last executing test programs:

15.690455148s ago: executing program 1 (id=415):
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map}, 0xfffffffffffffcd6)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
request_key(&(0x7f00000008c0)='big_key\x00', &(0x7f0000000900)={'syz', 0x0}, 0x0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000240), 0x0, 0x0, 0x0, r1)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x40)
r4 = syz_open_dev$MSR(0x0, 0x0, 0x0)
preadv(r4, &(0x7f00000002c0), 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x800000003, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@deltaction={0xb4, 0x31, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8001}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xb}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0xb4}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x111, 0x3}}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(r3, r6, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe21, 0x0, @mcast1}, 0x1c)

14.841442274s ago: executing program 1 (id=418):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @mcast1}, 0xffffffffffffffba)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r1, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r1, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/125, 0x7d}], 0x1}}, {{0x0, 0x0, &(0x7f0000000100)}}], 0x2, 0x40000022, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)=';', 0x1}], 0x1}}], 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000f00000c47d57ea49b000000600730"], 0x0, 0x27, 0x0, 0x1}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x7, 0x5, 0x20, 0x141}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000580), &(0x7f0000000600), 0x7ff, r2}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000040)={r2, &(0x7f0000000000), &(0x7f0000000b40)=""/4096}, 0x20)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
shutdown(r0, 0x2)

14.558598957s ago: executing program 1 (id=419):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000bc0)={0x0, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000011c0)={0x84, &(0x7f0000000500)={0x40, 0x8}, 0x0, &(0x7f0000000380)={0x0, 0x8, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x40, 0x17, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x110, r2, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}]}, @IPVS_CMD_ATTR_DAEMON={0x74, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_batadv\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0xd}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}, @IPVS_CMD_ATTR_SERVICE={0x64, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3e, 0x8}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@remote}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x801}, 0x20008800)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

13.187297162s ago: executing program 2 (id=421):
r0 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x2, 0x7, 0x10001, 0x9, 0xa0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r0, @ANYRES32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
userfaultfd(0x801)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0xa2840, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0xc})
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x400014c, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r3, 0x2, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
recvmmsg(r6, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/253, 0xfd}}, {{&(0x7f0000000540)=@un=@abs, 0x80, &(0x7f0000000300)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1, &(0x7f00000037c0)=""/236, 0xec}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003c00)=""/65, 0x41}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}, 0x2}], 0x4, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000100)={0x28, 0x1, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xffffffffffffffff})
ioctl$IOMMU_IOAS_MAP(r2, 0x3b85, 0x0)
mlock2(&(0x7f0000522000/0x1000)=nil, 0x1000, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
syz_open_procfs(r3, &(0x7f00000002c0)='attr/prev\x00')

10.236873039s ago: executing program 4 (id=422):
socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
preadv(r1, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000008400), 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x2e)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, 0x0, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r2, 0x5453, 0x0)

10.128470866s ago: executing program 2 (id=423):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x22d4, 0x1503, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_connect(0x2, 0xab5, &(0x7f0000000400)={{0x12, 0x1, 0x201, 0x13, 0x33, 0xc2, 0x0, 0x7b0, 0x6, 0x3ff5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xaa3, 0x4, 0x9, 0x6, 0x90, 0xfa, [{{0x9, 0x4, 0x93, 0xf7, 0xc, 0x32, 0x2, 0x8, 0xc, [], [{{0x9, 0x5, 0x2, 0x8, 0x3ff, 0x10, 0x6, 0xda, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xa9}]}}, {{0x9, 0x5, 0x9, 0x16, 0x400, 0x2, 0x7, 0x8, [@generic={0x85, 0x11, "1230d55918bf727809b1e2e482d12f13eb4498142ec029d3df6cf1d349c8edf7302f73140c8d0d7318b5b94f37662da93af8c0acff1d98b7d3dbf5eb30e380ed29eb18f5bb5c74228ab83cb5a1047c900811c16e1d82141a87b25d0a954da4e7b941cb3c782079e2131de9cd44e2747290ae629d97231ecadc35dd08187818f7210164"}, @generic={0xc0, 0x21, "4a2b8a126388e4f14f5660b5469e30d272ed567798623ed6f32a7fba9b1ecc2fad7df754ac693fab89b4cda2988640a4d5fda6243f12cc7dbf985be8a067a7841cfcd750b4d0581ef73144208b79dde9c8c1a9da3de2d5fa1d15d7bccf2a066df65965f9f24d6c7634e51b8d5abf942bc89e836231249285a634a1c390a4f918b5b84d47090568c36fb8d866276de269b276c02fe37383276ea30244b523fc6bf53ad1a4b7ac1758a68ffdf4b25a94f30010b549648a46877825ec590940"}]}}, {{0x9, 0x5, 0xd, 0xc, 0x400, 0x9, 0x2, 0x1, [@generic={0x2b, 0x2, "a67534e2a34667fdd4b8ed816adaaa9a3a15098d0c94df4551a7ac6a65ca59551c41fa899dbb8a1701"}, @uac_iso={0x7, 0x25, 0x1, 0x100, 0x2, 0x4}]}}, {{0x9, 0x5, 0x8, 0x0, 0x40, 0x5, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xc, 0x6}]}}, {{0x9, 0x5, 0x1, 0x1, 0x40, 0x9, 0x0, 0xc, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0x9}]}}, {{0x9, 0x5, 0xc, 0xc, 0x200, 0x6, 0x5, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0xfc00}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x1, 0x8}]}}, {{0x9, 0x5, 0xd, 0x0, 0x10, 0x6, 0x2, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x28, 0x9}, @generic={0x29, 0x10, "a8ef3d22dad475da11e146fbf4839064ea717c3636468da0f251c5442239a54e404d257b76c7a6"}]}}, {{0x9, 0x5, 0xd, 0x4, 0x20, 0x9, 0x5, 0x3}}, {{0x9, 0x5, 0x4, 0xc, 0x10, 0xde, 0x43, 0x5}}, {{0x9, 0x5, 0x3, 0x1, 0x400, 0x9, 0x1, 0x0, [@generic={0x51, 0x4, "f29e56f5d423ca6b86b4f3d728527c9e0a53c5c73e0a905126ba6d994ec7436063405a8c628417dc1691ce375e52361195016eecda36c4aa4e25e27f5378c632e8924c067435132e0abbce40f4a750"}, @generic={0xef, 0x22, "a5bba39ec86d3263c6bc99da32e59a78fa569e459288c24f676c88139326a99fbc99d10369f7fab14a65a513489a5367e2c1e2d986ebce81a1de3aae4f178364fb26c59bc18c1418183d1e4e621fc421d94f3249811c2105876bc5a8161127fe27d8a8ff724f5197af7b37fc1bd6d7acb03cdbcd1651284c0d4e0a5433d3151f7cd5094fc56c8a23a1354278731183d57c92535d08a56f587cc50ef7b8d00ca7f0400adb094107073aa17750d28c77a3760c03824a3ec2607514185c769ad73e11de1d3e0d2f5c0c0cedeb847b402f4819d792263227db2f01b44efad43d3e4fd44dc3a8eeb529ee53c2118454"}]}}, {{0x9, 0x5, 0xa, 0x3, 0x200, 0x7, 0x1, 0x7f, [@generic={0x39, 0x5, "4125e84b353aba80e154da2dc5dab813bda479d168132f4adf8660900f4de961364f8112140b87c74213db656ff829bfb46a0aa3b43ba5"}]}}, {{0x9, 0x5, 0x0, 0x2, 0x8, 0x2, 0x9, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0xa9, 0x8}]}}]}}, {{0x9, 0x4, 0x62, 0x7, 0x1, 0xff, 0xff, 0xff, 0xa3, [@cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "b22ce496"}, {0x5, 0x24, 0x0, 0x100}, {0xd, 0x24, 0xf, 0x1, 0x7, 0xd3, 0x7b, 0x91}, {0x6, 0x24, 0x1a, 0x7, 0x10}, [@obex={0x5, 0x24, 0x15, 0xca37}, @obex={0x5, 0x24, 0x15, 0x1000}, @acm={0x4}, @call_mgmt={0x5}, @mbim={0xc, 0x24, 0x1b, 0x2, 0x200, 0xe6, 0xfe, 0x100, 0x8}]}, @uac_as={[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x7, 0x3, 0x5, 0x8c, 'I', "cb087a"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x2, 0x4, 0xa8, 0x0, "b2f3", "a12a"}]}], [{{0x9, 0x5, 0xd, 0x0, 0x400, 0x3, 0x5, 0xf1, [@generic={0xef, 0x21, "3714cc66401a9d20e87037f46288ccac9e9b117204e7ccb793a568fcb8ad614ecddcf17d76190735ba9be2e32b1f2c418a3825b13a98a93fe9d1f0e42dd971617b1749976bacb7b9575058b5b90eb7cad1aaff2a6bde0a44d1244ea089f4461c89b001abc65d2c347bb96ee440ca51185dc503b47b7c27d8346ebf072986b07f293bac07beeb63758db8afb01885b5af60e2822deb17f6a6bb5047a4feab6866767e29d5bc6adad91bd01ce66b11bb8d73024fe08f4aedf6afacf5af1aefb4f2d0aa2cba5c3cbab40eda93de124ee3622fb738e58235b4b5556be9d4ec147a8904273d96f43c8c0535ebb68962"}, @generic={0x79, 0xf, "64cedb182cb546566fe1bad440431de17c0035e6b73edf8c75d0c1cb4a29d8ed085cb0fb4ee02f1d213c37b7414f4c17790c06bc31c424a1207801954bfb216cd9e51107dffcb05b40fc7f88ec03dbd9ad2bb328ed29f18574a78e34310efd8f784c8d9ce4d01f9f8c25670dc20e08bc7422982969e1d5"}]}}]}}, {{0x9, 0x4, 0x1f, 0x9, 0x10, 0x1e, 0xc8, 0xc9, 0x3, [@uac_as, @generic={0xf1, 0x5, "4ee7a11b75c0d08b8f797729f7dd887a27ddf796c0818b15400e863e40122ddab447de3c5d66e0ca6facddffa351bf777282c32b9355e42666db21d00105f970c68ba90fe53b55bf10ae97d02d76a581f7e7ec1b7b0c903e658623fc2c3bc3cc796925ba58b61f147ec957cdd7ba8549dc1bf3d43defb2c9da94e09f6dd952973f3d91777157389f51d6bd9f48bdc61235cd967c0cf87b9bb98664c42270cd081ca5380bc87e3102b031956934b2106e1a36d444e7899ce9270b0f0f2cdf0df316e300737c58d4719b6b5a929e35fc883352e2b9903d8bf8bfdfa200974f182c9835fed4d832a86b39c4031f3513f0"}], [{{0x9, 0x5, 0x7, 0x0, 0x8, 0x8, 0x1, 0x5}}, {{0x9, 0x5, 0x2, 0x4, 0x8, 0x1, 0xce, 0xc}}, {{0x9, 0x5, 0x80, 0x10, 0x200, 0xa, 0x3, 0x1, [@generic={0xa6, 0x24, "822049fbf969170ec2063f3ae944d8ec6109f7859f9bcb939146eec668a62a1753ba7235b96c5e5662887bf44881a293246022f8ec0fbaa8006d574d962f80fd233f8deeea86268c47ec922280ea59a5fa81c744a72a5b1e475efee83d9da9a5a682bd711021e0b593ab8cb459d20029ee9c7350228acd4a22555716ea53c4c844dcce2f10b5bad2c8b62c70ab9eaf7fb1fdbe1a0921991cb35bba8a29cbd9855775dd94"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x3ff, 0xf, 0xa, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0xd45a87e9c99f25ee, 0x2, 0x2}, @generic={0x6f, 0xf, "e282851741cf213c9fbe50dbd6cdd063fe70eb07b5aaedd5c78f252114d047ef4e0218245cbde0e76bbb3f176393fd2a4770ee0cf4a35bce1a541d8ed007ea166f29e799527fb663e021606688e6ee1b601c57a8d2547504a8b957f20702507117d23f21d13458f4ebd3620a97"}]}}, {{0x9, 0x5, 0x2, 0x10, 0x8, 0x7, 0x8, 0x8, [@generic={0x4a, 0x23, "36ec5dace421e56ad96d711febe22c69d800ca1175e482318d8673cbb866245f7a7f14fce937b6572c1760831a60a6820df2721a8de90ff45c7691e7ca5597151915b86ce11e4f4c"}, @generic={0x8a, 0x1, "5d34f90416385a3a057cbaa734642dcf8c52f0e307ae30464d19cc75bfad5dca98baed13c6e495e9dd1a1e9346d834b51f0e7dd6207222d3eed77d740bcba43c301857407aae0c0ada80ae4dc90eda54e885b6af2a30ca53f1b2daf9d2d6324b7dcff98653489e8acc1d60e008c07c1612c328865d10772543aba09a07143f67daac9a88e50cfb6d"}]}}, {{0x9, 0x5, 0x1, 0x8, 0x400, 0xcc, 0xcd, 0xc, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x2, 0x8}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x0, 0x1}]}}, {{0x9, 0x5, 0x82, 0x8, 0x40, 0x0, 0x7, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x6}]}}, {{0x9, 0x5, 0xd, 0x4, 0x10, 0x2, 0x9, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0xd}]}}, {{0x9, 0x5, 0xa, 0xc, 0x40, 0x78, 0x7, 0xa, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4b}]}}, {{0x9, 0x5, 0x0, 0x4, 0x10, 0x7, 0xfb, 0xbd}}, {{0x9, 0x5, 0x0, 0x8, 0x3ff, 0xf4, 0x10, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x5, 0x8000}]}}, {{0x9, 0x5, 0xe, 0x10, 0xafa327685e8ad713, 0x81, 0x1, 0x9, [@generic={0x35, 0x21, "95b6df900e58d73a8995666302142d12950f81cc01556a3ca198e1d7c0d2951bb6697a2dab927fb0492d0c6f1510fb4b51700a"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x6, 0x2}]}}, {{0x9, 0x5, 0x80, 0x0, 0x3ff, 0x7, 0x2, 0x2}}, {{0x9, 0x5, 0xf, 0x2, 0x10, 0x3, 0x8, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0xfb, 0xdee}]}}, {{0x9, 0x5, 0xa, 0x10, 0x8, 0x3, 0x6, 0x7, [@generic={0x9f, 0xb, "1be88093bce54b2bf685c298b214bc4f31ead64fd69afebad485cee7951b776153e50e21810b2d54497a1fe7c485b22fcbe43efe9efb57f671ddc1675ab54c7e11dc81a69f4a0ac18e4757ba7c9d544a0a120713d061664ac76d84770bfabfe56799f512e7e79e7d645d8714e21960c4e915b80cd7fcff35b254a155b23998745641946a12a9885dca329e93a82adff8bdb244843ee81dfb0e40050791"}, @generic={0x31, 0x21, "f5997ee5936b1c9758880f43cd8b62ea63f25def1b6ea6285cb59677526170a8c5c7e45a4d9c1de4b8dbc8c5a3545b"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x200, 0x41, 0x3, 0x4, [@generic={0x6, 0xe, "ddbf051d"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x10, 0xfbff}]}}]}}, {{0x9, 0x4, 0x3e, 0x9, 0x2, 0xb4, 0xb, 0x3c, 0x7, [@uac_as], [{{0x9, 0x5, 0x4, 0x0, 0x3ff, 0x3, 0x80, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x42, 0x8, 0xc}]}}, {{0x9, 0x5, 0x0, 0x3, 0x8, 0x7f, 0x8, 0xc0, [@uac_iso={0x7, 0x25, 0x1, 0x40, 0xc3, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0x5}]}}]}}]}}]}}, &(0x7f0000001000)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x200, 0x1, 0x3, 0x5, 0x0, 0x7}, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5}, 0x8, [{0xe2, &(0x7f0000000100)=@string={0xe2, 0x3, "79290580768ac47bd277e072078cf5829be4be77a86ba2c92ac971b888713d60fc835b4b74186758c4f7485654e1ff1652ba8673c31110fa3898b38ea9878b3b6f34d0596c217a307757bca88e578df882ee526e4d3a2e621ca82a3ce0df4f0d6bf3f69263375013dd52949a2b59dde74ba704b8512f3334ed9a202c17879dbbc4bdbb627880871448cd7cd5bfff6958d9e0dcd66e467c9bbb2e9fb062e3e32101d79e417abbe136e72a050355b819fe699f34b79adc4e7d02b6be0226ece28c2190634058e01c7de03f61ee30fa1b61af67651b0a71d0cfcc4cad424ea81bc8"}}, {0x94, &(0x7f0000000200)=@string={0x94, 0x3, "ffeda3b09581692dbbbc907f32e13c556570d9e452ba965e14c933f8ff6d2a41b5bc546c330c55867a991b5e5fbc709d0ee34d8b15456cd4f2f0e7e08bff2d1ed0c7585fa21bd3293137044557d0f86858d142208a9b9db14adc1b2cda3a81ae43d43d44bd0b56869b11bc7aa3761a323a203d09f9f62b14411b33f6a2672f2d5357ded2aec6d10ca2cfe0d5292efe517933"}}, {0x14, &(0x7f00000002c0)=@string={0x14, 0x3, "d593a056aa36fde2f7a762ae14c7eff4b464"}}, {0x39, &(0x7f0000000300)=@string={0x39, 0x3, "f5e0c69fc4eb2399cbdee5723528b6cbf8f28bd5fec6c2fcc6e4c6120a7b423788964a8118e201c2a2fcf1d8ca7d5f58b1d5127ab7b459"}}, {0xf8, &(0x7f0000000ec0)=@string={0xf8, 0x3, "cac1b5214dacf5c89514a8ddde4c5c7eb2c366eee712f2fe33893eb0f22a18b380887ee4a2a2136806cc33449a382163cd7cdf1241ed7d1d1c85de65d61784eb9229b4e0424b00b0941c65511f8949ad9c24f2554b270b1646e51558168b9dbb0fd5b45e4de2290d06983465c4e530549fb3e2198e3e6244664a7363717ec747cc4950145ee068627cb617cb80f9097b8be68023eda5f6b6f2b4ea6cfeb80ac4b717b51a0f9bd01c82a744674f434903cc633174a217b8d1f79581ad08d4d4a9f21030aac1f307a19a47c856987b3f9fc14bf6bde0165bf6161ba8cc28236bddf4247b24183321edf1a7f0ffdca534d47dfe71d59bbf"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x80c}}, {0x19, &(0x7f0000000380)=@string={0x19, 0x3, "728217aae008466752d48696f6a19db9887c179ace3309"}}, {0x4, &(0x7f0000000fc0)=@lang_id={0x4, 0x3, 0x812}}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008080}, 0x0)
mmap(&(0x7f000069f000/0x2000)=nil, 0x2000, 0xb635773f04ebbee8, 0x8031, 0xffffffffffffffff, 0x6cc5a000)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x80c002000104082, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000380), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x3c49cc454bd90d39, @time, 0x3})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045300, &(0x7f00000000c0))
tkill(r1, 0x7)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000b, 0x13, r0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000307000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000299000/0x4000)=nil)
madvise(&(0x7f0000227000/0x1000)=nil, 0x1000, 0x19)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c000000140001000000000000000000ac1414bb000000000080000000000000fc0200000000000000000000140000000000000000485bff0700"/72, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/10], 0x5c}}, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed, "5a4ea7", 0x1}}}, 0xd)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(0xffffffffffffffff, 0x0, 0x0)
close(r3)
ioctl$BTRFS_IOC_GET_FEATURES(r3, 0x80189439, &(0x7f0000000080))
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x3}}, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfffffecc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bond0\x00'})
socket$nl_route(0x10, 0x3, 0x0)

9.060032213s ago: executing program 1 (id=426):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x48, 0x24, 0xd0f, 0x10, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x10001}]}}]}, 0x48}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f000000a700), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f000000a900)={0x0, 0x0, &(0x7f000000a8c0)={&(0x7f000000a800)={0x44, r3, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8001}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8}]}]}, 0x44}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETLINK(r5, 0x400454cd, 0x335)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x18}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r6}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r7, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200))
syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000077f1c910720c0c0059f6010203010902240001000000000904000002d31a3a000905"], 0x0)

9.058215528s ago: executing program 4 (id=427):
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x1}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
fsopen(&(0x7f0000000040)='cifs\x00', 0x0)
landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

8.043784155s ago: executing program 0 (id=429):
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map}, 0xfffffffffffffcd6)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
request_key(&(0x7f00000008c0)='big_key\x00', &(0x7f0000000900)={'syz', 0x0}, 0x0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000240), 0x0, 0x0, 0x0, r1)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x40)
r4 = syz_open_dev$MSR(0x0, 0x0, 0x0)
preadv(r4, &(0x7f00000002c0), 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x800000003, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@deltaction={0xb4, 0x31, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8001}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xb}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0xb4}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x111, 0x3}}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(r3, r6, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe21, 0x0, @mcast1}, 0x1c)

