___mutex_lock+0x10/0x10
[  771.910247][T14505]  ? __fget_files+0x2a/0x410
[  771.914832][T14505]  ? __fget_files+0x2a/0x410
[  771.919416][T14505]  do_epoll_ctl+0x8bc/0xf80
[  771.923941][T14505]  __x64_sys_epoll_ctl+0x161/0x1a0
[  771.929046][T14505]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  771.934670][T14505]  ? do_syscall_64+0x100/0x230
[  771.939429][T14505]  ? do_syscall_64+0xb6/0x230
[  771.944107][T14505]  do_syscall_64+0xf3/0x230
[  771.948608][T14505]  ? clear_bhb_loop+0x35/0x90
[  771.953268][T14505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.959238][T14505] RIP: 0033:0x7f51b7f85d19
[  771.963660][T14505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.983868][T14505] RSP: 002b:00007f51b8dfe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  771.992277][T14505] RAX: ffffffffffffffda RBX: 00007f51b8175fa0 RCX: 00007f51b7f85d19
[  772.000269][T14505] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000003
[  772.008238][T14505] RBP: 00007f51b8dfe090 R08: 0000000000000000 R09: 0000000000000000
[  772.016200][T14505] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  772.024162][T14505] R13: 0000000000000000 R14: 00007f51b8175fa0 R15: 00007ffc20e60f38
[  772.032139][T14505]  </TASK>
[  772.035276][    C0] vkms_vblank_simulate: vblank timer overrun
[  772.121304][T14509] FAULT_INJECTION: forcing a failure.
[  772.121304][T14509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  772.161169][T14509] CPU: 0 UID: 0 PID: 14509 Comm: syz.5.2224 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  772.171968][T14509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  772.182057][T14509] Call Trace:
[  772.185340][T14509]  <TASK>
[  772.188274][T14509]  dump_stack_lvl+0x241/0x360
[  772.192948][T14509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  772.198138][T14509]  ? __pfx__printk+0x10/0x10
[  772.202723][T14509]  ? __pfx_lock_release+0x10/0x10
[  772.207748][T14509]  should_fail_ex+0x3b0/0x4e0
[  772.212422][T14509]  _copy_from_iter+0x1e9/0x1c20
[  772.217282][T14509]  ? __virt_addr_valid+0x183/0x530
[  772.222414][T14509]  ? __alloc_skb+0x28f/0x440
[  772.227011][T14509]  ? __pfx__copy_from_iter+0x10/0x10
[  772.232293][T14509]  ? __virt_addr_valid+0x183/0x530
[  772.237397][T14509]  ? __virt_addr_valid+0x183/0x530
[  772.242500][T14509]  ? __virt_addr_valid+0x45f/0x530
[  772.247613][T14509]  ? __phys_addr_symbol+0x2f/0x70
[  772.252647][T14509]  ? __check_object_size+0x47a/0x730
[  772.257934][T14509]  netlink_sendmsg+0x73d/0xcb0
[  772.262696][T14509]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.267981][T14509]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.273282][T14509]  __sock_sendmsg+0x221/0x270
[  772.277957][T14509]  ____sys_sendmsg+0x52a/0x7e0
[  772.282722][T14509]  ? __pfx_____sys_sendmsg+0x10/0x10
[  772.287998][T14509]  ? __fget_files+0x2a/0x410
[  772.292578][T14509]  ? __fget_files+0x2a/0x410
[  772.297278][T14509]  __sys_sendmsg+0x269/0x350
[  772.301888][T14509]  ? __pfx_lock_release+0x10/0x10
[  772.306903][T14509]  ? __pfx___sys_sendmsg+0x10/0x10
[  772.312012][T14509]  ? __pfx_vfs_write+0x10/0x10
[  772.316780][T14509]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  772.323095][T14509]  ? do_syscall_64+0x100/0x230
[  772.327880][T14509]  ? do_syscall_64+0xb6/0x230
[  772.332549][T14509]  do_syscall_64+0xf3/0x230
[  772.335461][ T5902] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  772.337039][T14509]  ? clear_bhb_loop+0x35/0x90
[  772.349240][T14509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.355144][T14509] RIP: 0033:0x7f0421585d19
[  772.359548][T14509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  772.379149][T14509] RSP: 002b:00007f042238b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  772.387558][T14509] RAX: ffffffffffffffda RBX: 00007f0421775fa0 RCX: 00007f0421585d19
[  772.395536][T14509] RDX: 0000000000040090 RSI: 0000000020000280 RDI: 0000000000000003
[  772.403528][T14509] RBP: 00007f042238b090 R08: 0000000000000000 R09: 0000000000000000
[  772.411492][T14509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  772.419459][T14509] R13: 0000000000000000 R14: 00007f0421775fa0 R15: 00007ffc2f1f5e68
[  772.427446][T14509]  </TASK>
[  772.430503][    C0] vkms_vblank_simulate: vblank timer overrun
[  772.585409][ T5902] usb 5-1: Using ep0 maxpacket: 32
[  772.592252][ T5902] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  772.624552][ T5902] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  772.661493][ T5902] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  772.699723][ T5902] usb 5-1: Product: syz
[  772.716874][ T5902] usb 5-1: Manufacturer: syz
[  772.732667][ T5902] usb 5-1: SerialNumber: syz
[  772.866042][ T5902] usb 5-1: config 0 descriptor??