8.040288461s ago: executing program 4 (id=430):
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)
sendmmsg$inet(r0, &(0x7f0000000540)=[{{0x0, 0x578, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000800)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7701448658864b429e9472edfeffbf34d6e7c78f4aa73c0b585d5463a40298459e6ebb94bf2bf363c3a6d0a6c38b5", 0x2f5}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d", 0x148}, {&(0x7f00000005c0)="05437c98b91b1455046f57b5fc913814bde2bbeac2104eaea9c9d01a7838d859007067c10aa7352abbdf98e9bf033a4784a11e84639d3b9164d9c5d729f3dd409d39ff6d5cca97", 0x47}, {&(0x7f0000004ac0)="f610e61ac81cc3edc86f0500194d27a5a443f10dfd1ecda0fd0ed9a444b7fb76afe3a0002f0a5eafcd3555a6cad574af080de74a37f54ee5f10fe3f42b445293ca84d360a7a793cdcadfecfd6cc1b312460a54c1e4a6782ec9ce0e299ff2ed8296555289fb6af4b576408a34f8a2779d3dc1a749536a4ecb64522ec725c57dfd9fbc2159c1dfbb40086b331b383029fe0a22ed74e0245909880964443718d1b44d9fbda51ee4f67cd8582f47b155098c408578012cf1abfa162f64da31fd16df164e470b7065861267d5823923fdfabda2d844de999c20806e01edd5e011504278a8f31fa751a757f060d3dcd62fec5f4fda9a4454d754b75ae16ee431d2d7edfda0a869e0a44df651e0ed900cd498509e391c4ba7857d273ed5464c212da7e1d5b6c7a69192a814b447ab60c8258da76cc140a4a532a318d90679c535afd8b43954df5ce90d30be713f5195a8dd4437f6204bb5683efadbf02f96fa0a4bb2b22f4cc0ded53bd8d9d693430dea403f3dc4cfa8f925afc8ae91271a009b5ffeab64ed38ba09bfac86304adf17f069e8cf87d32c7f22267327b3300009debe2f20b59f9a394b6d2fed63fa770ad081bddb65484cf4fa7360987202558ff09ba4a8e783cdedb31141fe23236edace46f2f1c5e931fb31acce60ee84a0987a70c0be8a44cc7c21626db60ce04c85c8c7f5d59d819b5e2c1effcce4b777b6c5e5c19c5e51956f3bf946393dc7c8dcb4bd007c30304c5fb1e6e7c98f0bfc02e51143ef069aca54606567391200e694facbf777fb4eee9f0092030fd5beefe08b830526912cc47bec29d3c29d3ca4b45799889e8c6248bc9d87462f2bcd0ae8", 0x25c}], 0x4, 0x0, 0x0, 0x900}}], 0x2, 0x0)

7.974257069s ago: executing program 3 (id=431):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001400000000000000000000000a000000", @ANYRES16=r0, @ANYRESOCT], 0x2c}}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x40000000015, 0x5, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x62981)
syz_io_uring_setup(0x24fb, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB='5'], 0x118)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(r3, 0xc0585609, &(0x7f0000000200)={0x0, 0x3, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f905ecc2"}})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_int(r4, 0x29, 0x50, 0x0, &(0x7f0000000080))
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x88, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721"})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r5 = socket$inet(0x2, 0x2, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000000), 0x1}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)="40e47dcb003e4932a1", 0x9}, {0x0}], 0x2}}], 0x2, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000000104050000000000ef0000ff7f0000000000000002000000d5381253b65054649383407182a65bb03cf023d562572ff6e4f05bee4312183d2d8c550ee2a15a768a23d6e30e2ef0e61812db17edf87b2aa5b240cf48a9e52a0b8f37431d4949a051516555280386efc24f5e86cdf675b89ce54e7a580b7ac283e92b63cb0eab9f6643a19ec192ca0f4b5212e58581c13582d98f9b682f9f65e509fab695eee3e87fe6d4f0049a643d40362b65c4c83c196cf2c9c44071e00eb200abba5b5e922d2ad800bca4ba6ff08407a2cbb014fea0cddd2b5b01c5664659d2860995828138ad168147aa951ee25ef6f975af9cf45aaa59488b083a4c4bd599c3f5cc5f8b9d8a35abd6edff01e3014933c1c0221b21a85eb4e303aa9693ffffa38d0530023ac1ee9f82b100b87ba38345efa9d901aaa63d0328ba40fd5520b4e68e7f2ac61309b070b9876c991ebff28156062e2bdd1970bbaae0a38ef6554330cb836661a828b7a004f9df6eda45202ca5b97345c4a9c1a9f5d8c11a84"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)

7.863546567s ago: executing program 4 (id=432):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000080)={0x0, 0x1}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2, 0xffffffe4}}, 0x2e)

7.235567343s ago: executing program 4 (id=433):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
socketpair(0x1e, 0x4, 0x0, &(0x7f0000000840)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1}, 0x0, 0x0}, 0x20)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[], 0x0}, 0x90)
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r4)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0xc0, r7, 0x200, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x2, 0x40}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x100}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x17}], @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0xe000, {0x400, 0x0, 0x0, 0x9}}}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}, @NL80211_ATTR_USE_MFP={0x8}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x4}, @crypto_settings=[@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac06}, @NL80211_ATTR_SOCKET_OWNER={0x4}], @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x700, {0x7f, 0x6, 0x5, 0x2}}}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x20, 0x1, 0x1, 0x0, {0x8001, 0x3, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x400, 0x3bf1, 0x9}}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
r8 = syz_open_dev$sg(0x0, 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, 0xffffffffffffffff)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000100)='mmap_lock_acquire_returned\x00', r10}, 0x10)
ioctl$KVM_GET_VCPU_EVENTS(r9, 0x8040ae9f, &(0x7f0000000240))
signalfd(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x11900}, &(0x7f0000000000), &(0x7f0000000040)=<r11=>0x0)
syz_io_uring_submit(0x0, r11, 0x0)

7.184831611s ago: executing program 0 (id=434):
r0 = socket(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{}, &(0x7f0000000580), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r0, @ANYRES32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
userfaultfd(0x801)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0xa2840, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0xc})
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x400014c, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r3, 0x2, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
recvmmsg(r6, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/253, 0xfd}}, {{&(0x7f0000000540)=@un=@abs, 0x80, &(0x7f0000000300)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1, &(0x7f00000037c0)=""/236, 0xec}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003c00)=""/65, 0x41}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}, 0x2}], 0x4, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000100)={0x28, 0x1, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xffffffffffffffff})
ioctl$IOMMU_IOAS_MAP(r2, 0x3b85, 0x0)
mlock2(&(0x7f0000522000/0x1000)=nil, 0x1000, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
syz_open_procfs(r3, &(0x7f00000002c0)='attr/prev\x00')

6.105417736s ago: executing program 0 (id=435):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$smackfs_logging(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r1, &(0x7f0000000640)=[{&(0x7f0000000240)=""/64, 0x40}, {0x0}], 0x2)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r2, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r2, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
r3 = semget(0x1, 0x5, 0x100)
semop(r3, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r2, 0x5501)
r4 = socket(0x1e, 0x0, 0x0)
connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r4, &(0x7f00000012c0)=ANY=[], 0x2000011a)
syz_usb_connect$uac1(0x0, 0xa4, 0x0, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r5 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0), 0x8, 0x0)
r6 = io_uring_setup(0x674b, &(0x7f0000000600))
dup2(r5, r6)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe)
connect$bt_l2cap(r7, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x800}, 0xe)
sendmmsg(r7, &(0x7f0000004940)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="eb", 0x1}], 0x1}}], 0x1, 0x0)

5.919706265s ago: executing program 3 (id=436):
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0, 0x9}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x9c6, &(0x7f0000000480), &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x36}, &(0x7f0000000440)='./file0\x00', 0x18})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r5, 0x4ac6, 0x0, 0x0, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
lseek(r8, 0x0, 0x1)
fstat(0xffffffffffffffff, &(0x7f0000000300))
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
quotactl$Q_GETINFO(0x0, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet(r1, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r9, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)

5.191789578s ago: executing program 1 (id=437):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x317, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x0) (async)
r1 = msgget$private(0x0, 0x0) (async, rerun: 64)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0) (async, rerun: 64)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000140)=""/8, 0x8}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) (async)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYRES32=r1])
r5 = socket(0x200000000000011, 0x3, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0}) (rerun: 64)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
bind$packet(r5, &(0x7f00000000c0)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @dev}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x2}, 0x90) (async)
accept$packet(0xffffffffffffffff, 0x0, 0x0)
symlink(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}) (rerun: 64)
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) (async, rerun: 32)
syz_open_procfs(r7, 0x0) (rerun: 32)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00')

4.774685059s ago: executing program 2 (id=438):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$smackfs_logging(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r1, &(0x7f0000000640)=[{&(0x7f0000000240)=""/64, 0x40}, {0x0}], 0x2)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r2, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r2, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
r3 = semget(0x1, 0x5, 0x100)
semop(r3, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r2, 0x5501)
r4 = socket(0x1e, 0x0, 0x0)
connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r4, &(0x7f00000012c0)=ANY=[], 0x2000011a)
syz_usb_connect$uac1(0x0, 0xa4, 0x0, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
r6 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0), 0x8, 0x0)
r7 = io_uring_setup(0x674b, &(0x7f0000000600))
dup2(r6, r7)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r8, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe)
connect$bt_l2cap(r8, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x800}, 0xe)
sendmmsg(r8, &(0x7f0000004940)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="eb", 0x1}], 0x1}}], 0x1, 0x0)

3.711005543s ago: executing program 1 (id=439):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = getuid()
setreuid(0x0, r0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002cc0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000002d00)={'wlan0\x00'})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r3, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe4e26ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff119, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r3, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7cb, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x1, 0x400})
sendmsg$NL80211_CMD_SET_MPATH(r2, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000002d40)=ANY=[@ANYBLOB="010000000000000000001600000008000300", @ANYRES32, @ANYBLOB="0324"], 0x28}}, 0x0)
mkdir(0x0, 0x0)
open(0x0, 0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000300)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a31000000000800410072786500140033006c6f000000000000eaff0000000000006ff405e36eb398530d360d6a1f80a0963014c4e37124ac30b43e6a3562ee3f09c70b6f01d7b40b2666d6cf3f6e8921331cfdf69c38f0d4c7cf8df6d2c73362f71d86f641953057a5c26aa373690e9ea4986f50c35f1b0bb8ef6025c5250012ddb4c116e98fdea15c746c2e9cae2e63"], 0x38}}, 0x0)
getpid()
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x0, 0x261, 0x2}, 0x48)

3.688374202s ago: executing program 0 (id=440):
socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000008400), 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x2e)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, 0x0, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r1, 0x5453, 0x0)

2.610124401s ago: executing program 2 (id=441):
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0xfffffffffffffffe, 0x0, &(0x7f0000000440))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
add_key$keyring(&(0x7f00000001c0), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = syz_open_procfs(0x0, &(0x7f0000002140)='net/protocols\x00')
read$snapshot(r1, &(0x7f0000000000)=""/140, 0x8c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000000)="6941c43b78eeda4918160798ef967cb9254c327158c51dc69eeda809ba0f2b")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000dc0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffe}, 0x58)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), r6)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000004000000080002"], 0x4c}}, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="75706461756520654eb24e418e2cc169cbe7366372797074667320747275737465643a"], 0x1a, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r8 = socket$inet6(0xa, 0x800, 0x2)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f0000000340)={0xd302dd7, {{0xa, 0x4e22, 0x9, @local, 0x80000000}}}, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$vsock_stream(0x28, 0x1, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)

2.433853031s ago: executing program 0 (id=442):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000940)=@delchain={0x24}, 0x24}}, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000740)="1200", 0x2, 0x0, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240), 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
open(&(0x7f0000007f80)='./bus\x00', 0x141142, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r2)
write$nbd(r2, &(0x7f0000000600)={0x67446698, 0x0, 0x0, 0x0, 0x0, "f3280d11a27c39296384651df259bdb13b20bdfdad467418d88c63260494994562bdc7baca1d38da93e2da4fea3c041f5f64bbf9727789d5f6cd743fc0a58be090ec70a03276c1ead2e67e22492ba1ce4585e1dd9fb5feaa91410b78b4015f7420123ea821ccb947b814b24a16535271"}, 0x80)

2.317216148s ago: executing program 3 (id=443):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
pipe(0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x200008a5}, 0x0)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000640)={'syz', 0x2}, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDENABIO(r1, 0x4b36)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x202200, 0x0)
fsopen(&(0x7f0000000080)='debugfs\x00', 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="4f00030007"], 0xd)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x4, 0x14, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "e5042dfcb31a3677"}}, 0x48}, 0x1, 0x0, 0x0, 0x4880}, 0x0)

1.104900664s ago: executing program 3 (id=444):
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map}, 0xfffffffffffffcd6)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
request_key(&(0x7f00000008c0)='big_key\x00', &(0x7f0000000900)={'syz', 0x0}, 0x0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000240), 0x0, 0x0, 0x0, r1)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x40)
r4 = syz_open_dev$MSR(0x0, 0x0, 0x0)
preadv(r4, &(0x7f00000002c0), 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x800000003, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@deltaction={0xb4, 0x31, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8001}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xb}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0xb4}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x111, 0x3}}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(r3, r6, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe21, 0x0, @mcast1}, 0x1c)

1.08067121s ago: executing program 0 (id=445):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
socket$kcm(0x2, 0x0, 0x2)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x14c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x4, {0x0, 0x0, 0x0, r3, {}, {0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x99, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0xfffffffe, 0x0, 0xfc, 0x2}}, @TCA_CHOKE_STAB={0x104, 0x2, "13119f34dae3c090b3da2c64426a1d777a61e2fad4519fb11a71e149072d265bbcf090bd7bbe0e5d2de66213d88d7e773024ba3482c95f5dc6359186172ae22ed9616876e0ec13f573a5c2f0d185109a8457e43c5390e59a84747ee7b311ecc2f8bac84497d72789b0fa4ab2e321de479655bda89963ae5f37684f73a07ca9d223dfe04aae9e1ff7f8f51133075f4355c81d80a33e4907edd482cafffa6cf27913b8cf68da47ea06d0d17b97f0d10f6978345f4fb5f2b61619e5e3b4b4090c77e69d028f41ab371e8c6bef4485fe557e260ff37e8f6a854d0b686963dcfea9a71953940f9d6ec1de1d4e2221ad7d549d529a594013b2dcde2d070f6ba92fcbb7"}]}}]}, 0x14c}, 0x1, 0x0, 0x0, 0x11}, 0x20008850)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000000000000bfa30000000000000703000030feffff720af0fff8ffffff71a4f0ff000000002d040000000000003d400300000000006504000001ed000079112800000000006c440000000000007a0ab0fe000000006913182000000000b5040000000000009500000000000000023bc065b7a379d17cf9333379fc9e94ef69912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a715bc5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128c4e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0d40d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d0800af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a76555923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61622cfd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409b0d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c5da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed416d617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b93d000000225d85ae49cee383dc5049276b98fb6853ab39001514da091f5d8f44417cf85cf231a060d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d83a000000c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6ffc3a15d96c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7cd86975023cb08cc7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de2c022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c5538a294270a1ad10c80fef7c24c87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513d01003209620db20fbd4ecbdfb13cdc6c0e57fb1c1ca571380d7b4ead35a655e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f05beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba5823a34a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b728fe26e37037f27feeb744ddcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d0a874c74b777df005c55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a56edb9287eba77f35c35d91f3c62a0ca74836a640224de85f2b4a5fee500abc584327d6a7a4628c4378c9b71dff64075b74a6520adb1f9bb9c6d950d87b40d2cccbcb08c0634ee74658d3e23bf511c8b0bf1b69d2b3782b3f481c314e7bd4615dbbf24c06ac95bd639e68d0e6aa7f0d07bf69a93365f803f0144af37236ea133c2255b0613bf8ba1d538e06c2411e8d70053b712084fd0e313de9bb19200009a3a2190cb039c6f89610acd896319b9c8d1b8aac2eaa5a4d8be7419a09e3fb5be3be2fcdadd2299839cc40e684e6e2b4e1385fde7a0babcb0be672110268a34dad364fddee69e564119cebb6940c6356ff83ca527c573d700000000000000c6299263e6d9097f225de969485bce3d7dc471c0669bb6a467cf0de54dfcc1857048fe22a19dbb1b3cb9babaa839f1f6e817a62d95a5b971ff96a5c66c338c6f2a2da4644519f40761402e9c81013d76c7152c95ba5efa24ce1930f23a802bf057ffb6b0144f3b434a2adc456ef4d2fbdf7c6238c2bb00ffcf2d23d68cb9b027f3b225b678ac6789f7956b66c5692b46ea03abb6a404c8ccceaa4ba4161409fcb54b1039d7d13fb59d6ba1932056435fa2dcb739732e77f75d09ddeec8fe0e849e28e3a643f7aefaa44bf3d63449a61a6fc2526d93ea010a2d09b38b0d55d1e26086de9f00000000000073d0f99bd5f58fc6605a24bd3c59adc54c01835251edd467eee872c0119f276ae4012f33763d8a4c2c47be839acaef3f2cfc39c2a324579cb3ac697f8d98cb3ab3fe3aa5f36339b079cfdd5a5c80066667271d4cb9b51c418a1a14152bd0342505f50d688eadc9b3fa5456e9277a4693d4ff2a1afd5079e033e3f9125f6ed045530c47d74d9fb42fa6a979e1efbc36f7fb482ee861d5b70d58ca47fa6a4ddb3f269ca05f698c87839aded2c00e829d677db6937241062b94364a38efcb799c5f8b015b46ef22f78dd88786df18cba8daab82897dec796dedf0d5f9c35a3ac7ef60b1635f89edc0bfd9e179f7246c4849725fd76ec4685847844f3e701dbbd4caf0059a47e9e8516698aa2b215b05655daf5c7087f71df95d133bb54439dbafee7c4cec4a472e23db8e15cdbfc540f6bc3a87e9dbbe09e6c5ee586381754b55543d6a037872103118cdc6d06905a1e45fc99f422003921a6461160b46a9108ce5fb5905e7f5dcab4b01e8c99c3f774f754cdd119d040bc90060fdbefafdad714d905e43cc21363484971d1bbec38505ac545e2eed343ff30f9fa394ad872b8daa2c56d77e55aff42528f658a7b1586e745445117613dea062ff35110e3f9aae271fec79f594183d25ddce0860756f09c5a15f39fe3291053582d7296e34ee96d737941bfa0eaec611ec01b0b5560d7c356418f426e467a6869bcb14ec91fcfaf160af3ebdb87392c9a4b5713c8373a221dc1ba0ee7e91a92c395897c5bb3706997499236e4c8e4afee8e06dbdcd74c5281c388c326db16103e2ce5214d4ef9e8f82908a6a1b7fb3be19d37a3bb58f2af911449f349862755e942dcee78765783fb838e1a3cf8c094c8e1c8a8383682d3df4a7e6f90339e0a661792b"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
kexec_load(0x10000, 0x8, &(0x7f0000000a40)=[{&(0x7f0000000b80)="c5d70d8de152ec10c06cd6ac287dc56aab2b4f0dbe39e32359387cee55960c2a59c2f39ba7f77c61d724a791bb6189f4be2e4f8176f79ad17fe0b746848fc077c7a37e1b4c999afb509b6a8f695efed6a9478ecfeabf9fbd520810878a6201de85b33c0f4f054178b129428833a63d5cd7ef52aed1c121a3d592b5bd09e5ed9ea9bb623c347ca3b67867d0c99e7ce7ed721fda36f4e5703f1794661686b60a0a654cd598c9d12a4d9e71cd32613bb1fbc09b012bbed3c3eaed60829e62c390d31084b37359437c38969b8b4536fe2639838b9283a2a67618815305ebbfcfdc", 0xdf, 0x1ff}, {&(0x7f0000000740)="ee60b704209778dad6dc2c7bd35a9dbddebb4101def3f7b185c2f0aa34076785f4653e1f83336d6e874b1ccfaf9eba94e0805c9e2e668b3481656770d290193dd3a67171241c047a46dce2c17e4ace7f4583e0ad63a391da991f42f8866f777ecc37c2f9d8d2bd11255ccf3f23c22783c9496d1e2521d497a7e8068b66051fdfa343b7f606e9612f80588ae5a454475df78bdf34fc2089411a9ab9bc48bc914f90d052657b0c07194a1a3c34b645ba905e59cb0c7ffd4f4b1096aea1efaf10baf2694a1972d866d411e772dfcf798aa78875252cbe3aeb8016ecc5a62cd628f870a33fe7a1c5f173ee227cbf6fcbaceb01a0", 0xf2, 0x8, 0xe69f}, {&(0x7f00000005c0)="6ecebdfe8feee7f7c40fe6f3882274a85a2fd6c3b975c62af387623026b6843ff46154be29b5f86e6e38e5f4176f8ce36ff4eb889283868411437cad2a4f5e85fe5c39238624ee9d9f378f155eba09d28f237343d7ed", 0x56, 0x7ff, 0x999}, {&(0x7f0000000200)="5c139dff9220795a4e1788d0e55f9e63116c8fabfa6e4f018fb31949752e92d08a0b60c3e2f37476b06e10b8fa850826fdba62094ce502bf", 0x38, 0x8, 0x2}, {&(0x7f0000000940)="0216de51481a08f92754b2e4158dcf20d523ef5d3075530ecd390ab05301aaff379b1df348cfccafe8b5da535f24091201bd4ec6d1fd1b11e9bc4238909a39e29332de5e41e9a2040125ef91d9f52740944a67e88dd5ad3c970d1591eccb64f427f684a9edbbbba356c76118359535dc1855c3d46f68f63001828d38b01754090092ea4657507914c7176c32310409c42b2a1696c566fa866e2a39fa9e066549676dfa2bb79d5c83a2ee2ea443b68aaf8203be710df2269b4e1ab4198f3aea43b6cfbaecebab010b9e3b5d280647a4671714de996e9abc3e54e7ea80e11c2e668f4ed05e2de280d4aaaff738fbdef0dc20c71be821922cbc75cce509bf39ac", 0xff, 0x3, 0x100000000}, {&(0x7f0000002080)="a7147dcf4da14b21ecc50b4cb08223394ff7a49e6c5d7b559627a67422113bba06c9dfdaded4e94fb92dde690e64380478516ff8492dfbce1da5530457fbf5d856ca31240330c3bdf5aa1d4b3f2cc58f3ae1d0f3a433f40dd3fd87a7a4c433db7b74ae1a60cfc25f94217867aed3f8040fbf83a1cae9002da3e1b1186e52dfdcee7d0271352a2ef9156a88b53ae9f1a1cfb6af2ccb782327c613b590d7edca2b17d5170650509a865a5a1290d62568529c7e38a57866cb3dc9ea55c3e0de0d179d1a6a6d53fae04d00c0345434cb973e2d997f87a0c108628644d1d86d6f912599db90dfad555c8a1ca35bce9e95d7336e063bdad0ed774505709462e04c9965329cd6761553ac41d0f6905f963218ad84c88ed81d652a1c074c646f5e1d11cf33be47a52d2076c4cac4ba76fe2e71fe9cf93e558b4ce4a2493f360567c9c642505e532e79c9cb5f1abfa58bb9c23492d759e110754c4bccb61dfed03055b995af1004c050d4a8481ca0379257f8c5dddbb20fcb0da89e8e0e7cd752bb0df80216107cd2689ce61c3f8c9ef350ffed18be81afe1cf7713d0fd1790774713de19e164001715584ed1635e21ca22c3b82f1f3fcb9bb03d0c552ab12174a80bbb9d2fb5d3fc79e7cfc16ecb6ce2fb90f662209ead54b4ab4a5a62c7d7a08665d0a00258c3951d662703e8f56e0ad30c75f66f01488a0a65f3b80dbe928972e24b62e2f00af94bdedf9ee0538a487b708784a8e86c906200ffae4c6e32ed889c7abd149cdc6c718cffe65a5c344fef40393f35c30d17035b03f6997574b1aff90c62dbbdc1593dacdf115ebe0b1b0e2602721a1b88dacda7ac0b5541f9c40666b5dba755282fb1c06d3792c26aaf52548f098c54ae711dcb2a3f6fc21459a492b2cba7ba8dee9ff7f758bcede6e5b6f41171538609c600636a03c19290f5ee46d744e2f0a5b3129334097a1a63cfa40da219fab257a54b0a6621ceeb05c58e559f34a3ce592c6a729ca076a219d048a110ca5db2569ee5791572a31fe3db35da6de4df230fe37ee2a460c4ea7d118a78079f56b2848f0e418dee169e8546f79e378ccc860799dba4eb4e12204f68afdb35e8e01b958260171ba98835176b268987249f1256c08b434eff6e80c367b91fdba85693237d2d7aee862b2b34a2be8165d21bc6a2bb6d60e52099f4431246872c7b6816979246b5f2e581f220ec68a88c340ff0929e2e7ae87d02e5a190f71f1439a4352d4694dcdc7584f631c9cc6323c3c8d3f9dc929390f5032939128716914ec5e510183b84994097f3f24dae7d3662cfa7b4838fcbc385c2671d49b822d8ae9dc4001bff5d5feb2679ea93255da25229fe72a77af45282c1057d5dbd54327be7b39966d40901ab1d4df4d4de40a326dada84bf3acb9654ff411234da23f32b658f04df5b92b3a1775462c4256891e80457ca9ae75c12f04c3869a80ab0cd57cb9722b8d6e7f915ff3494f8736a79649db3170f692fd88974f51813fc1ceba8c24d670a6bd59db0c7462149cd89c0dd001a2941e3557dd67b993608ae3478d4d36451ad206118f3de2b7eb6f592e90f6b7310e3702653d2390c3b9c5def2d351d7c81f59e2d2935ec35d32a2d72dc28d581a19fd294c337d1b846210906a35986d5ebfd389589296a78dbe80c94786c0c863e4ec51a96f8ffa30e0173b1f0507e5881822a3bd718c7bc2b24b06dfe7f03c5f3b2db6d94f1ad91283de8b4662ea6d8709073a433c245d55e22f06f1fd93674a1395ecb62be980332abc8f0b2f7ade4a08422a5cf57e68f36007ab267d61c0b421672909b2ebcda2406d1c7828b9a5bfd15a44e7de0db52fdf8fdaae4702525c38d2a738870b71805dc998434d617f452fc897fa27ba958d04eee6901caccd230e6ed1036629a4457abc2d429179085a937827143947501e02da6e6c0445bdbfd2c510caf2b132e942e912a7bc92a01f570fa8ccfdb0850776125e514cc48743c0d39ed2d97b6af9d8c4a081a33bcf9fecf19c01aee63065b05a26fd9bf1f2891585d1db5231ead8a226f380fe183a3188403b70018ea1f8f77aa00e6004110f6affd12b8dafd694d2344c4a7a2b5310b878eb8e319e8de5af5a10b772f02a0b50224039a37ec7fe8e63881bee4be468ddcbef70cfab18b50e128ff52829e61672f50e62b92be04d9ee235360049a1c264273d17bc2a7a76e4963741aab8a0c027709f7d13fe659afbb4c3025cb23bf8c98962c1ea5bdabede31d3dab0fb09bb38dc81fd3a1bdbb8cab71e195675ad1b18c78a0b2adb6fc097c1453bc2d6f5a1f9194956290ccdfaaeadd733d8cdc7d94d3144b21ae60a72608980a8e197d42105fa0d31644d02163737e118ed71aaf7ea8e3d69df5ddd7f96a160be61b4ee53ae22497979688990e09391b43ad2370d5b2b97611944f9d637fb559487b54938689ab578a392526bced67d735037cc30595dd2648a40fd0937a9620ed7c2357d0dd1c51f0b4d22e0063fc4564fe04ed9eed97ae2d04afc868f47bb1eeca6bfd9553f754ef0b9dc08cc492184fd0da20e4916b27fef24fea288a5c21d364ca8dce02b008c32953d0e456fecaa3c184fa9d751c3db91614457ba02a6c0a5b40c5f8ea64f8eab7a9f056b5d3cf3458f45120d6329877b931f3bc075dd8b7b1729de7231c13ce6e88da03db4497df56896c6fc4df12753de3cad7a794c2e463b2a00abe479cbcd9c76584bf8ccde1a50dcf3e9ade434fbf9ca16f51dd80dc5aa94b956cb9193937393583bb3e402376a0f71dbd53682b0c9868c7b5effa609e89209d27be69a224c2e3cbf5aa3022737d4a0481157a33938a9c88e2d27ba47d77b9d13f820bbefe54ad5dde83b154aa762226ea9e363f54bb2d34a3d2d50484269646fc0b4dd14cb239ead82d8a93716e8381990af76dda2b2d3736c5791891e0d1d0e1a42401fc5b9c0e6c4f03c38895d6155dbb9322ab08adc6866276f9a56139fcc179b674a596fc2bb321e950c9a2cda1b7e270f39c42f9d27fb52551d2b95b8070bc5d2a35bd0ae2df5abedd51cd99e05bf598d67616f724674f5f4269638be479bbb1515c97938524d8b98d08223e38a1eb65417985b448a1fc37dd9241c15d07b9b1e40c7b294de13372e7362b5bd70d0c6bc7ef3443b2980efb6d92d0c089b152b5f9f7eb4252a5282d873c1c1df4b173e01802cce9eb64003849a0b58ea9a5542cbe04b4ee1006f36052be2cf661b4161f009cd64d1774e969cca28fb0044b8135cdc8edca376dbe168327f5fc4800721ce221e915b99f317506e704f50c2df095319200e81a9f0dfa7c9555e667ad08edc911ccef17a48d3c80e7df66b331afab48f4da0810c2cbc774fe9200269470a6bb236dfef1a6650fb4bbc63720980cd27c905ccebe659805f52cf39eedec98bb507a20e6943f012d22a7df9c9b9064b8c12946fa4e2332f320c763000101b674c766a11333af90e215cecd1b299d9ad61cea6adc6a1b71318fd1e36298909f306b15003730aab9ea2359d3137ff321dbda4fca381ef72fed51f6ff408569c3c8f3dcc1c3eae7670d9039dd26dc3c4d2fb9df6750a97731e1de5770f42887e8a3ec5ba62440ee87d0bafc09c2631bcd4f573ad1590856b40ce06d9aad6d58b4ac416530b57f26671eb50d48922407691441a504b50b63d054e88332087622a72328bb2f88caed1ab178f44e2625e9b8c6eb1dbe2acd9a55e2e6f60906505268efff03220eabe398cf4c9a95d9fc32e242f26d5d58d61e31f881223f48d02b9079ada8be940583deb096d6fec37f921099b7ab162f53e342c5b5b87df5fa57248664c9d60c81b1992c98820060c27bb82a1a5d63cdc75599e1abb89c6fd20b0e8d725fe43c5b1f41c303492c64d355eeca662920e3178b69973cf1f3b36f758bf751f047ef9f6e567257b582e4b9401a15248b7046e7c2a1f515b27816c7c7a18ea93f94b0f2a6af0f741f18cdfbe139cdaf6784f30573606e06e658e0d06f86953f8c7d84f21751219fb02e235ebf0eaea42da8825aa754ef5bd12a3d4397e781170d8ef0190b9c19f49e11dbadca4e6628ddaa408fbe4d6d70a5ebb0db3c09b862c16ad59eb603228476a70e51d28736b7edce597c6afa1bf74197ddd96f4ec463dc8317f8079337e085174c75c1c0c10cad90d933137e5a46ecbd6570877fd9aa849a2dd3e120c2ac951e3126a9026c7b3ed1e7cf4c780d2a2b8227f53221734e885c54732c644d9d72efbd08dedd8a1ece2da3a1f32436eff7e71a506b103e458610b52218b88c3f1b8e8e44d32d4d2198eb9512d1617639bbb684e570b5e27bc59ea3f678a4b6c3e3cea1b3629dbe79131bfecb64d73ee05782b05d9b11a4e3af9fb49ebf5d84c8dafad7d4f24b60e509c49c7b2105a3189ef0b38c2288018a66f0926ac1b4e42838f8077990c6a1617e5e37684bec7a7064923963966d3ac1ce02ea2e168e086a79674ecba98b61f2341b732c52c3e38f1f231566057fc99ce7a34d80e489af293fd3bbe442848f6968928e7bc85c7cbb128e8d6e1de4e97d3b365ac64dc5f64f9413e34f294e6af668ae68c829c307b9b59b6f838f9802709d4d7dcb671bc5a8bf047f59d77414e1abe03272a524e56fdcbac0e898588a33dc6333267fa4bb0deeba67ac6004c7e95cb5639964dd6e44bd1088e5685a9116f7a46c46acfdfaf93a1b79ff9e9acf40de9365f88f59506e5f52a0adc1ef101d5e50761e0c27db880dbc55054b6678ce0392b64007579976bb8e694c60e99c512cf9630bd1945c589b82aaf3a737ac8dfaadd8540bb7ca97a04ec0ce1b1f70e0f52e51dd175a609a89328e1b9c631ca246c1085d8e8595efc25937be513ecaee70b80d8a7d746294bd4282d574b423f6446afdf5d4d3e481537d1653ccc49b9df858ac9917e2501acded3c58bd830cc7277cc61914bb359b3b44ee1f59e2b12b613d4d1fcc4b487d61c4ed420bc550f03ef7c9e7c58312063f9dddeea89cd8f164c3d93a06dd046b87292f81a95a6438c3b59646a5daeaa7ca532bef2b3aae4b848a8945b9278a0463ef3731e8d5d6d0e8df74b8bfb928257c6211ab2112e9579c3207925dddf6c25e1c5a7f8b4c0dde4b01f16a434317d26f270dc01689abffdeb8b4cef99396b5044ad23c7aad0a353cc10c356c48cd170f1f681aa889b2722b9ea450f9c17aad654202226cd99983fcf4fab5b4563bb81c3a8f292d4146cc41fa5fc8bb134d6fe99a2e2a0ab223d4b20c332e8f218d018571cfa45d763e8ae7d6d4bfaab9fb1d795af6a7196e251afb30c0f7869253b5ad0751d2c5f845daca12aadda71d25ae028a1097aabad5e546d569a0e2afdb67a1762af2c1d46137938c77ad7074ac52d9fb82207238064083f33ea296839817f915984d6693d8a06f1e7be40b9b2a7fbbaea2543d953117faec52b308c1e1409fd373c7caeb46741d65aadbd48462e829fbbce82035f39538cfa5acb6434cd37c1e05f3d7167fe9427e28710ffe51058cd7d36ec5dd7307b4415119ac68d854c68c2f3b970bc402daa807b83367420832881f06b578c99105919634aa4930da0006efc3117df7f7d3731207dc90de48757240db90a50f4a5ff73b671f558908fe52e78e13a6044fcd161705c2ec7a2884306476db09033937c02bdf7674509c6c392912c78a4f1a494d0dd852e72cdce73b22ed36e29b8b9cd26f39623c0ce8083a4862d675a8459d5460e715454499a9234c9ea6e4caa6a291814c8054f600d0f04e4ee40ed5fe982f8d5584e79d6504", 0x1000, 0x7, 0xa}, {&(0x7f0000000280)="3665c4a9cdfc36eec19254480b1eff503f42048c157e8c1adc856be64c6f5ee78aa18506e96585f8265858120aac89bbaed3fcaca0af4d3c4e429fd8c5cd4cf9", 0x40, 0x5, 0x39}, {&(0x7f0000000840)="0b40366c3c43fdbe18106ddcace14e61c6715b8cbe6b433440189ed065c40c23f311a00b8ff75a857a0f1f5b43f9c5dd554af4624e6f823356643ba4ed0214c634fbb60a8d52d08f613c1edc4010da4c844e90038948ec4a0dff8e7c2ed8db1024a1f122b6de6e5c96ec600d4b0e4402c22e8d9f49177665502e7caedc86fc9b2b4db0acf582", 0x86, 0x2, 0x6}], 0x1)
linkat(r5, &(0x7f0000000100)='./file1\x00', r5, &(0x7f0000000240)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r6, @ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x16, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r7, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./bus\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x2096, 0x1}}, 0x40)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00002e0000/0x3000)=nil, 0x3000}, 0x1})
r8 = gettid()
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000497000/0x4000)=nil, 0x7fffdfb68000}, 0x1})

407.735881ms ago: executing program 2 (id=446):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0x80000006, 0x4)
bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0)=[@timestamp, @mss, @timestamp, @sack_perm, @window, @timestamp, @window], 0x7)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

299.679677ms ago: executing program 4 (id=447):
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x11000)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c}, 0x38)
socket$netlink(0x10, 0x3, 0x9)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)

286.675002ms ago: executing program 3 (id=448):
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x1000) (async)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
socket(0x1, 0x80000, 0x0) (async)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000380), &(0x7f0000000280)) (async)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
r4 = getpid() (rerun: 32)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='cachefiles_prep_read\x00', r1}, 0x10) (async)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) (async, rerun: 64)
modify_ldt$write(0x1, 0x0, 0x0) (async, rerun: 64)
modify_ldt$write(0x1, 0x0, 0x0) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (rerun: 32)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

241.295164ms ago: executing program 2 (id=449):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$TIOCSCTTY(r0, 0x540e, 0x0)
sync_file_range(r0, 0x1, 0x4, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @udp='udp:syz0\x00'}}, ["", "", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040000}, 0xc800)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x5, 0x18}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x20000001)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x68, 0x0, 0x208, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x54, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000040}, 0x20000040)
timer_settime(0x0, 0x1, &(0x7f0000000440)={{}, {0x77359400}}, &(0x7f0000000480))
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000004c0)={'vxcan0\x00', <r6=>0x0})
sendmsg$can_j1939(r5, &(0x7f0000000640)={&(0x7f0000000500)={0x1d, r6, 0x0, {0x1}, 0xff}, 0x18, &(0x7f0000000600)={&(0x7f0000000540)="f686fa50eb8bd78cbe9714aa4e8e782b92279af217712e30ef02643d147199e6660bd13420c855f68708c7f68e7a2a06cebb5faaa2fc8571d02e086070c1815b7d4046d37b2a536f2ac98863551cb8ab85bae7da7ce5c63fb6f0d23f7c997991d76fba48746eb94b15c7876bf21aa7a117860d45e3cdc4bcab20e2a43f00ce9c2360893fe30e29dcd88f56bb0faafdcac4484967c883cfbaa2e5f96b82e08b9af875af0c7f91c8366da992b546204a725a0838878fc5ce7c9c", 0xb9}, 0x1, 0x0, 0x0, 0x40}, 0x4004)
ioctl$sock_SIOCADDRT(r5, 0x890b, &(0x7f00000006c0)={0x0, @l2={0x1f, 0x1, @none, 0xfff2, 0x2}, @can={0x1d, r6}, @l2={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0x1}, 0x3, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000680)='gre0\x00', 0x3, 0x7, 0x42fe})
ioctl$TIOCNOTTY(r0, 0x5422)
ioctl$EXT4_IOC_GETSTATE(r5, 0x40046629, &(0x7f0000000740))
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r1, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x28, r3, 0x200, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0xfffeffff, 0x2b}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4040004}, 0x8040)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000880)={'filter\x00', 0x45, "b4d9240f6d4aef9fb09d0e14a279a5003feaeada1adb48d46f9e60c3e545025da90b02583070d757f34a62da8396d3f09a7d635c62143b333c4026be96e624dfe90819d9d0"}, &(0x7f0000000900)=0x69)
unlink(&(0x7f0000000940)='./file0\x00')
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000009c0), r1)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x2c, r7, 0x828, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x7fffffff}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000080)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000ac0)={0x0, 0x1000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000b40)={0x6, &(0x7f0000000b00)=[{0x4, 0x3, 0x6, 0x2}, {0x3, 0x1}, {0x9, 0xf, 0xdd, 0x92}, {0x0, 0x8, 0x4, 0xf}, {0x1, 0x10, 0x7, 0x5}, {0x4, 0x6, 0x94, 0x1000}]}, 0x10)
ioctl$TIOCSIG(r0, 0x40045436, 0x2b)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000bc0), r1)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r1, &(0x7f0000000e00)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000c00)={0x190, r9, 0x286, 0x70bd28, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6, 0x16, 0x4c}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x16, 0x930}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x55c}, {0x6, 0x16, 0xff}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x10}, {0x6, 0x16, 0x8}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x753}, {0x6, 0x16, 0x54d}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x10}, {0x6, 0x16, 0x81}, {0x5, 0x12, 0x1}}]}, 0x190}, 0x1, 0x0, 0x0, 0x10}, 0x14)
r10 = syz_open_dev$hidraw(&(0x7f0000000e40), 0x9, 0x2000)
write$hidraw(r10, &(0x7f0000000e80)="873f681c301691a494900500c51f14981ddec5fbe19dca7770541a2333d642740b92333cd58c14519e6c1df18a23ba21728f4d4e0633c1aec5173da5356d6637cb92af679d317ca2ba497afb613d6058d00706ae53723fa9e02591ec347c3796c3686748523e571e6ca1cc4768ab1bbf9449c2c6a932c1afc906e843eabff2530150079ff4cbf7cbbde14ba708b9a9d0303e8fdfd8ba4642d35cb9ccf1334f2317f414ed1514b3052099a1a45c5dbd14", 0xb0)