[  772.895777][T14506] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  773.627688][T14518] batadv2: entered promiscuous mode
[  773.633382][T14518] 8021q: adding VLAN 0 to HW filter on device batadv2
[  773.735718][ T5902] usb 5-1: USB disconnect, device number 54
[  774.493939][ T5902] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  774.509106][T14529] xt_limit: Overflow, try lower: 4294967295/4294966784
[  775.345753][ T5902] usb 5-1: Using ep0 maxpacket: 32
[  775.555592][ T5902] usb 5-1: device descriptor read/all, error -71
[  775.659014][T14545] openvswitch: netlink: IP tunnel dst address not specified
[  775.895647][    T8] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  776.045679][    T8] usb 6-1: Using ep0 maxpacket: 32
[  776.057355][    T8] usb 6-1: config 2 has an invalid descriptor of length 57, skipping remainder of the config
[  776.082575][    T8] usb 6-1: config 2 has 0 interfaces, different from the descriptor's value: 1
[  776.111804][    T8] usb 6-1: New USB device found, idVendor=10b8, idProduct=1fa8, bcdDevice=57.79
[  776.122655][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  776.134410][    T8] usb 6-1: Product: syz
[  776.139385][    T8] usb 6-1: Manufacturer: syz
[  776.155434][    T8] usb 6-1: SerialNumber: syz
[  776.269963][T14567] xt_hashlimit: size too large, truncated to 1048576
[  776.605462][ T5902] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  776.779829][ T5902] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  776.805732][ T5902] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  776.823818][ T5902] usb 5-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  776.843748][ T5902] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.866144][ T5902] usb 5-1: config 0 descriptor??
[  777.096625][T14564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  777.105262][T14564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  777.139229][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  777.139247][   T29] audit: type=1326 audit(1734188732.532:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fb5985d19 code=0x7ffc0000
[  777.273255][   T29] audit: type=1326 audit(1734188732.562:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f8fb5985d19 code=0x7ffc0000
[  777.357043][   T29] audit: type=1326 audit(1734188732.562:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fb5985d19 code=0x7ffc0000
[  777.440595][   T29] audit: type=1326 audit(1734188732.562:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8fb5987c37 code=0x7ffc0000
[  777.613681][   T29] audit: type=1326 audit(1734188732.562:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f8fb5987bac code=0x7ffc0000
[  777.998815][   T29] audit: type=1326 audit(1734188732.562:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f8fb5987ae4 code=0x7ffc0000
[  778.285120][   T29] audit: type=1326 audit(1734188732.562:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f8fb5987ae4 code=0x7ffc0000
[  778.366348][   T29] audit: type=1326 audit(1734188732.562:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8fb598497a code=0x7ffc0000
[  778.428665][   T29] audit: type=1326 audit(1734188732.562:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fb5985d19 code=0x7ffc0000
[  778.456725][   T29] audit: type=1326 audit(1734188732.562:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14563 comm="syz.4.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8fb5985d19 code=0x7ffc0000
[  778.487319][ T5873] usb 6-1: USB disconnect, device number 24
[  778.695609][ T9930] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  778.900266][ T9930] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  778.909105][ T9930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  778.940794][ T9930] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  778.951099][ T9930] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  778.985463][ T9930] usb 4-1: Manufacturer: syz
[  779.006610][ T9930] usb 4-1: config 0 descriptor??
[  779.146883][T13271] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  779.186984][ T9930] rc_core: IR keymap rc-hauppauge not found
[  779.198279][ T9930] Registered IR keymap rc-empty
[  779.224338][ T9930] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  779.259748][ T9930] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input91
[  779.380917][ T5902] usbhid 5-1:0.0: can't add hid device: -71
[  779.389011][ T5902] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  779.446610][ T5902] usb 5-1: USB disconnect, device number 56
[  779.465618][T13271] usb 3-1: config 0 has no interfaces?
[  779.476799][T13271] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  779.483432][T14596] FAULT_INJECTION: forcing a failure.
[  779.483432][T14596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.500871][T14596] CPU: 0 UID: 0 PID: 14596 Comm: syz.4.2250 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  779.506163][T13271] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.511641][T14596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  779.511660][T14596] Call Trace:
[  779.511669][T14596]  <TASK>
[  779.511679][T14596]  dump_stack_lvl+0x241/0x360
[  779.540603][T14596]  ? __pfx_dump_stack_lvl+0x10/0x10
[  779.545841][T14596]  ? __pfx__printk+0x10/0x10
[  779.550450][T14596]  ? _raw_spin_unlock+0x28/0x50
[  779.555323][T14596]  ? drm_ioctl_kernel+0x337/0x440
[  779.560378][T14596]  should_fail_ex+0x3b0/0x4e0
[  779.560456][T13271] usb 3-1: config 0 descriptor??
[  779.565071][T14596]  _copy_to_user+0x31/0xb0
[  779.565104][T14596]  drm_ioctl+0x635/0xad0
[  779.565126][T14596]  ? __pfx_drm_mode_revoke_lease_ioctl+0x10/0x10
[  779.585044][T14596]  ? __pfx_drm_ioctl+0x10/0x10
[  779.589843][T14596]  ? __fget_files+0x2a/0x410
[  779.594462][T14596]  ? __pfx_drm_ioctl+0x10/0x10
[  779.599257][T14596]  __se_sys_ioctl+0xf5/0x170
[  779.603887][T14596]  do_syscall_64+0xf3/0x230
[  779.608419][T14596]  ? clear_bhb_loop+0x35/0x90
[  779.613116][T14596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.619045][T14596] RIP: 0033:0x7f8fb5985d19
[  779.623476][T14596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.643107][T14596] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  779.645478][T14600] FAULT_INJECTION: forcing a failure.