0s ago: executing program 3 (id=450):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000240))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00000003c0)={0xfe, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x8, '\x00', 0x4, 0x3})

kernel console output (not intermixed with test programs):

 71.466178][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.565524][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   71.641168][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[   71.650670][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[   71.747229][ T5351] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   71.905347][    T9] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[   71.953719][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.981006][    T9] usb 2-1: Product: syz
[   72.694757][    T9] usb 2-1: Manufacturer: syz
[   72.699406][    T9] usb 2-1: SerialNumber: syz
[   72.785990][    T9] usb 2-1: config 0 descriptor??
[   72.809190][    T9] ch341 2-1:0.0: ch341-uart converter detected
[   73.244805][ T5223] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   73.364884][  T940] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   73.395692][ T5223] usb 5-1: device descriptor read/64, error -71
[   73.572424][  T940] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   73.597256][  T940] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[   73.624862][  T940] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   73.641005][ T5341] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   73.665043][ T5223] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   73.666585][  T940] usb 1-1: New USB device found, idVendor=0086, idProduct=0b5b, bcdDevice=e1.c5
[   73.704367][  T940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.713276][  T940] usb 1-1: Product: syz
[   73.722120][  T940] usb 1-1: Manufacturer: syz
[   73.729965][  T940] usb 1-1: SerialNumber: syz
[   73.750238][  T940] usb 1-1: config 0 descriptor??
[   73.844900][ T5223] usb 5-1: device descriptor read/64, error -71
[   74.126306][ T5223] usb usb5-port1: attempt power cycle
[   74.170139][  T940] usb 1-1: USB disconnect, device number 2
[   74.961005][ T5373] netlink: 60 bytes leftover after parsing attributes in process `syz.2.19'.
[   74.972887][    T9] ch341-uart ttyUSB0: failed to read break control: -110
[   75.054417][    T9] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[   75.486004][ T5223] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   75.545681][ T5223] usb 5-1: device descriptor read/8, error -71
[   75.565056][ T5382] FAULT_INJECTION: forcing a failure.
[   75.565056][ T5382] name failslab, interval 1, probability 0, space 0, times 0
[   75.584600][ T5382] CPU: 0 UID: 0 PID: 5382 Comm: syz.2.22 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[   75.595141][ T5382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   75.605215][ T5382] Call Trace:
[   75.608503][ T5382]  <TASK>
[   75.611422][ T5382]  dump_stack_lvl+0x241/0x360
[   75.616105][ T5382]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.621298][ T5382]  ? __pfx__printk+0x10/0x10
[   75.625881][ T5382]  ? __kmalloc_cache_noprof+0x44/0x2c0
[   75.633173][ T5382]  ? __pfx___might_resched+0x10/0x10
[   75.638480][ T5382]  should_fail_ex+0x3b0/0x4e0
[   75.643172][ T5382]  should_failslab+0xac/0x100
[   75.647858][ T5382]  ? bpf_xdp_link_attach+0x179/0x700
[   75.653134][ T5382]  __kmalloc_cache_noprof+0x6c/0x2c0
[   75.658419][ T5382]  ? dev_get_by_index+0x23/0x2d0
[   75.663361][ T5382]  bpf_xdp_link_attach+0x179/0x700
[   75.668471][ T5382]  ? __pfx_lock_acquire+0x10/0x10
[   75.673506][ T5382]  ? __pfx_bpf_xdp_link_attach+0x10/0x10
[   75.679159][ T5382]  ? __fget_files+0x3f6/0x470
[   75.683839][ T5382]  ? __fget_files+0x29/0x470
[   75.688442][ T5382]  ? attach_type_to_prog_type+0x316/0x460
[   75.694152][ T5382]  ? bpf_prog_attach_check_attach_type+0x2cb/0x4b0
[   75.700645][ T5382]  link_create+0x47c/0x8b0
[   75.705076][ T5382]  ? bpf_lsm_bpf+0x9/0x10
[   75.709409][ T5382]  __sys_bpf+0x4bc/0x810
[   75.713641][ T5382]  ? __pfx___sys_bpf+0x10/0x10
[   75.718402][ T5382]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.724383][ T5382]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   75.730721][ T5382]  ? do_syscall_64+0x100/0x230
[   75.735496][ T5382]  __x64_sys_bpf+0x7c/0x90
[   75.739928][ T5382]  do_syscall_64+0xf3/0x230
[   75.744429][ T5382]  ? clear_bhb_loop+0x35/0x90
[   75.749881][ T5382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.755771][ T5382] RIP: 0033:0x7f4c361799b9
[   75.760184][ T5382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.779963][ T5382] RSP: 002b:00007f4c36e9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   75.788374][ T5382] RAX: ffffffffffffffda RBX: 00007f4c36315f80 RCX: 00007f4c361799b9
[   75.796333][ T5382] RDX: 0000000000000040 RSI: 0000000020000240 RDI: 000000000000001c
[   75.804291][ T5382] RBP: 00007f4c36e9b090 R08: 0000000000000000 R09: 0000000000000000
[   75.812261][ T5382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.820228][ T5382] R13: 0000000000000000 R14: 00007f4c36315f80 R15: 00007ffef6c43fa8
[   75.828202][ T5382]  </TASK>
[   75.842048][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   75.855809][ T5223] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   75.907075][ T5223] usb 5-1: device descriptor read/8, error -71
[   76.620409][ T5335] usb 2-1: USB disconnect, device number 2
[   76.635008][ T5223] usb usb5-port1: unable to enumerate USB device
[   76.668141][ T5335] ch341 2-1:0.0: device disconnected
[   76.674930][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.683682][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.827350][ T1171] cfg80211: failed to load regulatory.db
[   77.072790][ T5395] Zero length message leads to an empty skb
[   77.264929][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.273779][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.304455][ T5335] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   77.602763][ T5335] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[   77.878682][ T5335] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.096018][ T5335] usb 1-1: config 0 descriptor??
[   78.128570][ T5335] gspca_main: spca508-2.14.0 probing 8086:0110
[   78.338500][ T5335] gspca_spca508: reg_read err -32
[   78.355312][ T5335] gspca_spca508: reg_read err -32
[   78.375012][ T5335] gspca_spca508: reg_read err -32
[   78.387073][ T5393] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   78.739475][ T5393] netlink: 24 bytes leftover after parsing attributes in process `syz.0.25'.
[   78.774931][ T5393] netlink: 12 bytes leftover after parsing attributes in process `syz.0.25'.
[   78.847373][ T5393] overlayfs: invalid origin (0000)
[   79.035546][ T5335] gspca_spca508: reg_read err -110
[   79.041131][ T5335] gspca_spca508: reg write: error -32
[   79.059240][ T5335] spca508 1-1:0.0: probe with driver spca508 failed with error -32
[   79.225944][    T9] usb 1-1: USB disconnect, device number 3
[   79.497878][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   79.598795][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   79.957388][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   80.734468][ T5450] FAULT_INJECTION: forcing a failure.
[   80.734468][ T5450] name failslab, interval 1, probability 0, space 0, times 0
[   80.747346][ T5450] CPU: 0 UID: 0 PID: 5450 Comm: syz.1.40 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[   80.757868][ T5450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   80.767940][ T5450] Call Trace:
[   80.771226][ T5450]  <TASK>
[   80.774166][ T5450]  dump_stack_lvl+0x241/0x360
[   80.778865][ T5450]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.784078][ T5450]  ? __pfx__printk+0x10/0x10
[   80.788683][ T5450]  ? fs_reclaim_acquire+0x93/0x140
[   80.793805][ T5450]  ? __pfx___might_resched+0x10/0x10
[   80.799109][ T5450]  should_fail_ex+0x3b0/0x4e0
[   80.803807][ T5450]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[   80.809547][ T5450]  should_failslab+0xac/0x100
[   80.814244][ T5450]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[   80.819985][ T5450]  __kmalloc_noprof+0xd8/0x400
[   80.824762][ T5450]  ? kfree+0x4e/0x360
[   80.828763][ T5450]  tomoyo_realpath_from_path+0xcf/0x5e0
[   80.834335][ T5450]  tomoyo_path_number_perm+0x23a/0x880
[   80.839814][ T5450]  ? tomoyo_path_number_perm+0x208/0x880
[   80.845461][ T5450]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   80.851499][ T5450]  ? __fget_files+0x29/0x470
[   80.856106][ T5450]  ? __fget_files+0x3f6/0x470
[   80.860790][ T5450]  ? __fget_files+0x29/0x470
[   80.865394][ T5450]  security_file_ioctl+0x75/0xb0
[   80.870353][ T5450]  __se_sys_ioctl+0x47/0x170
[   80.874962][ T5450]  do_syscall_64+0xf3/0x230
[   80.879472][ T5450]  ? clear_bhb_loop+0x35/0x90
[   80.884159][ T5450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.890058][ T5450] RIP: 0033:0x7fa253f799b9
[   80.894480][ T5450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.914099][ T5450] RSP: 002b:00007fa254e3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   80.922509][ T5450] RAX: ffffffffffffffda RBX: 00007fa254115f80 RCX: 00007fa253f799b9
[   80.930472][ T5450] RDX: 0000000020000100 RSI: 0000000080044325 RDI: 0000000000000003
[   80.938445][ T5450] RBP: 00007fa254e3c090 R08: 0000000000000000 R09: 0000000000000000
[   80.946422][ T5450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.954386][ T5450] R13: 0000000000000000 R14: 00007fa254115f80 R15: 00007fffea0f5868
[   80.962360][ T5450]  </TASK>
[   80.969022][ T5450] ERROR: Out of memory at tomoyo_realpath_from_path.
[   81.332704][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   81.551798][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.567228][ T5471] hub 9-0:1.0: USB hub found
[   81.582175][ T5471] hub 9-0:1.0: 8 ports detected
[   81.592062][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.620726][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   81.760652][    T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   81.803004][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.844512][    T9] usb 3-1: config 0 descriptor??
[   82.278364][    T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   82.345466][    T9] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   82.435892][    T9] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   82.596962][ T1171] usb 3-1: USB disconnect, device number 2
[   82.742940][ T5487] netlink: 'syz.4.52': attribute type 10 has an invalid length.
[   82.769560][ T5487] netlink: 40 bytes leftover after parsing attributes in process `syz.4.52'.
[   82.795992][ T5487] ipvlan1: entered promiscuous mode
[   82.805059][ T5487] ipvlan1: entered allmulticast mode
[   82.819095][ T5487] veth0_vlan: entered allmulticast mode
[   82.852725][ T5487] bridge0: port 3(ipvlan1) entered blocking state
[   82.860343][ T5487] bridge0: port 3(ipvlan1) entered disabled state
[   82.872820][ T5487] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[   82.904893][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   83.104858][    T9] usb 1-1: Using ep0 maxpacket: 16
[   83.129704][    T9] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[   83.143514][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.174725][    T9] usb 1-1: Product: syz
[   83.184271][    T9] usb 1-1: Manufacturer: syz
[   83.203586][    T9] usb 1-1: SerialNumber: syz
[   83.235448][  T940] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   83.275926][    T9] usb 1-1: config 0 descriptor??
[   83.326732][    T9] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[   83.600418][  T940] usb 2-1: Using ep0 maxpacket: 8
[   83.637002][  T940] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   83.637040][  T940] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[   83.640109][  T940] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[   83.640137][  T940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   83.640162][  T940] usb 2-1: SerialNumber: syz
[   83.662173][  T940] hub 2-1:1.0: bad descriptor, ignoring hub
[   83.662247][  T940] hub 2-1:1.0: probe with driver hub failed with error -5
[   83.662950][  T940] cdc_ether 2-1:1.0: skipping garbage
[   83.662973][  T940] usb 2-1: bad CDC descriptors
[   83.882804][ T5516] netlink: 'syz.2.61': attribute type 21 has an invalid length.
[   84.424940][ T1113] usb 1-1: Failed to submit usb control message: -110
[   84.425036][ T1113] usb 1-1: unable to send the bmi data to the device: -110
[   84.425055][ T1113] usb 1-1: unable to get target info from device
[   84.425070][ T1113] usb 1-1: could not get target info (-110)
[   84.427266][ T1113] usb 1-1: could not probe fw (-110)
[   84.605158][ T1171] usb 2-1: USB disconnect, device number 3
[   84.873168][ T5513] tty tty28: ldisc open failed (-12), clearing slot 27
[   86.082550][    T9] usb 1-1: USB disconnect, device number 4
[   86.324543][ T5536] input: syz1 as /devices/virtual/input/input5
[   86.703289][ T5536] use of bytesused == 0 is deprecated and will be removed in the future,
[   86.738191][ T5536] use the actual size instead.
[   86.914984][    T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   87.114703][    T8] usb 2-1: Using ep0 maxpacket: 16
[   87.163118][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   87.211356][    T8] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   87.229667][ T5545] ieee802154 phy0 wpan0: encryption failed: -90
[   87.245970][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.254127][    T8] usb 2-1: Product: syz
[   87.260798][    T8] usb 2-1: Manufacturer: syz
[   87.280352][    T8] usb 2-1: SerialNumber: syz
[   87.309614][    T8] usb 2-1: config 0 descriptor??
[   87.378321][    T8] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[   87.443493][    T8] em28xx 2-1:0.0: DVB interface 0 found: bulk
[   87.675838][    T8] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[   88.771128][    T8] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[   88.811217][    T8] em28xx 2-1:0.0: board has no eeprom
[   88.948819][    T8] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[   88.959080][ T5562] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[   88.970623][    T8] em28xx 2-1:0.0: dvb set to bulk mode.
[   88.984786][  T940] em28xx 2-1:0.0: Binding DVB extension
[   89.060516][    T8] usb 2-1: USB disconnect, device number 4
[   89.096484][    T8] em28xx 2-1:0.0: Disconnecting em28xx
[   89.250378][  T940] em28xx 2-1:0.0: Registering input extension
[   89.280117][    T8] em28xx 2-1:0.0: Closing input extension
[   89.294876][ T5335] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   89.353072][    T8] em28xx 2-1:0.0: Freeing device
[   89.535378][ T5335] usb 3-1: Using ep0 maxpacket: 8
[   90.096070][ T5335] usb 3-1: config 1 has an invalid descriptor of length 181, skipping remainder of the config
[   90.111670][ T5335] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 78, changing to 10
[   90.133599][ T5335] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25344, setting to 1024
[   90.152220][ T5335] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[   95.452923][ T5335] usb 3-1: string descriptor 0 read error: -32
[   95.459222][ T5335] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[   95.549238][ T5335] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   95.695888][ T5335] usb 3-1: can't set config #1, error -71
[   95.746693][ T5335] usb 3-1: USB disconnect, device number 3
[   96.083329][ T5586] Option 'ÍÎÛ^
%ë¼ÞåË' to dns_resolver key: bad/missing value
[   97.404616][    C1] sched: RT throttling activated
[   98.381989][ T5609] capability: warning: `syz.2.87' uses deprecated v2 capabilities in a way that may be insecure
[   98.382923][ T5608] input: syz1 as /devices/virtual/input/input7
[   98.474915][ T5609] netlink: 6 bytes leftover after parsing attributes in process `syz.2.87'.
[   98.521419][ T5609] netlink: 6 bytes leftover after parsing attributes in process `syz.2.87'.
[   98.559990][ T5609] netlink: 6 bytes leftover after parsing attributes in process `syz.2.87'.
[   98.599002][ T5609] netlink: 6 bytes leftover after parsing attributes in process `syz.2.87'.
[   98.698163][ T5219] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   98.707598][ T5219] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   98.715898][ T5219] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   98.723904][ T5219] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   98.732326][ T5219] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   98.740171][ T5219] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  100.214955][ T5597] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'.
[  100.441231][ T5612] chnl_net:caif_netlink_parms(): no params data found
[  100.835010][ T4607] Bluetooth: hci5: command tx timeout
[  101.031033][ T5612] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.041598][ T5612] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.072185][ T5612] bridge_slave_0: entered allmulticast mode
[  101.132778][ T5612] bridge_slave_0: entered promiscuous mode
[  101.162244][ T5612] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.329909][ T5612] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.361144][ T5612] bridge_slave_1: entered allmulticast mode
[  101.369568][ T5612] bridge_slave_1: entered promiscuous mode
[  102.448566][ T5612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.526517][ T5612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.666822][ T5612] team0: Port device team_slave_0 added
[  102.717911][ T5612] team0: Port device team_slave_1 added
[  102.924929][ T4607] Bluetooth: hci5: command tx timeout
[  103.005358][ T5612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.012328][ T5612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.156027][ T5612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.896039][ T5612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.902980][ T5612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.117374][ T5612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.260491][ T5657] process 'syz.1.96' launched './file0' with NULL argv: empty string added
[  104.314751][ T5270] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  104.625371][ T5673] hub 9-0:1.0: USB hub found
[  104.631293][ T5673] hub 9-0:1.0: 8 ports detected
[  104.689216][ T5612] hsr_slave_0: entered promiscuous mode
[  104.716591][ T5270] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  104.748192][ T5270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.762961][ T5612] hsr_slave_1: entered promiscuous mode
[  104.819925][ T5612] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  104.844949][ T5270] usb 3-1: config 0 descriptor??
[  104.912521][ T5612] Cannot create hsr debugfs directory
[  104.926362][ T5270] cp210x 3-1:0.0: cp210x converter detected
[  105.010727][ T4607] Bluetooth: hci5: command tx timeout
[  105.434788][ T5270] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  105.651593][ T5270] usb 3-1: cp210x converter now attached to ttyUSB0
[  106.290653][ T5270] usb 3-1: USB disconnect, device number 4
[  106.429845][ T5270] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  106.581295][ T5612] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.655008][ T5270] cp210x 3-1:0.0: device disconnected
[  107.067038][ T5612] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.084715][ T4607] Bluetooth: hci5: command tx timeout
[  107.292357][ T5612] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.594110][ T5692] trusted_key: syz.4.106 sent an empty control message without MSG_MORE.
[  107.617739][   T29] audit: type=1326 audit(1723712736.393:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5694 comm="syz.2.107" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c361799b9 code=0x0
[  107.649455][ T5612] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.727661][ T5705] netlink: 24 bytes leftover after parsing attributes in process `syz.1.109'.
[  108.048051][ T5711] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  108.231886][ T5612] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.297592][ T5612] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.414558][ T5719] netlink: 16 bytes leftover after parsing attributes in process `syz.2.112'.
[  108.438611][ T5612] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.548590][ T5612] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.734882][  T940] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  108.993975][ T5612] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.995050][  T940] usb 3-1: no configurations
[  109.029820][  T940] usb 3-1: can't read configurations, error -22
[  109.069142][ T5612] 8021q: adding VLAN 0 to HW filter on device team0
[  109.149546][ T1128] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.156754][ T1128] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.235153][  T940] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  109.264120][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.271862][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.446249][  T940] usb 3-1: no configurations
[  109.450940][  T940] usb 3-1: can't read configurations, error -22
[  109.459117][ T5270] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  109.476802][  T940] usb usb3-port1: attempt power cycle
[  109.697480][ T5270] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  109.786950][ T5270] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.805092][ T5270] usb 5-1: Product: syz
[  109.817190][ T5270] usb 5-1: Manufacturer: syz
[  109.823013][ T5270] usb 5-1: SerialNumber: syz
[  109.866667][ T5270] usb 5-1: config 0 descriptor??
[  109.873859][ T5270] ch341 5-1:0.0: ch341-uart converter detected
[  109.944697][  T940] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  109.993685][ T5612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.041755][  T940] usb 3-1: no configurations
[  110.051568][  T940] usb 3-1: can't read configurations, error -22
[  110.227187][  T940] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  110.296185][  T940] usb 3-1: no configurations
[  110.300799][  T940] usb 3-1: can't read configurations, error -22
[  110.335172][  T940] usb usb3-port1: unable to enumerate USB device
[  110.336477][ T5612] veth0_vlan: entered promiscuous mode
[  110.429385][ T5612] veth1_vlan: entered promiscuous mode
[  110.578796][ T5612] veth0_macvtap: entered promiscuous mode
[  110.631161][ T5612] veth1_macvtap: entered promiscuous mode
[  110.748368][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.803618][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.319181][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.828097][ T5270] ch341-uart ttyUSB0: failed to read break control: -110
[  111.850837][ T5270] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  111.871409][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.881715][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.892243][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.902166][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.912687][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.922636][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.933229][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.948099][ T5612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.978516][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.991324][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.010922][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.030669][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.040889][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.054631][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.067001][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.080376][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.092609][ T5612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.104327][ T5612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.117476][ T5612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.142155][ T5612] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.151176][ T5612] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.161290][ T5612] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.172425][ T5612] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.286433][ T5751] input: syz1 as /devices/virtual/input/input9
[  112.319510][ T5270] usb 5-1: USB disconnect, device number 6
[  112.329888][ T5270] ch341 5-1:0.0: device disconnected
[  112.648376][ T4607] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  112.649956][ T5755] xt_addrtype: ipv6 does not support BROADCAST matching
[  112.766026][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.809038][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.894697][ T5270] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  112.942273][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.014178][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.104687][ T5270] usb 3-1: Using ep0 maxpacket: 32
[  113.137068][ T5270] usb 3-1: config 0 has an invalid interface number: 234 but max is 0
[  113.178591][ T5270] usb 3-1: config 0 has no interface number 0
[  113.214788][ T5270] usb 3-1: New USB device found, idVendor=0545, idProduct=8002, bcdDevice= 3.0a
[  113.242055][ T5270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.281240][ T5270] usb 3-1: Product: syz
[  113.309814][ T5270] usb 3-1: Manufacturer: syz
[  113.314442][ T5270] usb 3-1: SerialNumber: syz
[  113.358212][ T5270] usb 3-1: config 0 descriptor??
[  113.364813][   T46] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  113.578185][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  113.605160][ T5270] usb 3-1: USB disconnect, device number 9
[  113.615316][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  113.647685][   T46] usb 4-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  113.691016][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.731880][   T46] usb 4-1: config 0 descriptor??
[  113.765475][   T46] usbhid 4-1:0.0: can't add hid device: -22
[  113.805823][   T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  114.690816][ T5778] =======================================================
[  114.690816][ T5778] WARNING: The mand mount option has been deprecated and
[  114.690816][ T5778]          and is ignored by this kernel. Remove the mand
[  114.690816][ T5778]          option from the mount to silence this warning.
[  114.690816][ T5778] =======================================================
[  115.769460][ T5270] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  116.024820][ T5270] usb 3-1: Using ep0 maxpacket: 8
[  116.037847][ T5270] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.043501][ T5793] netlink: 152 bytes leftover after parsing attributes in process `syz.1.129'.
[  116.086830][ T5270] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  116.162025][ T5270] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  116.197449][ T5270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  116.233863][ T5779] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  116.269286][ T5270] usb 3-1: SerialNumber: syz
[  116.312991][ T5270] hub 3-1:1.0: bad descriptor, ignoring hub
[  116.343613][ T5270] hub 3-1:1.0: probe with driver hub failed with error -5
[  116.353594][ T5270] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  116.635052][ T5267] usb 3-1: USB disconnect, device number 10
[  117.377105][   T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.598668][   T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.887511][   T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.163258][   T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.179030][ T5267] usb 4-1: USB disconnect, device number 2
[  118.490846][ T5812] Bluetooth: MGMT ver 1.23
[  118.574756][ T5335] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  118.782678][   T52] bridge_slave_1: left allmulticast mode
[  118.790323][   T52] bridge_slave_1: left promiscuous mode
[  118.834959][ T5335] usb 2-1: Using ep0 maxpacket: 8
[  118.856991][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.892979][ T5335] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  118.935491][ T5816] hub 9-0:1.0: USB hub found
[  119.002613][ T5816] hub 9-0:1.0: 8 ports detected
[  119.042366][   T52] bridge_slave_0: left allmulticast mode
[  119.055368][ T5335] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  119.098274][   T52] bridge_slave_0: left promiscuous mode
[  119.104149][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.111948][ T5335] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  119.145462][ T5219] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  119.157094][ T5219] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  119.174708][ T5219] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  119.190202][ T5335] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  119.203066][ T5219] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  119.210689][ T5219] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  119.218012][ T5219] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  119.252530][ T5335] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  119.266614][ T5335] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.288185][ T5335] hub 2-1:1.0: bad descriptor, ignoring hub
[  119.294161][ T5335] hub 2-1:1.0: probe with driver hub failed with error -5
[  119.315067][ T5335] cdc_wdm 2-1:1.0: skipping garbage
[  119.320295][ T5335] cdc_wdm 2-1:1.0: skipping garbage
[  119.339128][ T5335] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  119.359339][ T5335] cdc_wdm 2-1:1.0: Unknown control protocol
[  121.315260][ T4607] Bluetooth: hci5: command tx timeout
[  121.379594][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  121.414964][ T5335] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  121.432555][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.455888][ T5267] usb 2-1: USB disconnect, device number 5
[  121.517376][   T52] bond0 (unregistering): Released all slaves
[  121.645133][ T5335] usb 4-1: Using ep0 maxpacket: 16
[  121.704289][ T5335] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.751424][ T5335] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  121.778341][ T5335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  121.799641][ T5335] usb 4-1: SerialNumber: syz
[  121.898685][ T5335] usb 4-1: can't set config #1, error -71
[  121.930917][ T5335] usb 4-1: USB disconnect, device number 3
[  122.354977][  T940] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  122.398602][   T52] hsr_slave_0: left promiscuous mode
[  122.422443][   T52] hsr_slave_1: left promiscuous mode
[  122.460958][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.489142][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.517295][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.569883][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.589685][  T940] usb 2-1: Using ep0 maxpacket: 8
[  122.609553][  T940] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  122.656374][   T52] veth1_macvtap: left promiscuous mode
[  122.666317][   T52] veth0_macvtap: left promiscuous mode
[  122.686583][   T52] veth1_vlan: left promiscuous mode
[  122.693117][  T940] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  122.707261][   T52] veth0_vlan: left promiscuous mode
[  122.744076][  T940] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  122.825101][  T940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  122.903473][  T940] usb 2-1: SerialNumber: syz
[  122.977401][  T940] hub 2-1:1.0: bad descriptor, ignoring hub
[  122.998308][  T940] hub 2-1:1.0: probe with driver hub failed with error -5
[  123.068058][  T940] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  123.191586][  T940] usb 2-1: USB disconnect, device number 6
[  123.430212][ T4607] Bluetooth: hci5: command tx timeout
[  124.926277][    T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  125.207404][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  125.207433][    T8] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[  125.207447][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.208783][    T8] usb 2-1: config 0 descriptor??
[  125.210606][    T8] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[  125.484694][ T4607] Bluetooth: hci5: command tx timeout
[  125.779557][ T5886] openvswitch: netlink: Missing key (keys=100000040, expected=2000)
[  125.797469][ T1171] libceph: connect (1)[c::]:6789 error -101
[  125.804073][ T1171] libceph: mon0 (1)[c::]:6789 connect error
[  126.552923][ T5884] ceph: No mds server is up or the cluster is laggy
[  126.553958][ T1171] libceph: connect (1)[c::]:6789 error -101
[  126.614315][ T1171] libceph: mon0 (1)[c::]:6789 connect error
[  126.755919][   T52] team0 (unregistering): Port device team_slave_1 removed
[  126.934921][ T1171] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  126.946084][   T52] team0 (unregistering): Port device team_slave_0 removed
[  126.984116][ T5899] input: syz1 as /devices/virtual/input/input10
[  127.049707][ T5335] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  127.126474][ T1171] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.136867][ T1171] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  127.170267][ T1171] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  127.188777][ T1171] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.207479][ T1171] usb 4-1: config 0 descriptor??
[  127.220811][ T1171] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  127.268277][ T5335] usb 5-1: Using ep0 maxpacket: 8
[  127.278986][ T5335] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  127.328316][ T5335] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  127.352744][ T5335] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  127.405740][ T5335] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  127.430749][ T5335] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  127.451362][ T5335] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.490563][ T5335] hub 5-1:1.0: bad descriptor, ignoring hub
[  127.505836][ T5335] hub 5-1:1.0: probe with driver hub failed with error -5
[  127.552893][ T5335] cdc_wdm 5-1:1.0: skipping garbage
[  127.558260][ T4607] Bluetooth: hci5: command tx timeout
[  127.584177][ T5335] cdc_wdm 5-1:1.0: skipping garbage
[  127.600960][ T5335] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  127.611090][ T5335] cdc_wdm 5-1:1.0: Unknown control protocol
[  128.047915][    T9] usb 2-1: USB disconnect, device number 7
[  128.694905][   T25] usb 5-1: USB disconnect, device number 7
[  129.190169][ T5335] usb 4-1: USB disconnect, device number 4
[  129.531063][ T5818] chnl_net:caif_netlink_parms(): no params data found
[  129.628976][ T5916] syz.3.162 (5916): attempted to duplicate a private mapping with mremap.  This is not supported.
[  130.219978][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.230692][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.241292][ T5917] netlink: 24 bytes leftover after parsing attributes in process `syz.4.161'.
[  130.257201][ T5818] bridge_slave_0: entered allmulticast mode
[  130.279957][ T5818] bridge_slave_0: entered promiscuous mode
[  130.319207][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.366466][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.388954][ T5818] bridge_slave_1: entered allmulticast mode
[  130.425112][ T5818] bridge_slave_1: entered promiscuous mode
[  130.617267][ T5931] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  130.779280][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.845238][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.023222][ T5818] team0: Port device team_slave_0 added
[  131.043798][ T5818] team0: Port device team_slave_1 added
[  131.120753][ T5944] FAULT_INJECTION: forcing a failure.
[  131.120753][ T5944] name failslab, interval 1, probability 0, space 0, times 0
[  131.168912][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.169693][ T5944] CPU: 0 UID: 0 PID: 5944 Comm: syz.4.165 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  131.186433][ T5944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  131.196477][ T5944] Call Trace:
[  131.199746][ T5944]  <TASK>
[  131.202662][ T5944]  dump_stack_lvl+0x241/0x360
[  131.207344][ T5944]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.212543][ T5944]  ? __pfx__printk+0x10/0x10
[  131.217143][ T5944]  ? __kmalloc_node_noprof+0xb7/0x440
[  131.222512][ T5944]  ? __pfx___might_resched+0x10/0x10
[  131.227795][ T5944]  ? stack_trace_save+0x118/0x1d0
[  131.232807][ T5944]  should_fail_ex+0x3b0/0x4e0
[  131.237473][ T5944]  should_failslab+0xac/0x100
[  131.242137][ T5944]  __kmalloc_node_noprof+0xdf/0x440
[  131.247333][ T5944]  ? __kvmalloc_node_noprof+0x72/0x190
[  131.252779][ T5944]  __kvmalloc_node_noprof+0x72/0x190
[  131.258058][ T5944]  translate_table+0x174/0x2330
[  131.262911][ T5944]  ? __pfx_translate_table+0x10/0x10
[  131.268179][ T5944]  ? __might_fault+0xaa/0x120
[  131.272841][ T5944]  ? __pfx_lock_release+0x10/0x10
[  131.277860][ T5944]  ? __might_fault+0xaa/0x120
[  131.282520][ T5944]  ? __might_fault+0xc6/0x120
[  131.287180][ T5944]  ? _copy_from_user+0xa6/0xe0
[  131.291928][ T5944]  ? copy_from_sockptr_offset+0x6b/0xb0
[  131.297461][ T5944]  do_ip6t_set_ctl+0xe4c/0x1270
[  131.302299][ T5944]  ? __pfx___might_resched+0x10/0x10
[  131.307665][ T5944]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  131.312936][ T5944]  ? __pfx_lock_release+0x10/0x10
[  131.317974][ T5944]  ? __mutex_unlock_slowpath+0x21d/0x750
[  131.323600][ T5944]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  131.329590][ T5944]  nf_setsockopt+0x295/0x2c0
[  131.334180][ T5944]  rawv6_setsockopt+0x327/0x740
[  131.339021][ T5944]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  131.344380][ T5944]  ? __fget_files+0x29/0x470
[  131.348955][ T5944]  ? __mutex_unlock_slowpath+0x21d/0x750
[  131.354574][ T5944]  ? sock_common_setsockopt+0x37/0xc0
[  131.359969][ T5944]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  131.365849][ T5944]  do_sock_setsockopt+0x3af/0x720
[  131.370862][ T5944]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  131.376390][ T5944]  ? __fget_files+0x29/0x470
[  131.380964][ T5944]  ? __fget_files+0x3f6/0x470
[  131.385630][ T5944]  __sys_setsockopt+0x1ae/0x250
[  131.390466][ T5944]  __x64_sys_setsockopt+0xb5/0xd0
[  131.395477][ T5944]  do_syscall_64+0xf3/0x230
[  131.399963][ T5944]  ? clear_bhb_loop+0x35/0x90
[  131.404634][ T5944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.410515][ T5944] RIP: 0033:0x7fc9061799b9
[  131.414921][ T5944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.434517][ T5944] RSP: 002b:00007fc907011038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  131.443019][ T5944] RAX: ffffffffffffffda RBX: 00007fc906316058 RCX: 00007fc9061799b9
[  131.450989][ T5944] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
[  131.458944][ T5944] RBP: 00007fc907011090 R08: 0000000000000488 R09: 0000000000000000
[  131.466899][ T5944] R10: 0000000020000b00 R11: 0000000000000246 R12: 0000000000000001
[  131.474853][ T5944] R13: 0000000000000000 R14: 00007fc906316058 R15: 00007fff0b088d48
[  131.482814][ T5944]  </TASK>
[  131.504715][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.545087][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.583928][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.608030][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.511602][   T29] audit: type=1800 audit(1723712760.533:3): pid=5949 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.167" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  132.572040][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  133.085920][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[  133.094750][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[  133.294520][ T5818] hsr_slave_0: entered promiscuous mode
[  133.335664][ T5818] hsr_slave_1: entered promiscuous mode
[  133.359335][ T5818] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  133.385305][ T5818] Cannot create hsr debugfs directory
[  133.555964][ T5335] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  133.764923][ T5335] usb 3-1: Using ep0 maxpacket: 8
[  133.774009][ T5335] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.802036][ T5335] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  133.835766][ T5335] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  133.894675][ T5335] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  133.936490][ T5335] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  133.970988][ T5335] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.022864][ T5335] hub 3-1:1.0: bad descriptor, ignoring hub
[  134.034389][ T5335] hub 3-1:1.0: probe with driver hub failed with error -5
[  134.068455][ T5335] cdc_wdm 3-1:1.0: skipping garbage
[  134.091661][ T5335] cdc_wdm 3-1:1.0: skipping garbage
[  134.116621][ T5335] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  134.124706][ T1171] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  134.142390][ T5335] cdc_wdm 3-1:1.0: Unknown control protocol
[  134.326464][ T1171] usb 5-1: Using ep0 maxpacket: 32
[  134.352532][ T1171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.379674][ T1171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.412304][ T1171] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  134.448908][ T1171] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.469706][ T1171] usb 5-1: config 0 descriptor??
[  134.573900][ T5818] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  134.676884][ T5818] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  134.723681][ T5818] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  134.766920][ T5818] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  134.902190][ T5992] netlink: 24 bytes leftover after parsing attributes in process `syz.1.179'.
[  134.975209][ T5994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.179'.
[  134.986560][ T1171] koneplus 0003:1E7D:2D51.0002: unknown main item tag 0x0
[  134.993688][ T1171] koneplus 0003:1E7D:2D51.0002: unknown main item tag 0x0
[  135.048343][ T5994] netlink: 12 bytes leftover after parsing attributes in process `syz.1.179'.
[  135.074431][ T5995] can: request_module (can-proto-3) failed.
[  135.077259][ T1171] koneplus 0003:1E7D:2D51.0002: unknown main item tag 0x0
[  135.119761][ T1171] koneplus 0003:1E7D:2D51.0002: unknown main item tag 0x0
[  135.159240][ T1171] koneplus 0003:1E7D:2D51.0002: unknown main item tag 0x0
[  135.198365][ T1171] koneplus 0003:1E7D:2D51.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.4-1/input0
[  135.214868][ T1171] koneplus 0003:1E7D:2D51.0002: couldn't init struct koneplus_device
[  135.263405][ T1171] koneplus 0003:1E7D:2D51.0002: couldn't install mouse
[  135.295911][ T1171] koneplus 0003:1E7D:2D51.0002: probe with driver koneplus failed with error -32
[  135.305771][ T5269] usb 3-1: USB disconnect, device number 11
[  135.316081][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.331786][ T1171] usb 5-1: USB disconnect, device number 8
[  135.380734][ T5818] 8021q: adding VLAN 0 to HW filter on device team0
[  135.398157][ T1128] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.405341][ T1128] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.493391][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.500592][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.526043][ T6004] overlayfs: conflicting options: metacopy=off,verity=require
[  135.547113][ T6009] netlink: 24 bytes leftover after parsing attributes in process `syz.1.182'.
[  135.711976][ T5818] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  135.745042][ T5818] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  135.815658][ T6012] tipc: Started in network mode
[  135.839750][ T6012] tipc: Node identity 1, cluster identity 4711
[  135.846798][ T6012] tipc: Node number set to 1
[  136.306273][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  136.514987][    T9] usb 5-1: Using ep0 maxpacket: 8
[  136.521577][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.565052][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  136.624128][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  136.678540][ T5818] veth0_vlan: entered promiscuous mode
[  136.710728][ T5818] veth1_vlan: entered promiscuous mode
[  136.772560][ T5818] veth0_macvtap: entered promiscuous mode
[  136.783261][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  136.800279][ T5818] veth1_macvtap: entered promiscuous mode
[  136.830599][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.864253][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.879923][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  136.916759][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  136.937652][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.947232][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.990562][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.037684][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.082189][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.114864][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.142086][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.314912][    T9] usb 5-1: usb_control_msg returned -32
[  137.336188][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.340780][ T6034] netlink: 448 bytes leftover after parsing attributes in process `syz.3.189'.
[  137.356548][    T9] usbtmc 5-1:16.0: can't read capabilities
[  138.139579][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.309042][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.452843][ T6034] unsupported nla_type 14345
[  138.652256][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.803011][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.055075][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.148641][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.163989][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.174659][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.184529][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.199504][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.211690][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.235781][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.280197][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.382079][  T940] usb 5-1: USB disconnect, device number 9
[  139.414189][ T6050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.191'.
[  140.511622][ T5818] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.544875][ T5818] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.587780][ T5818] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.622997][ T5818] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.886485][ T6062] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  140.959545][    T8] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  140.993714][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.015940][ T6062] program syz.1.194 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.053979][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.103707][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.112601][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.204792][    T8] usb 5-1: Using ep0 maxpacket: 8
[  141.233605][    T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  141.264690][    T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  141.294079][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  141.315208][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  141.341937][    T8] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  141.366745][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.223981][    T8] hub 5-1:1.0: bad descriptor, ignoring hub
[  142.255529][    T8] hub 5-1:1.0: probe with driver hub failed with error -5
[  142.297250][    T8] cdc_wdm 5-1:1.0: skipping garbage
[  142.302489][    T8] cdc_wdm 5-1:1.0: skipping garbage
[  142.328495][    T8] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  142.349665][    T8] cdc_wdm 5-1:1.0: Unknown control protocol
[  142.964842][ T5269] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  143.164714][ T5269] usb 4-1: device descriptor read/64, error -71
[  143.174873][ T5335] usb 5-1: USB disconnect, device number 10