[  779.645478][T14600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.651528][T14596] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  779.651548][T14596] RDX: 0000000020000000 RSI: 00000000c00464c9 RDI: 0000000000000004
[  779.651561][T14596] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  779.651573][T14596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  779.651585][T14596] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  779.651613][T14596]  </TASK>
[  779.707554][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.717965][T14600] CPU: 0 UID: 0 PID: 14600 Comm: syz.5.2249 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  779.728775][T14600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  779.738854][T14600] Call Trace:
[  779.742228][T14600]  <TASK>
[  779.745162][T14600]  dump_stack_lvl+0x241/0x360
[  779.749858][T14600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  779.755057][T14600]  ? __pfx__printk+0x10/0x10
[  779.759648][T14600]  ? __pfx_lock_release+0x10/0x10
[  779.764673][T14600]  should_fail_ex+0x3b0/0x4e0
[  779.769346][T14600]  _copy_from_user+0x2f/0xc0
[  779.773940][T14600]  core_sys_select+0x639/0x910
[  779.778757][T14600]  ? __pfx_core_sys_select+0x10/0x10
[  779.784044][T14600]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  779.789957][T14600]  ? __pfx_vfs_write+0x10/0x10
[  779.794725][T14600]  ? __pfx_set_user_sigmask+0x10/0x10
[  779.800098][T14600]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  779.806078][T14600]  ? __fget_files+0x2a/0x410
[  779.810673][T14600]  __se_sys_pselect6+0x323/0x3f0
[  779.815618][T14600]  ? __pfx___se_sys_pselect6+0x10/0x10
[  779.821253][T14600]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  779.827576][T14600]  ? do_syscall_64+0x100/0x230
[  779.832351][T14600]  ? __x64_sys_pselect6+0x21/0xf0
[  779.837395][T14600]  do_syscall_64+0xf3/0x230
[  779.841908][T14600]  ? clear_bhb_loop+0x35/0x90
[  779.846603][T14600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.852514][T14600] RIP: 0033:0x7f0421585d19
[  779.856936][T14600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.876543][T14600] RSP: 002b:00007f042236a038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  779.884962][T14600] RAX: ffffffffffffffda RBX: 00007f0421776080 RCX: 00007f0421585d19
[  779.892940][T14600] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[  779.900914][T14600] RBP: 00007f042236a090 R08: 0000000000000000 R09: 0000000000000000
[  779.908898][T14600] R10: 0000000020000280 R11: 0000000000000246 R12: 0000000000000001
[  779.916883][T14600] R13: 0000000000000000 R14: 00007f0421776080 R15: 00007ffc2f1f5e68
[  779.924878][T14600]  </TASK>
[  779.927953][    C0] vkms_vblank_simulate: vblank timer overrun
[  779.991203][ T5902] usb 3-1: USB disconnect, device number 52
[  780.009314][ T5873] usb 4-1: USB disconnect, device number 37
[  780.313513][T14604] xt_CT: You must specify a L4 protocol and not use inversions on it
[  780.391392][T14597] delete_channel: no stack
[  780.575391][ T5873] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  780.711058][T14612] bridge0: port 3(gretap0) entered blocking state
[  780.725516][T14612] bridge0: port 3(gretap0) entered disabled state
[  780.735579][ T5873] usb 5-1: device descriptor read/64, error -71
[  780.745822][T14612] gretap0: entered allmulticast mode
[  780.764974][T14612] gretap0: entered promiscuous mode
[  780.775272][T14612] bridge0: port 3(gretap0) entered blocking state
[  780.781882][T14612] bridge0: port 3(gretap0) entered forwarding state
[  780.832037][T14614] gretap0: left allmulticast mode
[  780.856386][T14614] gretap0: left promiscuous mode
[  780.871626][T14614] bridge0: port 3(gretap0) entered disabled state
[  780.976276][ T5873] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  780.986265][T14619] openvswitch: netlink: Missing key (keys=40, expected=100)
[  781.108712][ T7576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.125427][ T7576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  781.125640][ T5873] usb 5-1: device descriptor read/64, error -71
[  781.255846][ T5873] usb usb5-port1: attempt power cycle
[  781.675685][ T5873] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  781.696061][ T5873] usb 5-1: device descriptor read/8, error -71
[  782.086405][T14635] 9pnet_fd: Insufficient options for proto=fd
[  782.095422][ T5873] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  782.116120][ T5873] usb 5-1: device descriptor read/8, error -71
[  782.237444][ T5873] usb usb5-port1: unable to enumerate USB device
[  783.038218][T14641] FAULT_INJECTION: forcing a failure.
[  783.038218][T14641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  783.102834][T14641] CPU: 1 UID: 0 PID: 14641 Comm: syz.3.2265 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  783.113661][T14641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  783.124087][T14641] Call Trace:
[  783.127420][T14641]  <TASK>
[  783.130376][T14641]  dump_stack_lvl+0x241/0x360
[  783.135087][T14641]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.140413][T14641]  ? __pfx__printk+0x10/0x10
[  783.145038][T14641]  ? __pfx_lock_release+0x10/0x10
[  783.150090][T14641]  should_fail_ex+0x3b0/0x4e0
[  783.154795][T14641]  _copy_from_iter+0x1e9/0x1c20
[  783.159670][T14641]  ? __virt_addr_valid+0x183/0x530
[  783.164797][T14641]  ? __alloc_skb+0x28f/0x440
[  783.169392][T14641]  ? __pfx__copy_from_iter+0x10/0x10
[  783.174682][T14641]  ? __virt_addr_valid+0x183/0x530
[  783.179792][T14641]  ? __virt_addr_valid+0x183/0x530
[  783.184899][T14641]  ? __virt_addr_valid+0x45f/0x530
[  783.190009][T14641]  ? __phys_addr_symbol+0x2f/0x70
[  783.195027][T14641]  ? __check_object_size+0x47a/0x730
[  783.200315][T14641]  netlink_sendmsg+0x73d/0xcb0
[  783.205083][T14641]  ? __pfx_netlink_sendmsg+0x10/0x10
[  783.210373][T14641]  ? __pfx_netlink_sendmsg+0x10/0x10
[  783.215664][T14641]  __sock_sendmsg+0x221/0x270
[  783.220343][T14641]  ____sys_sendmsg+0x52a/0x7e0
[  783.225106][T14641]  ? __pfx_____sys_sendmsg+0x10/0x10
[  783.230382][T14641]  ? __fget_files+0x2a/0x410
[  783.234967][T14641]  ? __fget_files+0x2a/0x410
[  783.239553][T14641]  __sys_sendmsg+0x269/0x350
[  783.244134][T14641]  ? __pfx_lock_release+0x10/0x10
[  783.249154][T14641]  ? __pfx___sys_sendmsg+0x10/0x10
[  783.254272][T14641]  ? __pfx_vfs_write+0x10/0x10
[  783.259052][T14641]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  783.265381][T14641]  ? do_syscall_64+0x100/0x230
[  783.270158][T14641]  ? do_syscall_64+0xb6/0x230
[  783.274837][T14641]  do_syscall_64+0xf3/0x230
[  783.279339][T14641]  ? clear_bhb_loop+0x35/0x90
[  783.284010][T14641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.289903][T14641] RIP: 0033:0x7f4423985d19
[  783.294312][T14641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.313915][T14641] RSP: 002b:00007f442486d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  783.322329][T14641] RAX: ffffffffffffffda RBX: 00007f4423b75fa0 RCX: 00007f4423985d19
[  783.330293][T14641] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  783.338256][T14641] RBP: 00007f442486d090 R08: 0000000000000000 R09: 0000000000000000
[  783.346217][T14641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.354181][T14641] R13: 0000000000000000 R14: 00007f4423b75fa0 R15: 00007ffc5e8bd148
[  783.362157][T14641]  </TASK>
[  784.660597][T14672] FAULT_INJECTION: forcing a failure.
[  784.660597][T14672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.673834][T14672] CPU: 0 UID: 0 PID: 14672 Comm: syz.4.2276 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  784.684619][T14672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  784.694680][T14672] Call Trace:
[  784.697958][T14672]  <TASK>
[  784.700888][T14672]  dump_stack_lvl+0x241/0x360
[  784.705585][T14672]  ? __pfx_dump_stack_lvl+0x10/0x10
[  784.710797][T14672]  ? __pfx__printk+0x10/0x10
[  784.715408][T14672]  ? __pfx_lock_release+0x10/0x10
[  784.720459][T14672]  should_fail_ex+0x3b0/0x4e0
[  784.725154][T14672]  _copy_from_iter+0x1e9/0x1c20
[  784.730014][T14672]  ? __virt_addr_valid+0x183/0x530
[  784.735129][T14672]  ? __alloc_skb+0x28f/0x440
[  784.739716][T14672]  ? __pfx__copy_from_iter+0x10/0x10
[  784.745000][T14672]  ? __virt_addr_valid+0x183/0x530
[  784.750201][T14672]  ? __virt_addr_valid+0x183/0x530
[  784.755318][T14672]  ? __virt_addr_valid+0x45f/0x530
[  784.760439][T14672]  ? __phys_addr_symbol+0x2f/0x70
[  784.765466][T14672]  ? __check_object_size+0x47a/0x730
[  784.770758][T14672]  netlink_sendmsg+0x73d/0xcb0
[  784.775530][T14672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  784.780819][T14672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  784.786099][T14672]  __sock_sendmsg+0x221/0x270
[  784.790780][T14672]  ____sys_sendmsg+0x52a/0x7e0
[  784.795545][T14672]  ? __pfx_____sys_sendmsg+0x10/0x10
[  784.800821][T14672]  ? __fget_files+0x2a/0x410
[  784.805416][T14672]  ? __fget_files+0x2a/0x410
[  784.810017][T14672]  __sys_sendmsg+0x269/0x350
[  784.814603][T14672]  ? __pfx_lock_release+0x10/0x10
[  784.819627][T14672]  ? __pfx___sys_sendmsg+0x10/0x10
[  784.824745][T14672]  ? __pfx_vfs_write+0x10/0x10
[  784.829525][T14672]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  784.835850][T14672]  ? do_syscall_64+0x100/0x230
[  784.840616][T14672]  ? do_syscall_64+0xb6/0x230
[  784.845295][T14672]  do_syscall_64+0xf3/0x230
[  784.849804][T14672]  ? clear_bhb_loop+0x35/0x90
[  784.854479][T14672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.860374][T14672] RIP: 0033:0x7f8fb5985d19
[  784.864792][T14672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.884400][T14672] RSP: 002b:00007f8fb6836038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  784.892814][T14672] RAX: ffffffffffffffda RBX: 00007f8fb5b75fa0 RCX: 00007f8fb5985d19
[  784.900808][T14672] RDX: 0000000000008004 RSI: 0000000020000140 RDI: 0000000000000004
[  784.908814][T14672] RBP: 00007f8fb6836090 R08: 0000000000000000 R09: 0000000000000000
[  784.916784][T14672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.924749][T14672] R13: 0000000000000000 R14: 00007f8fb5b75fa0 R15: 00007ffedde6bde8
[  784.932727][T14672]  </TASK>
[  784.935842][    C0] vkms_vblank_simulate: vblank timer overrun
[  784.936504][ T5902] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  785.106351][ T5902] usb 1-1: device descriptor read/64, error -71
[  785.425432][ T5902] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  785.502501][T14689] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2280'.