[  143.434698][ T5269] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  143.594879][ T5269] usb 4-1: device descriptor read/64, error -71
[  143.725412][ T5269] usb usb4-port1: attempt power cycle
[  144.164834][ T5269] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  144.237997][ T5269] usb 4-1: device descriptor read/8, error -71
[  145.170253][ T5269] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  145.325410][ T5269] usb 4-1: device descriptor read/8, error -71
[  145.510619][ T5269] usb usb4-port1: unable to enumerate USB device
[  146.886281][ T6140] FAULT_INJECTION: forcing a failure.
[  146.886281][ T6140] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  146.899495][ T6140] CPU: 0 UID: 0 PID: 6140 Comm: syz.1.213 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  146.910090][ T6140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  146.920151][ T6140] Call Trace:
[  146.923438][ T6140]  <TASK>
[  146.926374][ T6140]  dump_stack_lvl+0x241/0x360
[  146.931088][ T6140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.936308][ T6140]  ? __pfx__printk+0x10/0x10
[  146.940917][ T6140]  ? __pfx_lock_release+0x10/0x10
[  146.945963][ T6140]  should_fail_ex+0x3b0/0x4e0
[  146.950657][ T6140]  _copy_from_user+0x2f/0xe0
[  146.955269][ T6140]  copy_msghdr_from_user+0xae/0x680
[  146.960489][ T6140]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  146.966327][ T6140]  __sys_sendmsg+0x23d/0x3a0
[  146.970930][ T6140]  ? __pfx___sys_sendmsg+0x10/0x10
[  146.976087][ T6140]  ? __pfx___schedule+0x10/0x10
[  146.980957][ T6140]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.987307][ T6140]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.993649][ T6140]  ? do_syscall_64+0xb6/0x230
[  146.998332][ T6140]  do_syscall_64+0xf3/0x230
[  147.002840][ T6140]  ? clear_bhb_loop+0x35/0x90
[  147.007527][ T6140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.013425][ T6140] RIP: 0033:0x7fa253f799b9
[  147.017844][ T6140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.037472][ T6140] RSP: 002b:00007fa254dfa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.045901][ T6140] RAX: ffffffffffffffda RBX: 00007fa254116130 RCX: 00007fa253f799b9
[  147.053878][ T6140] RDX: 0000000000000000 RSI: 0000000020000740 RDI: 0000000000000009
[  147.062200][ T6140] RBP: 00007fa254dfa090 R08: 0000000000000000 R09: 0000000000000000
[  147.070181][ T6140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.078174][ T6140] R13: 0000000000000000 R14: 00007fa254116130 R15: 00007fffea0f5868
[  147.086176][ T6140]  </TASK>
[  147.304746][ T5335] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  148.458696][ T5335] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[  148.476269][ T5335] usb 1-1: config 0 has no interface number 0
[  148.609353][ T5335] usb 1-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice= d.92
[  148.621355][    T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  148.831000][ T5335] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.979500][ T5335] usb 1-1: Product: syz
[  149.007169][    T8] usb 2-1: Using ep0 maxpacket: 8
[  149.014752][  T940] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  149.074075][ T5335] usb 1-1: config 0 descriptor??
[  149.113342][    T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  149.351239][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  149.360355][ T5335] usb 1-1: can't set config #0, error -71
[  149.372462][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  149.384889][ T5335] usb 1-1: USB disconnect, device number 5
[  149.393316][  T940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.434786][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  149.461072][  T940] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  149.486071][  T940] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.494458][    T8] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  149.563933][  T940] usb 5-1: config 0 descriptor??
[  149.581081][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.694105][    T8] hub 2-1:1.0: bad descriptor, ignoring hub
[  149.713691][    T8] hub 2-1:1.0: probe with driver hub failed with error -5
[  149.735670][    T8] cdc_wdm 2-1:1.0: skipping garbage
[  149.740951][    T8] cdc_wdm 2-1:1.0: skipping garbage
[  149.756980][    T8] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  149.764238][    T8] cdc_wdm 2-1:1.0: Unknown control protocol
[  149.954722][ T5270] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  150.157506][ T5270] usb 3-1: Using ep0 maxpacket: 16
[  150.172251][ T5270] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  150.192741][ T5270] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  150.201897][ T5270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.214083][ T5270] usb 3-1: config 0 descriptor??
[  150.272349][  T940] usbhid 5-1:0.0: can't add hid device: -71
[  150.288034][  T940] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  150.330020][  T940] usb 5-1: USB disconnect, device number 11
[  150.585110][ T5335] usb 2-1: USB disconnect, device number 8
[  150.636317][ T6166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.651026][ T6166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.672131][ T5270] hid (null): report_id 2838798905 is invalid
[  150.680384][ T5270] hid (null): unknown global tag 0xc
[  150.684497][ T6179] veth1: mtu less than device minimum
[  150.686034][ T5270] hid (null): unknown global tag 0xa5
[  150.701759][ T5270] hid (null): unknown global tag 0xd
[  150.721972][ T5270] hid (null): unknown global tag 0xc
[  150.730561][ T5270] hid-generic 0003:0158:0100.0003: unknown main item tag 0x1
[  150.758983][ T5270] hid-generic 0003:0158:0100.0003: unexpected long global item
[  150.783739][ T5270] hid-generic 0003:0158:0100.0003: probe with driver hid-generic failed with error -22
[  150.836659][ T6179] Process accounting resumed
[  151.008240][ T5270] usb 3-1: USB disconnect, device number 12
[  151.119742][ T6182] FAULT_INJECTION: forcing a failure.
[  151.119742][ T6182] name failslab, interval 1, probability 0, space 0, times 0
[  151.235067][ T6182] CPU: 1 UID: 0 PID: 6182 Comm: syz.4.223 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  151.245681][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  151.255725][ T6182] Call Trace:
[  151.258988][ T6182]  <TASK>
[  151.261900][ T6182]  dump_stack_lvl+0x241/0x360
[  151.266570][ T6182]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.271752][ T6182]  ? __pfx__printk+0x10/0x10
[  151.276332][ T6182]  ? fs_reclaim_acquire+0x93/0x140
[  151.281433][ T6182]  ? __pfx___might_resched+0x10/0x10
[  151.286728][ T6182]  should_fail_ex+0x3b0/0x4e0
[  151.291394][ T6182]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  151.297117][ T6182]  should_failslab+0xac/0x100
[  151.301818][ T6182]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  151.307554][ T6182]  __kmalloc_noprof+0xd8/0x400
[  151.312332][ T6182]  ? kfree+0x4e/0x360
[  151.316333][ T6182]  tomoyo_realpath_from_path+0xcf/0x5e0
[  151.321906][ T6182]  tomoyo_path_number_perm+0x23a/0x880
[  151.327468][ T6182]  ? tomoyo_path_number_perm+0x208/0x880
[  151.333112][ T6182]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  151.339146][ T6182]  ? __fget_files+0x29/0x470
[  151.343747][ T6182]  ? __fget_files+0x3f6/0x470
[  151.348433][ T6182]  ? __fget_files+0x29/0x470
[  151.353037][ T6182]  security_file_ioctl+0x75/0xb0
[  151.357990][ T6182]  __se_sys_ioctl+0x47/0x170
[  151.362597][ T6182]  do_syscall_64+0xf3/0x230
[  151.367108][ T6182]  ? clear_bhb_loop+0x35/0x90
[  151.371795][ T6182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.377708][ T6182] RIP: 0033:0x7fc9061799b9
[  151.382132][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.401750][ T6182] RSP: 002b:00007fc907032038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  151.410178][ T6182] RAX: ffffffffffffffda RBX: 00007fc906315f80 RCX: 00007fc9061799b9
[  151.418156][ T6182] RDX: 0000000020000040 RSI: 0000000080047453 RDI: 0000000000000003
[  151.426133][ T6182] RBP: 00007fc907032090 R08: 0000000000000000 R09: 0000000000000000
[  151.434108][ T6182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.442086][ T6182] R13: 0000000000000000 R14: 00007fc906315f80 R15: 00007fff0b088d48
[  151.450084][ T6182]  </TASK>
[  151.485993][ T6188] netlink: 'syz.3.225': attribute type 15 has an invalid length.
[  151.493853][ T6188] netlink: 719 bytes leftover after parsing attributes in process `syz.3.225'.
[  151.520377][   T29] audit: type=1326 audit(1723712780.263:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.001085][ T6182] ERROR: Out of memory at tomoyo_realpath_from_path.
[  152.064788][   T29] audit: type=1326 audit(1723712780.263:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.090822][   T29] audit: type=1326 audit(1723712780.273:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.120162][ T5269] usb 2-1: new low-speed USB device number 9 using dummy_hcd
[  152.140911][   T29] audit: type=1326 audit(1723712780.273:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.337153][   T29] audit: type=1326 audit(1723712780.273:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.359388][   T29] audit: type=1326 audit(1723712780.273:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.385772][ T5269] usb 2-1: device descriptor read/64, error -71
[  152.414791][   T29] audit: type=1326 audit(1723712780.273:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.458815][   T29] audit: type=1326 audit(1723712780.273:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.633160][   T29] audit: type=1326 audit(1723712780.273:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.754986][ T5269] usb 2-1: new low-speed USB device number 10 using dummy_hcd
[  152.818747][   T29] audit: type=1326 audit(1723712780.273:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6184 comm="syz.3.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  152.969556][ T5269] usb 2-1: device descriptor read/64, error -71
[  153.148231][ T5269] usb usb2-port1: attempt power cycle
[  153.185848][  T940] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  154.145947][ T6219] hub 9-0:1.0: USB hub found
[  154.161154][ T6219] hub 9-0:1.0: 8 ports detected
[  154.237621][  T940] usb 3-1: Using ep0 maxpacket: 8
[  154.247150][  T940] usb 3-1: config 1 has an invalid descriptor of length 176, skipping remainder of the config
[  154.264715][  T940] usb 3-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  154.276359][  T940] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  154.310543][  T940] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  154.322340][  T940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  154.466707][  T940] usb 3-1: SerialNumber: syz
[  154.480309][ T5269] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[  154.481734][  T940] hub 3-1:1.0: bad descriptor, ignoring hub
[  154.513619][  T940] hub 3-1:1.0: probe with driver hub failed with error -5
[  154.673019][    T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  154.866077][    T9] usb 1-1: Using ep0 maxpacket: 8
[  155.200185][ T5269] usb 2-1: device not accepting address 11, error -71
[  155.213786][  T940] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  155.214906][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  155.214930][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  155.214969][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  155.214993][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  155.215030][    T9] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  155.215051][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.237420][    T9] hub 1-1:1.0: bad descriptor, ignoring hub
[  155.237450][    T9] hub 1-1:1.0: probe with driver hub failed with error -5
[  155.237920][    T9] cdc_wdm 1-1:1.0: skipping garbage
[  155.237935][    T9] cdc_wdm 1-1:1.0: skipping garbage
[  155.243189][    T9] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  155.243210][    T9] cdc_wdm 1-1:1.0: Unknown control protocol
[  155.259188][ T6229] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  155.259532][ T6229] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  155.280086][  T940] usb 3-1: USB disconnect, device number 13
[  155.523239][ T6234] hub 9-0:1.0: USB hub found
[  155.531302][ T6234] hub 9-0:1.0: 8 ports detected
[  155.576653][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.034849][ T5269] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  157.044721][ T1171] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  157.250275][ T5269] usb 2-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  157.262699][ T1171] usb 3-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  157.283445][ T5269] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  157.298909][ T1171] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  158.054827][ T5269] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.063120][ T1171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.078167][ T5269] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  158.099462][ T1171] aiptek 3-1:17.0: interface has no int in endpoints, but must have minimum 1
[  158.134563][ T6258] FAULT_INJECTION: forcing a failure.
[  158.134563][ T6258] name failslab, interval 1, probability 0, space 0, times 0
[  158.179603][ T6258] CPU: 1 UID: 0 PID: 6258 Comm: syz.4.243 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  158.190218][ T6258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  158.200285][ T6258] Call Trace:
[  158.203579][ T6258]  <TASK>
[  158.206520][ T6258]  dump_stack_lvl+0x241/0x360
[  158.211223][ T6258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.216443][ T6258]  ? __pfx__printk+0x10/0x10
[  158.221053][ T6258]  ? fs_reclaim_acquire+0x93/0x140
[  158.226178][ T6258]  ? __pfx___might_resched+0x10/0x10
[  158.231487][ T6258]  should_fail_ex+0x3b0/0x4e0
[  158.236175][ T6258]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  158.241900][ T6258]  should_failslab+0xac/0x100
[  158.246583][ T6258]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  158.252298][ T6258]  __kmalloc_noprof+0xd8/0x400
[  158.257056][ T6258]  ? kfree+0x4e/0x360
[  158.261032][ T6258]  tomoyo_realpath_from_path+0xcf/0x5e0
[  158.266581][ T6258]  tomoyo_path_number_perm+0x23a/0x880
[  158.272033][ T6258]  ? tomoyo_path_number_perm+0x208/0x880
[  158.277654][ T6258]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  158.283656][ T6258]  ? __fget_files+0x29/0x470
[  158.288235][ T6258]  ? __fget_files+0x3f6/0x470
[  158.292910][ T6258]  ? __fget_files+0x29/0x470
[  158.297496][ T6258]  security_file_ioctl+0x75/0xb0
[  158.302431][ T6258]  __se_sys_ioctl+0x47/0x170
[  158.307024][ T6258]  do_syscall_64+0xf3/0x230
[  158.311519][ T6258]  ? clear_bhb_loop+0x35/0x90
[  158.316187][ T6258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.322068][ T6258] RIP: 0033:0x7fc9061799b9
[  158.326473][ T6258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.346067][ T6258] RSP: 002b:00007fc907032038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.354469][ T6258] RAX: ffffffffffffffda RBX: 00007fc906315f80 RCX: 00007fc9061799b9
[  158.362431][ T6258] RDX: 0000000020000340 RSI: 00000000c040564a RDI: 0000000000000003
[  158.370391][ T6258] RBP: 00007fc907032090 R08: 0000000000000000 R09: 0000000000000000
[  158.378350][ T6258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.386306][ T6258] R13: 0000000000000000 R14: 00007fc906315f80 R15: 00007fff0b088d48
[  158.394277][ T6258]  </TASK>
[  158.558762][ T6258] ERROR: Out of memory at tomoyo_realpath_from_path.
[  163.873329][ T5268] usb 2-1: USB disconnect, device number 13
[  163.891540][  T940] usb 3-1: USB disconnect, device number 14
[  164.832374][ T5269] usb 1-1: USB disconnect, device number 6
[  164.944411][ T6272] FAULT_INJECTION: forcing a failure.
[  164.944411][ T6272] name failslab, interval 1, probability 0, space 0, times 0
[  164.997022][ T6272] CPU: 0 UID: 0 PID: 6272 Comm: syz.1.245 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  165.008744][ T6272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  165.008773][ T6272] Call Trace:
[  165.008783][ T6272]  <TASK>
[  165.008792][ T6272]  dump_stack_lvl+0x241/0x360
[  165.008825][ T6272]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.008841][ T6272]  ? __pfx__printk+0x10/0x10
[  165.008857][ T6272]  ? fs_reclaim_acquire+0x93/0x140
[  165.008871][ T6272]  ? __pfx___might_resched+0x10/0x10
[  165.008887][ T6272]  should_fail_ex+0x3b0/0x4e0
[  165.008901][ T6272]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  165.008916][ T6272]  should_failslab+0xac/0x100
[  165.008930][ T6272]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  165.008943][ T6272]  __kmalloc_noprof+0xd8/0x400
[  165.008957][ T6272]  ? kfree+0x4e/0x360
[  165.008971][ T6272]  tomoyo_realpath_from_path+0xcf/0x5e0
[  165.008992][ T6272]  tomoyo_path_number_perm+0x23a/0x880
[  165.009008][ T6272]  ? tomoyo_path_number_perm+0x208/0x880
[  165.009021][ T6272]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.009056][ T6272]  ? __fget_files+0x29/0x470
[  165.009070][ T6272]  ? __fget_files+0x3f6/0x470
[  165.009080][ T6272]  ? __fget_files+0x29/0x470
[  165.009095][ T6272]  security_file_ioctl+0x75/0xb0
[  165.009111][ T6272]  __se_sys_ioctl+0x47/0x170
[  165.009128][ T6272]  do_syscall_64+0xf3/0x230
[  165.009139][ T6272]  ? clear_bhb_loop+0x35/0x90
[  165.009153][ T6272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.009164][ T6272] RIP: 0033:0x7fa253f799b9
[  165.009176][ T6272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.009185][ T6272] RSP: 002b:00007fa254e3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.009198][ T6272] RAX: ffffffffffffffda RBX: 00007fa254115f80 RCX: 00007fa253f799b9
[  165.009207][ T6272] RDX: 0000000020000000 RSI: 0000000000008922 RDI: 0000000000000003
[  165.009214][ T6272] RBP: 00007fa254e3c090 R08: 0000000000000000 R09: 0000000000000000
[  165.009221][ T6272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.009228][ T6272] R13: 0000000000000000 R14: 00007fa254115f80 R15: 00007fffea0f5868
[  165.009244][ T6272]  </TASK>
[  165.040898][ T6272] ERROR: Out of memory at tomoyo_realpath_from_path.
[  165.158388][ T4607] Bluetooth: hci0: Malformed HCI Event: 0x22
[  165.160547][ T6285] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[  165.255809][ T5374] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  165.414804][ T5374] usb 5-1: device descriptor read/64, error -71
[  165.704708][ T5374] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  165.791501][ T6283] FAULT_INJECTION: forcing a failure.
[  165.791501][ T6283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.820886][ T6283] CPU: 1 UID: 0 PID: 6283 Comm: syz.2.250 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  165.831507][ T6283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  165.841569][ T6283] Call Trace:
[  165.844853][ T6283]  <TASK>
[  165.847789][ T6283]  dump_stack_lvl+0x241/0x360
[  165.852493][ T6283]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.857709][ T6283]  ? __pfx__printk+0x10/0x10
[  165.862319][ T6283]  ? snprintf+0xda/0x120
[  165.866572][ T6283]  should_fail_ex+0x3b0/0x4e0
[  165.871264][ T6283]  _copy_to_user+0x2f/0xb0
[  165.875700][ T6283]  simple_read_from_buffer+0xca/0x150
[  165.881090][ T6283]  proc_fail_nth_read+0x1e9/0x250
[  165.886131][ T6283]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.891726][ T6283]  ? rw_verify_area+0x520/0x6b0
[  165.896587][ T6283]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.902145][ T6283]  vfs_read+0x204/0xbc0
[  165.906314][ T6283]  ? __pfx_lock_release+0x10/0x10
[  165.911354][ T6283]  ? __pfx_vfs_read+0x10/0x10
[  165.916048][ T6283]  ? __fget_files+0x29/0x470
[  165.920645][ T6283]  ? __fget_files+0x3f6/0x470
[  165.925343][ T6283]  ksys_read+0x1a0/0x2c0
[  165.929601][ T6283]  ? __pfx_ksys_read+0x10/0x10
[  165.934369][ T6283]  ? arch_syscall_is_vdso_sigreturn+0x125/0x1a0
[  165.940625][ T6283]  ? syscall_user_dispatch+0x4e/0x90
[  165.945921][ T6283]  do_syscall_64+0xf3/0x230
[  165.950429][ T6283]  ? clear_bhb_loop+0x35/0x90
[  165.955115][ T6283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.961017][ T6283] RIP: 0033:0x7f4c361783fc
[  165.965435][ T6283] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  165.985046][ T6283] RSP: 002b:00007f4c36e9b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  165.993478][ T6283] RAX: ffffffffffffffda RBX: 00007f4c36315f80 RCX: 00007f4c361783fc
[  166.001452][ T6283] RDX: 000000000000000f RSI: 00007f4c36e9b0a0 RDI: 0000000000000003
[  166.009426][ T6283] RBP: 00007f4c36e9b090 R08: 0000000000000000 R09: 0000000000000000
[  166.017398][ T6283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.025377][ T6283] R13: 0000000000000000 R14: 00007f4c36315f80 R15: 00007ffef6c43fa8
[  166.033375][ T6283]  </TASK>
[  166.099910][ T5374] usb 5-1: device descriptor read/64, error -71
[  166.183626][ T5219] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  166.193175][ T5219] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  166.205551][ T5219] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  166.214005][ T5219] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  166.221999][ T5219] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  166.231140][ T5219] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  166.265505][ T5374] usb usb5-port1: attempt power cycle
[  166.416430][ T6292] netlink: 24 bytes leftover after parsing attributes in process `syz.1.253'.
[  166.480395][ T6294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.253'.
[  166.674993][ T5374] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  166.718214][ T5374] usb 5-1: device descriptor read/8, error -71
[  167.014707][ T5374] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  167.066046][ T5374] usb 5-1: device descriptor read/8, error -71
[  167.186435][ T5374] usb usb5-port1: unable to enumerate USB device
[  167.424388][ T2923] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.453815][ T6295] chnl_net:caif_netlink_parms(): no params data found
[  167.519078][ T2923] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.594912][ T5374] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  167.602552][ T1171] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  167.632140][ T2923] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.675524][ T6295] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.685012][ T6295] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.693422][ T6295] bridge_slave_0: entered allmulticast mode
[  167.706558][ T6295] bridge_slave_0: entered promiscuous mode
[  167.727454][ T2923] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.744273][ T6295] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.760709][ T6295] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.773635][ T6295] bridge_slave_1: entered allmulticast mode
[  167.788868][ T6295] bridge_slave_1: entered promiscuous mode
[  167.819369][ T5374] usb 2-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  167.830919][ T1171] usb 3-1: Using ep0 maxpacket: 8
[  167.842931][ T5374] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  167.854467][ T5374] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.870801][ T1171] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.886032][ T5374] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  167.896297][ T1171] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  167.910967][ T1171] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  167.923489][ T1171] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  167.948621][ T1171] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  167.982569][ T1171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.991866][ T6295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.023408][ T2923] bridge_slave_1: left allmulticast mode
[  168.029958][ T1171] hub 3-1:1.0: bad descriptor, ignoring hub
[  168.039642][ T1171] hub 3-1:1.0: probe with driver hub failed with error -5
[  168.047264][ T2923] bridge_slave_1: left promiscuous mode
[  168.053917][ T2923] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.063912][ T1171] cdc_wdm 3-1:1.0: skipping garbage