[  785.555863][ T5902] usb 1-1: device descriptor read/64, error -71
[  785.668124][ T5902] usb usb1-port1: attempt power cycle
[  786.115520][ T5902] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  786.144614][ T5902] usb 1-1: device descriptor read/8, error -71
[  786.393639][T14704] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2284'.
[  786.410744][ T5902] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  786.588260][ T5902] usb 1-1: device descriptor read/8, error -71
[  786.678329][T14718] FAULT_INJECTION: forcing a failure.
[  786.678329][T14718] name failslab, interval 1, probability 0, space 0, times 0
[  786.696010][ T5902] usb usb1-port1: unable to enumerate USB device
[  786.704059][T14718] CPU: 1 UID: 0 PID: 14718 Comm: syz.0.2290 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  786.714855][T14718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  786.724926][T14718] Call Trace:
[  786.728219][T14718]  <TASK>
[  786.731166][T14718]  dump_stack_lvl+0x241/0x360
[  786.735871][T14718]  ? __pfx_dump_stack_lvl+0x10/0x10
[  786.741089][T14718]  ? __pfx__printk+0x10/0x10
[  786.745709][T14718]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  786.751715][T14718]  ? __pfx___might_resched+0x10/0x10
[  786.757038][T14718]  should_fail_ex+0x3b0/0x4e0
[  786.761740][T14718]  should_failslab+0xac/0x100
[  786.766450][T14718]  kmem_cache_alloc_node_noprof+0x77/0x380
[  786.772281][T14718]  ? __alloc_skb+0x1c3/0x440
[  786.776984][T14718]  __alloc_skb+0x1c3/0x440
[  786.781424][T14718]  ? __pfx___alloc_skb+0x10/0x10
[  786.786380][T14718]  ? netlink_autobind+0xd6/0x2f0
[  786.791334][T14718]  ? netlink_autobind+0x2b0/0x2f0
[  786.796377][T14718]  netlink_sendmsg+0x638/0xcb0
[  786.801170][T14718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  786.806487][T14718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  786.811786][T14718]  __sock_sendmsg+0x221/0x270
[  786.816492][T14718]  ____sys_sendmsg+0x52a/0x7e0
[  786.821279][T14718]  ? __pfx_____sys_sendmsg+0x10/0x10
[  786.826585][T14718]  ? __fget_files+0x2a/0x410
[  786.831197][T14718]  ? __fget_files+0x2a/0x410
[  786.835811][T14718]  __sys_sendmsg+0x269/0x350
[  786.840411][T14718]  ? __pfx_lock_release+0x10/0x10
[  786.845611][T14718]  ? __pfx___sys_sendmsg+0x10/0x10
[  786.850733][T14718]  ? __pfx_vfs_write+0x10/0x10
[  786.855523][T14718]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  786.861860][T14718]  ? do_syscall_64+0x100/0x230
[  786.866627][T14718]  ? do_syscall_64+0xb6/0x230
[  786.871308][T14718]  do_syscall_64+0xf3/0x230
[  786.875812][T14718]  ? clear_bhb_loop+0x35/0x90
[  786.880483][T14718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  786.886376][T14718] RIP: 0033:0x7f2035585d19
[  786.890790][T14718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  786.910392][T14718] RSP: 002b:00007f2036418038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  786.918803][T14718] RAX: ffffffffffffffda RBX: 00007f2035775fa0 RCX: 00007f2035585d19
[  786.926858][T14718] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  786.934822][T14718] RBP: 00007f2036418090 R08: 0000000000000000 R09: 0000000000000000
[  786.942802][T14718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  786.950864][T14718] R13: 0000000000000000 R14: 00007f2035775fa0 R15: 00007ffee46e2f08
[  786.958857][T14718]  </TASK>
[  791.401495][T14766] 0000: renamed from bridge_slave_0 (while UP)
[  791.414087][T14766] bridge0: port 1(0000) entered disabled state
[  791.598107][T14772] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2305'.
[  791.899990][T14774] fuse: Bad value for 'fd'
[  794.704712][T14781] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2306'.
[  794.780095][T14793] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2310'.
[  794.863442][T14793] bond0: entered promiscuous mode
[  794.868866][T14793] bond_slave_0: entered promiscuous mode
[  794.878220][T14793] bond_slave_1: entered promiscuous mode
[  794.885912][T14793] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  794.893550][T14793] bridge0: port 4(macvlan2) entered blocking state
[  794.900702][T14793] bridge0: port 4(macvlan2) entered disabled state
[  795.790320][T14793] macvlan2: entered allmulticast mode
[  795.795871][T14793] bond0: entered allmulticast mode
[  795.801289][T14793] bond_slave_0: entered allmulticast mode
[  795.979510][T14793] bond_slave_1: entered allmulticast mode
[  795.992594][T14793] macvlan2: entered promiscuous mode
[  796.000063][T14793] bridge0: port 4(macvlan2) entered blocking state
[  796.008581][T14793] bridge0: port 4(macvlan2) entered forwarding state
[  797.436042][T14823] openvswitch: netlink: Missing key (keys=40, expected=100)
[  797.597868][T14829] netlink: 'syz.5.2320': attribute type 4 has an invalid length.
[  797.749561][T14832] netlink: 'syz.5.2320': attribute type 4 has an invalid length.
[  798.195539][T14832] syz.5.2320 (14832) used greatest stack depth: 18352 bytes left
[  798.415504][ T9930] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  798.592774][ T9930] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  798.592809][ T9930] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  798.592831][ T9930] usb 1-1: Product: syz
[  798.592846][ T9930] usb 1-1: Manufacturer: syz
[  798.592862][ T9930] usb 1-1: SerialNumber: syz
[  798.607036][ T9930] usb 1-1: config 0 descriptor??
[  798.607801][T14841] ------------[ cut here ]------------
[  798.607902][T14841] WARNING: CPU: 1 PID: 14841 at drivers/gpu/drm/vkms/vkms_crtc.c:98 vkms_get_vblank_timestamp+0x183/0x1b0
[  798.607970][T14841] Modules linked in:
[  798.607994][T14841] CPU: 1 UID: 0 PID: 14841 Comm: syz.2.2325 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  798.608022][T14841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  798.608070][T14841] RIP: 0010:vkms_get_vblank_timestamp+0x183/0x1b0
[  798.608126][T14841] Code: 42 80 3c 30 00 74 08 48 89 ef e8 98 b2 0e fc 48 89 5d 00 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 6e da aa fb 90 <0f> 0b 90 eb e4 89 d9 80 e1 07 38 c1 0f 8c cd fe ff ff 48 89 df e8
[  798.608154][T14841] RSP: 0018:ffffc9000e59ece8 EFLAGS: 00010287
[  798.608182][T14841] RAX: ffffffff85f48382 RBX: 000000ba0ba9fe18 RCX: 0000000000080000
[  798.608203][T14841] RDX: ffffc9000bcf9000 RSI: 00000000000062c5 RDI: 00000000000062c6
[  798.608222][T14841] RBP: ffffc9000e59ee80 R08: ffffffff85f482ef R09: 1ffffffff284dd1a
[  798.608268][T14841] R10: dffffc0000000000 R11: ffffffff85f48200 R12: 000000ba0ba9fe18
[  798.608288][T14841] R13: ffff8880252f8150 R14: 1ffff92001cb3dd0 R15: ffff8880250b4000
[  798.608308][T14841] FS:  00007f51b8dfe6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  798.608330][T14841] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  798.608350][T14841] CR2: 00007f04222a56c0 CR3: 000000005d6ee000 CR4: 00000000003526f0
[  798.608373][T14841] DR0: 0000000000000000 DR1: 00000000872c9164 DR2: 0000000000000000
[  798.608415][T14841] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  798.608433][T14841] Call Trace:
[  798.608445][T14841]  <TASK>
[  798.608459][T14841]  ? __warn+0x165/0x4d0
[  798.608484][T14841]  ? vkms_get_vblank_timestamp+0x183/0x1b0
[  798.608517][T14841]  ? report_bug+0x2b3/0x500
[  798.608571][T14841]  ? vkms_get_vblank_timestamp+0x183/0x1b0
[  798.608607][T14841]  ? handle_bug+0x60/0x90
[  798.608629][T14841]  ? exc_invalid_op+0x1a/0x50
[  798.608653][T14841]  ? asm_exc_invalid_op+0x1a/0x20
[  798.608714][T14841]  ? __pfx_vkms_get_vblank_timestamp+0x10/0x10
[  798.608741][T14841]  ? vkms_get_vblank_timestamp+0xef/0x1b0
[  798.608766][T14841]  ? vkms_get_vblank_timestamp+0x182/0x1b0
[  798.608796][T14841]  ? vkms_get_vblank_timestamp+0x183/0x1b0
[  798.608851][T14841]  ? vkms_get_vblank_timestamp+0x182/0x1b0
[  798.608878][T14841]  ? __pfx_vkms_get_vblank_timestamp+0x10/0x10
[  798.608908][T14841]  drm_crtc_next_vblank_start+0x229/0x490
[  798.608947][T14841]  ? __pfx_drm_crtc_next_vblank_start+0x10/0x10
[  798.609003][T14841]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  798.609041][T14841]  drm_atomic_helper_wait_for_fences+0x277/0x8e0
[  798.609086][T14841]  ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10
[  798.609156][T14841]  ? read_tsc+0x9/0x20
[  798.609184][T14841]  ? ktime_get+0x1c5/0x1f0
[  798.609219][T14841]  commit_tail+0x75/0x3c0
[  798.609288][T14841]  drm_atomic_helper_commit+0x953/0x9f0
[  798.609324][T14841]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  798.609359][T14841]  drm_atomic_commit+0x294/0x2f0
[  798.609396][T14841]  ? __pfx_drm_atomic_commit+0x10/0x10
[  798.609466][T14841]  ? __pfx___drm_printfn_info+0x10/0x10
[  798.609518][T14841]  drm_client_modeset_commit_atomic+0x670/0x7d0
[  798.609560][T14841]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  798.609640][T14841]  ? __pfx___mutex_lock+0x10/0x10
[  798.609689][T14841]  drm_client_modeset_commit_locked+0xe0/0x520
[  798.609748][T14841]  drm_fb_helper_pan_display+0x379/0xc10
[  798.609797][T14841]  fb_pan_display+0x3a3/0x680
[  798.609822][T14841]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  798.609862][T14841]  bit_update_start+0x4d/0x1c0
[  798.609920][T14841]  fbcon_switch+0x144b/0x2250
[  798.609963][T14841]  ? __pfx_fbcon_switch+0x10/0x10
[  798.610011][T14841]  ? __pfx_hide_cursor+0x10/0x10
[  798.610071][T14841]  ? is_console_locked+0x9/0x20
[  798.610099][T14841]  ? set_origin+0x344/0x480
[  798.610140][T14841]  csi_J+0x6f8/0xeb0
[  798.610169][T14841]  ? atomic_notifier_call_chain+0x26/0x180
[  798.610227][T14841]  do_con_write+0x3b5b/0x4c30
[  798.610354][T14841]  ? __pfx_do_con_write+0x10/0x10
[  798.610377][T14841]  ? trace_contention_end+0x3c/0x120
[  798.610407][T14841]  ? __mutex_lock+0x37f/0xee0