[  168.071792][ T1171] cdc_wdm 3-1:1.0: skipping garbage
[  168.215930][ T1171] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  168.229788][ T1171] cdc_wdm 3-1:1.0: Unknown control protocol
[  168.245110][ T2923] bridge_slave_0: left allmulticast mode
[  168.333993][ T4607] Bluetooth: hci6: command tx timeout
[  169.073818][ T2923] bridge_slave_0: left promiscuous mode
[  169.113101][ T2923] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.364811][ T4607] Bluetooth: hci6: command tx timeout
[  170.640867][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  170.640885][   T29] audit: type=1326 audit(1723712799.433:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6323 comm="syz.3.259" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x0
[  170.705581][  T940] usb 3-1: USB disconnect, device number 15
[  171.071896][ T2923] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.098685][ T2923] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.123776][ T2923] bond0 (unregistering): Released all slaves
[  171.149235][ T6295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.311457][  T940] usb 2-1: USB disconnect, device number 14
[  171.507742][ T6295] team0: Port device team_slave_0 added
[  171.895177][ T6295] team0: Port device team_slave_1 added
[  172.434723][ T4607] Bluetooth: hci6: command tx timeout
[  172.438376][ T6295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.689609][ T6295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.752312][ T6295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.887209][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  172.956963][ T6295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.963934][ T6295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.146288][ T6295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.260459][ T2923] hsr_slave_0: left promiscuous mode
[  173.278131][ T2923] hsr_slave_1: left promiscuous mode
[  173.293859][ T2923] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.305450][ T2923] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.361027][ T2923] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.371157][ T2923] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.496972][ T2923] veth1_macvtap: left promiscuous mode
[  173.528607][ T2923] veth0_macvtap: left promiscuous mode
[  173.548838][ T2923] veth1_vlan: left promiscuous mode
[  173.566344][ T2923] veth0_vlan: left promiscuous mode
[  174.444820][ T1171] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  174.515828][ T4607] Bluetooth: hci6: command tx timeout
[  174.956395][ T1171] usb 3-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  174.985353][ T1171] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  174.994517][ T1171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.017088][ T1171] aiptek 3-1:17.0: interface has no int in endpoints, but must have minimum 1
[  177.500663][ T2923] team0 (unregistering): Port device team_slave_1 removed
[  177.579294][ T2923] team0 (unregistering): Port device team_slave_0 removed
[  177.616658][ T5335] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  177.825278][ T5335] usb 5-1: Using ep0 maxpacket: 8
[  177.886487][ T5335] usb 5-1: config 1 has an invalid descriptor of length 207, skipping remainder of the config
[  177.924682][ T5335] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 63744, setting to 64
[  177.946087][ T5335] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  177.988286][ T5335] usb 5-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  178.004350][ T5335] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  178.042378][ T5335] usb 5-1: SerialNumber: syz
[  178.052651][ T5335] hub 5-1:1.0: bad descriptor, ignoring hub
[  178.066416][ T5335] hub 5-1:1.0: probe with driver hub failed with error -5
[  178.075466][ T5335] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  178.392471][ T5335] usb 5-1: USB disconnect, device number 16
[  178.732846][ T5374] usb 3-1: USB disconnect, device number 16
[  178.805633][ T6295] hsr_slave_0: entered promiscuous mode
[  182.427688][ T6295] hsr_slave_1: entered promiscuous mode
[  182.458119][ T6295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  182.475402][ T6295] Cannot create hsr debugfs directory
[  182.487630][ T6390] netlink: 16 bytes leftover after parsing attributes in process `syz.1.276'.
[  182.977665][ T5335] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  183.016168][ T6410] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  183.255589][ T5335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.285482][ T5335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.309432][ T5335] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  183.341566][ T5335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.369095][ T5335] usb 4-1: config 0 descriptor??
[  183.945180][ T5269] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  184.516552][   T29] audit: type=1326 audit(1723712813.313:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  184.537843][    C1] vkms_vblank_simulate: vblank timer overrun
[  184.571807][ T5269] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  184.583989][ T5335] isku 0003:1E7D:319C.0004: unknown main item tag 0x0
[  184.603955][ T5335] isku 0003:1E7D:319C.0004: unbalanced collection at end of report description
[  184.613110][ T5269] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.627673][ T5269] usb 3-1: Product: syz
[  184.637341][ T5269] usb 3-1: Manufacturer: syz
[  184.647404][ T5269] usb 3-1: SerialNumber: syz
[  184.654731][   T29] audit: type=1326 audit(1723712813.333:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  184.731016][ T5269] usb 3-1: config 0 descriptor??
[  184.740109][ T5335] isku 0003:1E7D:319C.0004: parse failed
[  184.741355][ T5269] ch341 3-1:0.0: ch341-uart converter detected
[  184.794934][ T6406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.819095][ T5335] isku 0003:1E7D:319C.0004: probe with driver isku failed with error -22
[  189.034977][ T5269] usb 3-1: failed to receive control message: -110
[  189.045098][ T5226] Bluetooth: hci0: command 0x0406 tx timeout
[  189.045406][ T5269] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  189.051605][ T5226] Bluetooth: hci4: command 0x0406 tx timeout
[  189.074786][ T5226] Bluetooth: hci2: command 0x0406 tx timeout
[  189.080875][ T5226] Bluetooth: hci1: command 0x0406 tx timeout
[  189.087291][ T5226] Bluetooth: hci3: command 0x0406 tx timeout
[  189.127135][ T6406] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.156111][   T29] audit: type=1326 audit(1723712813.343:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  189.178446][ T1171] usb 3-1: USB disconnect, device number 17
[  189.245292][ T1171] ch341 3-1:0.0: device disconnected
[  189.259674][ T5335] usb 4-1: USB disconnect, device number 9
[  189.314648][   T29] audit: type=1326 audit(1723712813.343:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  189.730334][   T29] audit: type=1326 audit(1723712813.343:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  189.767899][ T6295] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  189.789256][ T6436] input: syz1 as /devices/virtual/input/input17
[  189.911189][ T6295] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  189.925657][   T29] audit: type=1326 audit(1723712813.343:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  190.068145][ T6442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.290'.
[  190.262071][ T6295] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  190.316702][   T29] audit: type=1326 audit(1723712813.343:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  190.338212][    C1] vkms_vblank_simulate: vblank timer overrun
[  190.388827][ T6295] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  190.520966][   T29] audit: type=1326 audit(1723712813.343:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  191.284784][   T29] audit: type=1326 audit(1723712813.343:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  191.564438][   T29] audit: type=1326 audit(1723712813.343:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  191.616389][   T54] Bluetooth: hci2: unexpected event for opcode 0x0c22
[  191.619184][ T6295] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.640186][   T29] audit: type=1326 audit(1723712813.343:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  191.733568][   T29] audit: type=1326 audit(1723712813.353:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  191.783766][   T29] audit: type=1326 audit(1723712813.353:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  191.788817][ T6295] 8021q: adding VLAN 0 to HW filter on device team0
[  191.880773][   T29] audit: type=1326 audit(1723712813.353:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6404 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f22a37799b9 code=0x7ffc0000
[  192.887890][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.895048][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.956669][ T1108] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.963830][ T1108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.001248][   T25] kernel write not supported for file /197/attr/current (pid: 25 comm: kworker/1:0)
[  194.631778][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[  194.649810][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[  194.755707][ T6480] cgroup: Unknown parameter '/dev/snd/timer'
[  196.069904][ T6295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.276520][ T6295] veth0_vlan: entered promiscuous mode
[  196.355187][ T6295] veth1_vlan: entered promiscuous mode
[  196.382426][ T6515] input: syz1 as /devices/virtual/input/input18
[  196.407300][ T6484] 9pnet_fd: Insufficient options for proto=fd
[  197.267493][ T6295] veth0_macvtap: entered promiscuous mode
[  197.319160][ T6295] veth1_macvtap: entered promiscuous mode
[  197.428371][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.487013][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.564183][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.590748][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.633241][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.674669][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.700060][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.725827][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.753994][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.786691][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.823149][ T6295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.852380][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.881258][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.909178][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.935214][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.959101][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.109683][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.495648][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.624663][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.662943][ T6295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.733960][ T6295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.752140][ T6295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.855491][ T6295] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.875122][ T6295] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.921860][ T6295] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.952411][ T6295] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.174668][ T5270] kernel write not supported for file /209/attr/current (pid: 5270 comm: kworker/0:4)
[  199.216520][ T2923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.282316][ T2923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.420497][ T2937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.458280][ T2937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.554806][ T5270] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  200.615569][ T5270] usb 3-1: Using ep0 maxpacket: 8
[  200.639548][ T5270] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.669167][ T5270] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  200.688063][ T5270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  200.714657][ T5270] usb 3-1: SerialNumber: syz
[  201.058193][ T5270] usb 3-1: config 0 descriptor??
[  201.235761][ T6554] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  201.341185][ T5270] usb 3-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  201.371892][ T5270] usb 3-1: No valid video chain found.
[  201.669406][ T6560] netlink: 'syz.1.318': attribute type 4 has an invalid length.
[  201.765915][ T1171] usb 3-1: USB disconnect, device number 18
[  201.783980][ T6567] netlink: 'syz.1.318': attribute type 4 has an invalid length.
[  202.544716][ T1171] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  202.574152][ T6583] netlink: 16 bytes leftover after parsing attributes in process `syz.2.325'.
[  202.592076][ T6581] input: syz1 as /devices/virtual/input/input19
[  202.748779][ T1171] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  202.758261][ T1171] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.766762][ T1171] usb 4-1: Product: syz
[  202.774723][ T1171] usb 4-1: Manufacturer: syz
[  202.781715][ T1171] usb 4-1: SerialNumber: syz
[  202.803766][ T1171] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  202.835401][   T25] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  203.881106][   T25] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  204.344674][   T25] ath9k_htc: Failed to initialize the device
[  204.396208][   T25] usb 4-1: ath9k_htc: USB layer deinitialized
[  204.460763][    T8] usb 4-1: USB disconnect, device number 10
[  205.594235][ T6605] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x0011601b, b_size=4096, device sda1 blocksize: 4096
[  205.608887][ T6605] grow_buffers: requested out-of-range block 144115188075855872 for device sda1
[  205.617981][ T6605] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted
[  205.637442][ T6602] netlink: 12 bytes leftover after parsing attributes in process `syz.0.329'.
[  206.790050][ T6631] netlink: set zone limit has 8 unknown bytes
[  207.472475][ T6628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.579614][   T54] Bluetooth: hci4: unexpected event for opcode 0x2024
[  207.938634][ T6648] netlink: 120 bytes leftover after parsing attributes in process `syz.4.341'.
[  208.427368][ T6663] input: syz1 as /devices/virtual/input/input21
[  208.774037][ T6668] 9pnet_fd: Insufficient options for proto=fd
[  209.201485][ T6682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.349'.
[  209.239278][ T6682] netlink: 72 bytes leftover after parsing attributes in process `syz.3.349'.
[  209.261989][ T6682] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  209.294845][ T6684] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  209.542978][ T6674] Bluetooth: hci4: Opcode 0x0401 failed: -4
[  209.552179][ T6693] capability: warning: `syz.2.353' uses 32-bit capabilities (legacy support in use)
[  209.577541][ T6691] netlink: 32 bytes leftover after parsing attributes in process `syz.3.354'.
[  210.056372][   T25] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  210.917069][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  210.919328][   T25] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  210.970668][ T6705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.357'.
[  210.984279][   T25] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  211.024778][ T5267] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  211.037601][   T25] usb 4-1: New USB device found, idVendor=0582, idProduct=0029, bcdDevice=bb.9d
[  211.047683][ T6705] macsec0: entered promiscuous mode
[  211.061163][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.074272][ T6691] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  211.109819][   T25] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  211.235156][ T5267] usb 3-1: Using ep0 maxpacket: 16
[  211.260427][ T5267] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.304445][ T5267] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.389099][ T5267] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  211.404978][ T5267] usb 3-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  211.436064][ T5267] usb 3-1: Product: syz
[  211.457406][ T5267] usb 3-1: Manufacturer: syz
[  211.566201][ T5335] usb 4-1: USB disconnect, device number 11
[  211.597895][ T5267] usb 3-1: config 0 descriptor??
[  211.990162][ T6716] xt_NFQUEUE: number of total queues is 0
[  212.033900][ T5267] kovaplus 0003:1E7D:2D50.0005: unknown main item tag 0xd
[  212.089228][ T5267] kovaplus 0003:1E7D:2D50.0005: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.2-1/input0
[  212.365044][ T5269] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  212.606669][ T5269] usb 2-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  212.673402][ T5269] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.739458][ T5269] usb 2-1: config 0 descriptor??
[  212.802973][ T5269] usb 2-1: selecting invalid altsetting 1
[  212.926989][ T5269] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  213.099065][ T6716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.138290][ T6716] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.206679][ T6728] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  214.166942][ T5335] IPVS: starting estimator thread 0...
[  214.274887][ T6736] IPVS: using max 33 ests per chain, 79200 per kthread
[  214.353011][ T5267] kovaplus 0003:1E7D:2D50.0005: couldn't init struct kovaplus_device
[  214.404753][ T5267] kovaplus 0003:1E7D:2D50.0005: couldn't install mouse
[  214.441623][ T5267] kovaplus 0003:1E7D:2D50.0005: probe with driver kovaplus failed with error -71
[  214.598952][ T5267] usb 3-1: USB disconnect, device number 19
[  215.448380][ T5335] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  215.490567][ T1171] usb 2-1: USB disconnect, device number 15
[  215.527040][ T6748] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  215.674967][ T5335] usb 1-1: Using ep0 maxpacket: 8
[  215.686415][ T5335] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  215.715090][ T5335] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  215.730001][ T5335] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  215.744606][ T5335] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  215.786738][ T5335] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  215.814735][ T5335] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  215.830809][ T5335] usb 1-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[  215.850100][ T5335] usb 1-1: Product: syz
[  216.011409][ T6769] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  216.073112][ T5335] usb 1-1: usb_control_msg returned -32
[  216.096129][ T5335] usbtmc 1-1:16.0: can't read capabilities
[  216.171496][ T1171] usb 1-1: USB disconnect, device number 7
[  216.904894][ T1171] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  217.205607][ T1171] usb 5-1: Using ep0 maxpacket: 8
[  217.213278][ T1171] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.223744][ T1171] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  217.255108][ T1171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  217.319218][ T1171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  217.354719][ T1171] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  217.420451][ T1171] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  217.431198][ T1171] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  217.439882][ T1171] usb 5-1: Product: syz
[  217.444197][ T1171] usb 5-1: Manufacturer: syz
[  217.448892][ T1171] usb 5-1: SerialNumber: syz
[  217.495632][ T1171] usb 5-1: config 0 descriptor??
[  217.785971][ T1171] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  217.792777][ T1171] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  217.813482][ T5269] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  218.009358][ T1171] radio-si470x 5-1:0.0: software version 0, hardware version 0
[  218.031251][ T1171] radio-si470x 5-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  218.073459][ T5269] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  218.093310][ T1171] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  218.107525][ T5269] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  218.117188][ T5269] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.136457][ T5269] usb 3-1: config 0 descriptor??
[  218.155809][ T6812] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  218.192972][ T1171] radio-si470x 5-1:0.0: submitting int urb failed (-90)
[  218.198667][ T6813] syz.3.390 uses obsolete (PF_INET,SOCK_PACKET)
[  218.735972][ T5335] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  219.034809][ T5335] usb 4-1: Using ep0 maxpacket: 8
[  219.357649][ T5335] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  219.442979][ T5335] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.471888][ T5335] usb 4-1: Product: syz
[  219.490146][ T5335] usb 4-1: Manufacturer: syz
[  219.505432][ T5335] usb 4-1: SerialNumber: syz
[  219.540301][ T5335] usb 4-1: config 0 descriptor??
[  219.603219][ T1171] radio-si470x 5-1:0.0: si470x_get_report: usb_control_msg returned -32
[  219.622616][ T1171] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22
[  219.758729][ T5335] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  219.824879][ T5267] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  219.950705][ T6834] program syz.0.397 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  219.960484][ T6834] FAULT_INJECTION: forcing a failure.
[  219.960484][ T6834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.986295][ T6834] CPU: 0 UID: 0 PID: 6834 Comm: syz.0.397 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  219.996920][ T6834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  220.006986][ T6834] Call Trace:
[  220.010271][ T6834]  <TASK>
[  220.013207][ T6834]  dump_stack_lvl+0x241/0x360
[  220.017907][ T6834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.023131][ T6834]  ? __pfx__printk+0x10/0x10
[  220.026567][ T5267] usb 2-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  220.027730][ T6834]  ? __pfx_lock_release+0x10/0x10
[  220.027768][ T6834]  should_fail_ex+0x3b0/0x4e0
[  220.044670][ T5267] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  220.047569][ T6834]  _copy_from_user+0x2f/0xe0
[  220.047603][ T6834]  scsi_ioctl+0x1f2f/0x2d80
[  220.047629][ T6834]  ? kasan_save_track+0x51/0x80
[  220.065812][ T5267] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.070515][ T6834]  ? kasan_save_track+0x3f/0x80
[  220.070544][ T6834]  ? security_file_ioctl+0x75/0xb0
[  220.070573][ T6834]  ? do_vfs_ioctl+0xf0e/0x2e50
[  220.090372][ T5267] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  220.093199][ T6834]  ? __pfx_scsi_ioctl+0x10/0x10
[  220.093232][ T6834]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  220.093269][ T6834]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  220.093295][ T6834]  ? tomoyo_path_number_perm+0x208/0x880
[  220.093316][ T6834]  ? __pfx_lock_release+0x10/0x10
[  220.093347][ T6834]  ? kfree+0x149/0x360
[  220.093373][ T6834]  ? tomoyo_path_number_perm+0x71a/0x880
[  220.093400][ T6834]  ? tomoyo_path_number_perm+0x208/0x880
[  220.093422][ T6834]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  220.150227][ T6834]  sg_ioctl+0x16ef/0x2e80
[  220.154574][ T6834]  ? __pfx_sg_ioctl+0x10/0x10
[  220.159256][ T6834]  ? __fget_files+0x3f6/0x470
[  220.163927][ T6834]  ? __fget_files+0x29/0x470
[  220.168512][ T6834]  ? bpf_lsm_file_ioctl+0x9/0x10
[  220.173455][ T6834]  ? security_file_ioctl+0x87/0xb0
[  220.178561][ T6834]  ? __pfx_sg_ioctl+0x10/0x10
[  220.183236][ T6834]  __se_sys_ioctl+0xfc/0x170
[  220.187828][ T6834]  do_syscall_64+0xf3/0x230
[  220.192320][ T6834]  ? clear_bhb_loop+0x35/0x90
[  220.197010][ T6834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.202903][ T6834] RIP: 0033:0x7f3e757799b9
[  220.207314][ T6834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.226923][ T6834] RSP: 002b:00007f3e764c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  220.235336][ T6834] RAX: ffffffffffffffda RBX: 00007f3e75915f80 RCX: 00007f3e757799b9