[  798.610438][T14841]  ? con_put_char+0x95/0xf0
[  798.610462][T14841]  ? __pfx_con_put_char+0x10/0x10
[  798.610508][T14841]  ? this_cpu_in_panic+0x4f/0x80
[  798.610542][T14841]  ? n_tty_write+0x6ca/0x1230
[  798.610573][T14841]  ? __pfx___mutex_lock+0x10/0x10
[  798.610603][T14841]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  798.610656][T14841]  ? __pfx_bit_cursor+0x10/0x10
[  798.610700][T14841]  con_write+0x26/0x40
[  798.610725][T14841]  n_tty_write+0xd62/0x1230
[  798.610801][T14841]  ? __pfx_n_tty_write+0x10/0x10
[  798.610829][T14841]  ? __pfx_woken_wake_function+0x10/0x10
[  798.610856][T14841]  ? __virt_addr_valid+0x183/0x530
[  798.610881][T14841]  ? __virt_addr_valid+0x183/0x530
[  798.610905][T14841]  ? __virt_addr_valid+0x45f/0x530
[  798.610960][T14841]  ? __check_object_size+0x47a/0x730
[  798.610998][T14841]  ? __pfx_n_tty_write+0x10/0x10
[  798.611022][T14841]  file_tty_write+0x546/0x9b0
[  798.611064][T14841]  vfs_write+0xaeb/0xd30
[  798.611124][T14841]  ? __pfx_tty_write+0x10/0x10
[  798.611161][T14841]  ? __pfx_vfs_write+0x10/0x10
[  798.611195][T14841]  ? __fget_files+0x2a/0x410
[  798.611223][T14841]  ? __fget_files+0x2a/0x410
[  798.611296][T14841]  ksys_write+0x18f/0x2b0
[  798.611327][T14841]  ? __pfx_ksys_write+0x10/0x10
[  798.611362][T14841]  ? do_syscall_64+0x100/0x230
[  798.611420][T14841]  ? do_syscall_64+0xb6/0x230
[  798.611453][T14841]  do_syscall_64+0xf3/0x230
[  798.611484][T14841]  ? clear_bhb_loop+0x35/0x90
[  798.611510][T14841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.611567][T14841] RIP: 0033:0x7f51b7f85d19
[  798.611591][T14841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.611612][T14841] RSP: 002b:00007f51b8dfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  798.611641][T14841] RAX: ffffffffffffffda RBX: 00007f51b8175fa0 RCX: 00007f51b7f85d19
[  798.611659][T14841] RDX: 0000000000001006 RSI: 0000000020001040 RDI: 000000000000000f
[  798.611675][T14841] RBP: 00007f51b8001a20 R08: 0000000000000000 R09: 0000000000000000
[  798.611719][T14841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.611735][T14841] R13: 0000000000000000 R14: 00007f51b8175fa0 R15: 00007ffc20e60f38
[  798.611771][T14841]  </TASK>
[  798.611797][T14841] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  798.611811][T14841] CPU: 1 UID: 0 PID: 14841 Comm: syz.2.2325 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  798.611838][T14841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  798.611851][T14841] Call Trace:
[  798.611859][T14841]  <TASK>
[  798.611868][T14841]  dump_stack_lvl+0x241/0x360
[  798.611900][T14841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  798.611926][T14841]  ? __pfx__printk+0x10/0x10
[  798.611946][T14841]  ? _printk+0xd5/0x120
[  798.611972][T14841]  ? __init_begin+0x41000/0x41000
[  798.612004][T14841]  ? vscnprintf+0x5d/0x90
[  798.612030][T14841]  panic+0x349/0x880
[  798.612057][T14841]  ? __warn+0x174/0x4d0
[  798.612082][T14841]  ? __pfx_panic+0x10/0x10
[  798.612138][T14841]  __warn+0x344/0x4d0
[  798.612160][T14841]  ? vkms_get_vblank_timestamp+0x183/0x1b0
[  798.612188][T14841]  report_bug+0x2b3/0x500
[  798.612211][T14841]  ? vkms_get_vblank_timestamp+0x183/0x1b0
[  798.612242][T14841]  handle_bug+0x60/0x90
[  798.612261][T14841]  exc_invalid_op+0x1a/0x50
[  798.612279][T14841]  asm_exc_invalid_op+0x1a/0x20
[  798.612304][T14841] RIP: 0010:vkms_get_vblank_timestamp+0x183/0x1b0
[  798.612325][T14841] Code: 42 80 3c 30 00 74 08 48 89 ef e8 98 b2 0e fc 48 89 5d 00 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 6e da aa fb 90 <0f> 0b 90 eb e4 89 d9 80 e1 07 38 c1 0f 8c cd fe ff ff 48 89 df e8
[  798.612342][T14841] RSP: 0018:ffffc9000e59ece8 EFLAGS: 00010287
[  798.612360][T14841] RAX: ffffffff85f48382 RBX: 000000ba0ba9fe18 RCX: 0000000000080000
[  798.612375][T14841] RDX: ffffc9000bcf9000 RSI: 00000000000062c5 RDI: 00000000000062c6
[  798.612389][T14841] RBP: ffffc9000e59ee80 R08: ffffffff85f482ef R09: 1ffffffff284dd1a
[  798.612405][T14841] R10: dffffc0000000000 R11: ffffffff85f48200 R12: 000000ba0ba9fe18
[  798.612420][T14841] R13: ffff8880252f8150 R14: 1ffff92001cb3dd0 R15: ffff8880250b4000
[  798.612441][T14841]  ? __pfx_vkms_get_vblank_timestamp+0x10/0x10
[  798.612464][T14841]  ? vkms_get_vblank_timestamp+0xef/0x1b0
[  798.612484][T14841]  ? vkms_get_vblank_timestamp+0x182/0x1b0
[  798.612515][T14841]  ? vkms_get_vblank_timestamp+0x182/0x1b0
[  798.612536][T14841]  ? __pfx_vkms_get_vblank_timestamp+0x10/0x10
[  798.612560][T14841]  drm_crtc_next_vblank_start+0x229/0x490
[  798.612593][T14841]  ? __pfx_drm_crtc_next_vblank_start+0x10/0x10
[  798.612621][T14841]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  798.612653][T14841]  drm_atomic_helper_wait_for_fences+0x277/0x8e0
[  798.612693][T14841]  ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10
[  798.612729][T14841]  ? read_tsc+0x9/0x20
[  798.612753][T14841]  ? ktime_get+0x1c5/0x1f0
[  798.612782][T14841]  commit_tail+0x75/0x3c0
[  798.612818][T14841]  drm_atomic_helper_commit+0x953/0x9f0
[  798.612849][T14841]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  798.612879][T14841]  drm_atomic_commit+0x294/0x2f0
[  798.612911][T14841]  ? __pfx_drm_atomic_commit+0x10/0x10
[  798.612936][T14841]  ? __pfx___drm_printfn_info+0x10/0x10
[  798.612982][T14841]  drm_client_modeset_commit_atomic+0x670/0x7d0
[  798.613020][T14841]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  798.613071][T14841]  ? __pfx___mutex_lock+0x10/0x10
[  798.613114][T14841]  drm_client_modeset_commit_locked+0xe0/0x520
[  798.613153][T14841]  drm_fb_helper_pan_display+0x379/0xc10
[  798.613198][T14841]  fb_pan_display+0x3a3/0x680
[  798.613220][T14841]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  798.613256][T14841]  bit_update_start+0x4d/0x1c0
[  798.613283][T14841]  fbcon_switch+0x144b/0x2250
[  798.613322][T14841]  ? __pfx_fbcon_switch+0x10/0x10
[  798.613365][T14841]  ? __pfx_hide_cursor+0x10/0x10
[  798.613396][T14841]  ? is_console_locked+0x9/0x20
[  798.613420][T14841]  ? set_origin+0x344/0x480
[  798.613448][T14841]  csi_J+0x6f8/0xeb0
[  798.613473][T14841]  ? atomic_notifier_call_chain+0x26/0x180
[  798.613501][T14841]  do_con_write+0x3b5b/0x4c30
[  798.613595][T14841]  ? __pfx_do_con_write+0x10/0x10
[  798.613614][T14841]  ? trace_contention_end+0x3c/0x120
[  798.613641][T14841]  ? __mutex_lock+0x37f/0xee0
[  798.613667][T14841]  ? con_put_char+0x95/0xf0
[  798.613687][T14841]  ? __pfx_con_put_char+0x10/0x10
[  798.613705][T14841]  ? this_cpu_in_panic+0x4f/0x80
[  798.613734][T14841]  ? n_tty_write+0x6ca/0x1230
[  798.613761][T14841]  ? __pfx___mutex_lock+0x10/0x10
[  798.613788][T14841]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  798.613813][T14841]  ? __pfx_bit_cursor+0x10/0x10
[  798.613852][T14841]  con_write+0x26/0x40
[  798.613874][T14841]  n_tty_write+0xd62/0x1230
[  798.613921][T14841]  ? __pfx_n_tty_write+0x10/0x10
[  798.613944][T14841]  ? __pfx_woken_wake_function+0x10/0x10
[  798.613968][T14841]  ? __virt_addr_valid+0x183/0x530
[  798.613990][T14841]  ? __virt_addr_valid+0x183/0x530
[  798.614010][T14841]  ? __virt_addr_valid+0x45f/0x530
[  798.614036][T14841]  ? __check_object_size+0x47a/0x730
[  798.614069][T14841]  ? __pfx_n_tty_write+0x10/0x10
[  798.614090][T14841]  file_tty_write+0x546/0x9b0
[  798.614134][T14841]  vfs_write+0xaeb/0xd30
[  798.614165][T14841]  ? __pfx_tty_write+0x10/0x10
[  798.614194][T14841]  ? __pfx_vfs_write+0x10/0x10
[  798.614225][T14841]  ? __fget_files+0x2a/0x410
[  798.614251][T14841]  ? __fget_files+0x2a/0x410
[  798.614286][T14841]  ksys_write+0x18f/0x2b0
[  798.614314][T14841]  ? __pfx_ksys_write+0x10/0x10
[  798.614340][T14841]  ? do_syscall_64+0x100/0x230
[  798.614371][T14841]  ? do_syscall_64+0xb6/0x230
[  798.614400][T14841]  do_syscall_64+0xf3/0x230
[  798.614426][T14841]  ? clear_bhb_loop+0x35/0x90
[  798.614450][T14841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.614476][T14841] RIP: 0033:0x7f51b7f85d19
[  798.614495][T14841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.614512][T14841] RSP: 002b:00007f51b8dfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  798.614534][T14841] RAX: ffffffffffffffda RBX: 00007f51b8175fa0 RCX: 00007f51b7f85d19
[  798.614551][T14841] RDX: 0000000000001006 RSI: 0000000020001040 RDI: 000000000000000f
[  798.614566][T14841] RBP: 00007f51b8001a20 R08: 0000000000000000 R09: 0000000000000000
[  798.614580][T14841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.614594][T14841] R13: 0000000000000000 R14: 00007f51b8175fa0 R15: 00007ffc20e60f38
[  798.614632][T14841]  </TASK>
[  798.614895][T14841] Kernel Offset: disabled