[  220.243299][ T6834] RDX: 0000000020000040 RSI: 0000000000000001 RDI: 0000000000000003
[  220.251269][ T6834] RBP: 00007f3e764c6090 R08: 0000000000000000 R09: 0000000000000000
[  220.259235][ T6834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.267202][ T6834] R13: 0000000000000000 R14: 00007f3e75915f80 R15: 00007ffdab880a68
[  220.275179][ T6834]  </TASK>
[  220.278371][    C0] vkms_vblank_simulate: vblank timer overrun
[  220.381442][ T6837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.391957][ T6837] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.822018][   T46] usb 3-1: USB disconnect, device number 20
[  223.122764][ T5335] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  223.181439][ T5335] usb 4-1: USB disconnect, device number 12
[  223.203437][ T6850] xt_hashlimit: invalid rate
[  223.294205][    T8] usb 2-1: USB disconnect, device number 16
[  223.554472][ T6860] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  224.214673][   T46] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  224.430453][   T46] usb 2-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  224.516170][   T46] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  224.534679][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.601712][   T46] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  224.725653][ T6875] hub 9-0:1.0: USB hub found
[  224.732021][ T6875] hub 9-0:1.0: 8 ports detected
[  228.158557][   T46] usb 2-1: USB disconnect, device number 17
[  229.434706][ T5335] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  229.505006][   T46] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  229.595248][ T6891] vivid-003: =================  START STATUS  =================
[  229.603713][ T6891] vivid-003: RDS Tx I/O Mode: Controls
[  229.609647][ T6891] vivid-003: RDS Program ID: 32904
[  229.616330][ T6891] vivid-003: RDS Program Type: 3
[  229.621269][ T6891] vivid-003: RDS PS Name: VIVID-TX
[  229.626403][ T6891] vivid-003: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  229.636694][ T6891] vivid-003: RDS Stereo: true
[  229.641361][ T6891] vivid-003: RDS Artificial Head: false
[  229.646963][ T6891] vivid-003: RDS Compressed: false
[  229.652105][ T6891] vivid-003: RDS Dynamic PTY: false
[  229.657382][ T6891] vivid-003: RDS Traffic Announcement: false
[  229.663388][ T6891] vivid-003: RDS Traffic Program: true
[  229.668899][ T6891] vivid-003: RDS Music: true
[  229.673511][ T6891] vivid-003: ==================  END STATUS  ==================
[  229.760716][ T5335] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  229.817894][ T5335] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.837728][ T5335] usb 3-1: Product: syz
[  229.839548][   T46] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  229.852247][ T5335] usb 3-1: Manufacturer: syz
[  229.863470][ T5335] usb 3-1: SerialNumber: syz
[  229.881028][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.881145][ T5335] usb 3-1: config 0 descriptor??
[  229.900195][ T5335] ch341 3-1:0.0: ch341-uart converter detected
[  229.953068][   T46] usb 4-1: config 0 descriptor??
[  229.984862][ T6896] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  230.879510][ T6902] FAULT_INJECTION: forcing a failure.
[  230.879510][ T6902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.932391][ T6902] CPU: 0 UID: 0 PID: 6902 Comm: syz.4.416 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  230.943019][ T6902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  230.953084][ T6902] Call Trace:
[  230.956371][ T6902]  <TASK>
[  230.959309][ T6902]  dump_stack_lvl+0x241/0x360
[  230.964005][ T6902]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.969218][ T6902]  ? __pfx__printk+0x10/0x10
[  230.973824][ T6902]  ? __pfx_lock_release+0x10/0x10
[  230.978859][ T6902]  ? drm_ioctl_kernel+0x33a/0x440
[  230.983911][ T6902]  should_fail_ex+0x3b0/0x4e0
[  230.988609][ T6902]  _copy_to_user+0x2f/0xb0
[  230.993059][ T6902]  drm_ioctl+0x638/0xad0
[  230.997325][ T6902]  ? __pfx_drm_getcap+0x10/0x10
[  231.002207][ T6902]  ? __pfx_drm_ioctl+0x10/0x10
[  231.007012][ T6902]  ? bpf_lsm_file_ioctl+0x9/0x10
[  231.011970][ T6902]  ? security_file_ioctl+0x87/0xb0
[  231.017102][ T6902]  ? __pfx_drm_ioctl+0x10/0x10
[  231.021889][ T6902]  __se_sys_ioctl+0xfc/0x170
[  231.026508][ T6902]  do_syscall_64+0xf3/0x230
[  231.031029][ T6902]  ? clear_bhb_loop+0x35/0x90
[  231.035726][ T6902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.041639][ T6902] RIP: 0033:0x7fc9061799b9
[  231.046065][ T6902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.065689][ T6902] RSP: 002b:00007fc907032038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  231.074118][ T6902] RAX: ffffffffffffffda RBX: 00007fc906315f80 RCX: 00007fc9061799b9
[  231.082119][ T6902] RDX: 00000000200014c0 RSI: 00000000c010640c RDI: 0000000000000003
[  231.090099][ T6902] RBP: 00007fc907032090 R08: 0000000000000000 R09: 0000000000000000
[  231.098069][ T6902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.106034][ T6902] R13: 0000000000000000 R14: 00007fc906315f80 R15: 00007fff0b088d48
[  231.114011][ T6902]  </TASK>
[  231.449124][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  231.525499][   T25] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  231.572989][ T6911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.582974][ T6911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.604057][ T6911] netlink: 16 bytes leftover after parsing attributes in process `syz.4.420'.
[  231.623059][ T6911] netlink: 16 bytes leftover after parsing attributes in process `syz.4.420'.
[  231.666866][    T9] usb 1-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  231.681016][    T9] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  231.705140][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.742635][    T9] aiptek 1-1:17.0: interface has no int in endpoints, but must have minimum 1
[  231.754817][   T25] usb 2-1: Using ep0 maxpacket: 8
[  231.768725][   T25] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  231.779773][ T5335] ch341-uart ttyUSB0: failed to read break control: -71
[  231.798689][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.806767][ T5335] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  231.827416][ T5335] usb 3-1: USB disconnect, device number 21
[  231.964735][   T46] pegasus 4-1:0.0: probe with driver pegasus failed with error -32
[  231.975842][   T25] usb 2-1: Product: syz
[  231.980072][   T25] usb 2-1: Manufacturer: syz
[  231.984823][   T25] usb 2-1: SerialNumber: syz
[  231.991767][   T25] usb 2-1: config 0 descriptor??
[  232.007885][ T5335] ch341 3-1:0.0: device disconnected
[  232.720047][   T25] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  234.239104][   T25] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  235.223841][   T25] usb 4-1: USB disconnect, device number 13
[  235.460310][   T46] usb 1-1: USB disconnect, device number 8
[  236.635288][   T25] usb 2-1: USB disconnect, device number 18
[  237.011554][ T1171] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  237.594885][ T6935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.426'.
[  237.720175][ T1171] usb 3-1: Using ep0 maxpacket: 16
[  237.735437][ T1171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.756999][ T1171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.784850][ T1171] usb 3-1: New USB device found, idVendor=22d4, idProduct=1503, bcdDevice= 0.00
[  237.808984][ T1171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.836631][ T1171] usb 3-1: config 0 descriptor??
[  238.105406][  T940] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  238.283005][ T6930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.414951][ T6930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  238.464881][  T940] usb 2-1: Using ep0 maxpacket: 16
[  238.476416][  T940] usb 2-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config
[  238.515280][  T940] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x6F, changing to 0xF
[  238.552087][  T940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 102, changing to 7
[  238.581493][  T940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 24624, setting to 1024
[  238.631144][  T940] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  238.692339][  T940] usb 2-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59
[  238.715864][ T6961] block nbd4: shutting down sockets
[  238.881470][  T940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.599462][  T940] usb 2-1: Product: syz
[  239.626120][  T940] usb 2-1: Manufacturer: syz
[  239.634861][  T940] usb 2-1: SerialNumber: syz
[  239.686102][  T940] usb 2-1: config 0 descriptor??
[  239.700018][ T6956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.423'.
[  240.120903][ T6971] input: syz1 as /devices/virtual/input/input25
[  240.180628][   T25] usb 2-1: USB disconnect, device number 19
[  240.918776][ T1171] usbhid 3-1:0.0: can't add hid device: -71
[  240.944132][ T1171] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  240.961829][  T940] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  240.983884][ T1171] usb 3-1: USB disconnect, device number 22
[  241.171574][  T940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.201867][ T6982] input: syz1 as /devices/virtual/input/input26
[  241.213825][  T940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.298429][  T940] usb 2-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[  241.455841][  T940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.531761][  T940] usb 2-1: config 0 descriptor??
[  241.794957][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  241.908389][  T940] usbhid 2-1:0.0: can't add hid device: -71
[  241.914361][  T940] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  241.945797][  T940] usb 2-1: USB disconnect, device number 20
[  243.037199][ T6992] lo speed is unknown, defaulting to 1000
[  243.214060][ T6992] lo speed is unknown, defaulting to 1000
[  243.283887][ T6992] lo speed is unknown, defaulting to 1000
[  245.274021][ T5271] lo speed is unknown, defaulting to 1000
[  245.291774][ T6992] infiniband syz1: set active
[  245.310549][ T6992] infiniband syz1: added lo
[  245.326620][ T6992] syz1: rxe_create_cq: returned err = -12
[  245.372442][ T6992] infiniband syz1: Couldn't create ib_mad CQ
[  245.378762][ T6992] infiniband syz1: Couldn't open port 1
[  245.470888][ T7027] netlink: 128 bytes leftover after parsing attributes in process `syz.0.445'.
[  245.546755][ T7027] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  245.587948][ T6992] RDS/IB: syz1: added
[  245.603786][ T6992] smc: adding ib device syz1 with port count 1
[  245.619031][ T6992] smc:    ib device syz1 port 1 has pnetid 
[  245.665944][ T6992] lo speed is unknown, defaulting to 1000
[  245.686246][    T9] lo speed is unknown, defaulting to 1000
[  245.715578][   T30] INFO: task syz.0.66:5533 blocked for more than 148 seconds.
[  245.764813][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  245.792978][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  245.817265][   T30] task:syz.0.66        state:D stack:23696 pid:5533  tgid:5533  ppid:5233   flags:0x00004004
[  245.874966][   T30] Call Trace:
[  245.886204][   T30]  <TASK>
[  245.893695][   T30]  __schedule+0x17ae/0x4a10
[  245.913082][   T30]  ? __pfx___schedule+0x10/0x10
[  245.925914][   T30]  ? __pfx_lock_release+0x10/0x10
[  245.941074][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  245.970661][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  245.990929][ T6992] lo speed is unknown, defaulting to 1000
[  246.001535][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  246.015664][   T30]  ? schedule+0x90/0x320
[  246.024456][   T30]  schedule+0x14b/0x320
[  246.034232][   T30]  ? do_exit+0x4ff/0x27f0
[  246.046731][   T30]  do_exit+0x57c/0x27f0
[  246.063338][   T30]  ? __pfx_do_exit+0x10/0x10
[  246.082745][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  246.108088][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  246.153801][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.178481][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  246.191550][   T30]  do_group_exit+0x207/0x2c0
[  246.211393][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  246.223620][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  246.229663][ T6992] lo speed is unknown, defaulting to 1000
[  246.235669][   T30]  get_signal+0x1695/0x1730
[  246.245958][   T30]  ? __pfx_get_signal+0x10/0x10
[  246.259321][   T30]  arch_do_signal_or_restart+0x96/0x860
[  246.276870][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  246.315805][   T30]  ? schedule+0x155/0x320
[  246.341136][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  246.372601][   T30]  do_syscall_64+0x100/0x230
[  246.385880][   T30]  ? clear_bhb_loop+0x35/0x90
[  246.398407][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.415998][   T30] RIP: 0033:0x7f2b87d799b9
[  246.431031][   T30] RSP: 002b:00007ffdebe86238 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  246.451233][   T30] RAX: fffffffffffffdfc RBX: 00000000000151b4 RCX: 00007f2b87d799b9
[  246.483581][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2b87f1613c
[  246.507626][   T30] RBP: 00007f2b87f1613c R08: 00007f2b87f15f80 R09: 00007ffdebe8651f
[  246.532138][   T30] R10: 00007ffdebe86330 R11: 0000000000000246 R12: 0000000000000032
[  246.541782][ T6992] lo speed is unknown, defaulting to 1000
[  246.549846][   T30] R13: 00007ffdebe86330 R14: 00007ffdebe86350 R15: 0000000000015182
[  246.568112][   T30]  </TASK>
[  246.577035][   T30] INFO: task syz.0.66:5534 blocked for more than 149 seconds.
[  246.603855][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  246.631088][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  246.660129][   T30] task:syz.0.66        state:D stack:25808 pid:5534  tgid:5533  ppid:5233   flags:0x00004004
[  246.681284][   T30] Call Trace:
[  246.700861][   T30]  <TASK>
[  246.708379][   T30]  __schedule+0x17ae/0x4a10
[  246.722966][   T30]  ? __pfx___schedule+0x10/0x10
[  246.750794][   T30]  ? __pfx_lock_release+0x10/0x10
[  246.768035][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  246.790434][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.811318][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  246.823116][ T6992] lo speed is unknown, defaulting to 1000
[  246.829104][   T30]  ? schedule+0x90/0x320
[  246.834568][   T30]  schedule+0x14b/0x320
[  246.850117][   T30]  ? do_exit+0x4ff/0x27f0
[  246.860587][   T30]  do_exit+0x57c/0x27f0
[  246.869336][   T30]  ? __pfx_do_exit+0x10/0x10
[  246.884190][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  246.897615][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  246.914989][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.928026][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  246.939899][   T30]  do_group_exit+0x207/0x2c0
[  246.951296][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  246.963905][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  246.976913][   T30]  get_signal+0x1695/0x1730
[  246.990459][   T30]  ? __pfx_get_signal+0x10/0x10
[  247.004641][   T30]  ? __fget_files+0x29/0x470
[  247.014709][   T30]  arch_do_signal_or_restart+0x96/0x860
[  247.031559][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  247.038987][ T6992] lo speed is unknown, defaulting to 1000
[  247.046000][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.063195][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  247.076869][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  247.091868][   T30]  do_syscall_64+0x100/0x230
[  247.102089][   T30]  ? clear_bhb_loop+0x35/0x90
[  247.116660][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.132865][   T30] RIP: 0033:0x7f2b87d799b9
[  247.144116][   T30] RSP: 002b:00007f2b88b7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  247.164868][   T30] RAX: 0000000000006e40 RBX: 00007f2b87f15f80 RCX: 00007f2b87d799b9
[  247.185794][   T30] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005
[  247.210321][   T30] RBP: 00007f2b87de78d8 R08: 0000000000000000 R09: 0000000000000000
[  247.232621][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  247.250174][   T30] R13: 0000000000000000 R14: 00007f2b87f15f80 R15: 00007ffdebe860d8
[  247.268007][   T30]  </TASK>
[  247.276751][   T30] INFO: task iou-wrk-5537:5539 blocked for more than 149 seconds.
[  247.288215][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  247.298421][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  247.307243][   T30] task:iou-wrk-5537    state:D stack:28592 pid:5539  tgid:5533  ppid:5233   flags:0x00004004
[  247.320397][   T30] Call Trace:
[  247.323777][   T30]  <TASK>
[  247.348017][   T30]  __schedule+0x17ae/0x4a10
[  247.357112][   T30]  ? __pfx___schedule+0x10/0x10
[  247.362072][   T30]  ? __pfx_lock_release+0x10/0x10
[  247.367345][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.373423][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  247.379989][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  247.385251][   T30]  ? schedule+0x90/0x320
[  247.393996][   T30]  schedule+0x14b/0x320
[  247.400482][   T30]  ? do_exit+0x4ff/0x27f0
[  247.405492][   T30]  do_exit+0x57c/0x27f0
[  247.414167][   T30]  ? __pfx_do_exit+0x10/0x10
[  247.418865][   T30]  ? kvfree_call_rcu+0x48c/0x790
[  247.425547][   T30]  ? __pfx_kvfree_call_rcu+0x10/0x10
[  247.441298][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  247.454512][   T30]  io_wq_worker+0xdb4/0xed0
[  247.463656][   T30]  ? io_wq_worker+0x3e5/0xed0
[  247.472007][   T30]  ? __pfx_io_wq_worker+0x10/0x10
[  247.480730][   T30]  ? __pfx_io_wq_worker+0x10/0x10
[  247.493661][   T30]  ? __pfx_io_wq_worker+0x10/0x10
[  247.504397][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  247.512709][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  247.519088][   T30]  ? __pfx_io_wq_worker+0x10/0x10
[  247.533122][   T30]  ret_from_fork+0x4b/0x80
[  247.541764][   T30]  ? __pfx_io_wq_worker+0x10/0x10
[  247.551579][   T30]  ret_from_fork_asm+0x1a/0x30
[  247.556765][   T30]  </TASK>
[  247.561119][   T30] INFO: task syz.0.66:5540 blocked for more than 150 seconds.
[  247.571218][   T30]       Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  247.580187][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  247.592886][   T30] task:syz.0.66        state:D stack:27424 pid:5540  tgid:5533  ppid:5233   flags:0x00004004
[  247.613425][   T30] Call Trace:
[  247.616955][   T30]  <TASK>
[  247.619975][   T30]  __schedule+0x17ae/0x4a10
[  247.625820][   T30]  ? __pfx___schedule+0x10/0x10
[  247.636103][   T30]  ? __pfx_lock_release+0x10/0x10
[  247.643612][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.651582][   T30]  ? schedule+0x90/0x320
[  247.661191][   T30]  schedule+0x14b/0x320
[  247.665473][   T30]  schedule_timeout+0xb0/0x310
[  247.674923][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  247.681610][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  247.689532][   T30]  __wait_for_common+0x3ea/0x6d0
[  247.703629][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  247.709280][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  247.720564][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  247.731478][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  247.745670][   T30]  wait_for_completion_state+0x1c/0x40
[  247.752314][   T30]  do_coredump+0x984/0x2a30
[  247.758973][   T30]  ? __kasan_slab_free+0x37/0x60
[  247.764099][   T30]  ? arch_do_signal_or_restart+0x96/0x860
[  247.774206][   T30]  ? __pfx_do_coredump+0x10/0x10
[  247.780413][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  247.785801][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  247.792207][   T30]  get_signal+0x13ee/0x1730
[  247.798684][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  247.805854][   T30]  ? __pfx_get_signal+0x10/0x10
[  247.813066][   T30]  arch_do_signal_or_restart+0x96/0x860
[  247.818777][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  247.825143][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.834736][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  247.840622][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  247.852510][   T30]  do_syscall_64+0x100/0x230
[  247.865692][   T30]  ? clear_bhb_loop+0x35/0x90
[  247.881185][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.893878][   T30] RIP: 0033:0x7f2b87d799b9
[  247.904729][   T30] RSP: 002b:00007f2b88a770e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  247.913333][   T30] RAX: ffffffffffffffda RBX: 00007f2b87f16138 RCX: 00007f2b87d799b9
[  247.926745][   T30] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2b87f1613c
[  247.949807][   T30] RBP: 00007f2b87f16130 R08: 7fffffffffffffff R09: 0000000000000000
[  247.958146][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2b87f1613c
[  247.969748][   T30] R13: 0000000000000000 R14: 00007ffdebe85ff0 R15: 00007ffdebe860d8
[  247.981208][   T30]  </TASK>
[  247.987010][   T30] 
[  247.987010][   T30] Showing all locks held in the system:
[  247.994951][   T30] 2 locks held by ksoftirqd/1/24:
[  248.014668][   T30]  #0: ffff8880b923e9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  248.024847][   T30]  #1: ffff8880b9328948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770
[  248.036505][   T30] 1 lock held by khungtaskd/30:
[  248.050195][   T30]  #0: ffffffff8e7382e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  248.060318][   T30] 2 locks held by getty/4970:
[  248.065129][   T30]  #0: ffff88802ae9c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  248.075093][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  248.100338][   T30] 1 lock held by syz.0.66/5537:
[  248.105315][   T30] 1 lock held by syz-executor/6295:
[  248.114899][   T30]  #0: ffffffff8e73d6b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  248.126065][   T30] 1 lock held by syz.3.450/7037:
[  248.132175][   T30]  #0: ffffffff8e73d580 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  248.152730][   T30] 
[  248.158247][   T30] =============================================
[  248.158247][   T30] 
[  248.174701][   T30] NMI backtrace for cpu 0
[  248.179050][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  248.189555][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  248.199615][   T30] Call Trace:
[  248.202900][   T30]  <TASK>
[  248.205828][   T30]  dump_stack_lvl+0x241/0x360
[  248.210498][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.215688][   T30]  ? __pfx__printk+0x10/0x10
[  248.220287][   T30]  ? vprintk_emit+0x631/0x770
[  248.224972][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  248.230007][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  248.234945][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  248.240400][   T30]  ? _printk+0xd5/0x120
[  248.244551][   T30]  ? __pfx__printk+0x10/0x10
[  248.249150][   T30]  ? __wake_up_klogd+0xcc/0x110
[  248.253989][   T30]  ? __pfx__printk+0x10/0x10
[  248.258580][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  248.263593][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  248.269566][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  248.275549][   T30]  watchdog+0xfee/0x1030
[  248.279795][   T30]  ? watchdog+0x1ea/0x1030
[  248.284204][   T30]  ? __pfx_watchdog+0x10/0x10
[  248.288874][   T30]  kthread+0x2f0/0x390
[  248.292945][   T30]  ? __pfx_watchdog+0x10/0x10
[  248.297611][   T30]  ? __pfx_kthread+0x10/0x10
[  248.302196][   T30]  ret_from_fork+0x4b/0x80
[  248.306603][   T30]  ? __pfx_kthread+0x10/0x10
[  248.311623][   T30]  ret_from_fork_asm+0x1a/0x30
[  248.316388][   T30]  </TASK>
[  248.321329][   T30] Sending NMI from CPU 0 to CPUs 1:
[  248.327878][    C1] NMI backtrace for cpu 1
[  248.327891][    C1] CPU: 1 UID: 0 PID: 2923 Comm: kworker/u8:8 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  248.327910][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  248.327920][    C1] Workqueue: events_unbound cfg80211_wiphy_work
[  248.327944][    C1] RIP: 0010:unwind_next_frame+0xfd6/0x2a00
[  248.327968][    C1] Code: 24 10 49 8d 6c 24 01 48 8b 44 24 38 42 0f b6 04 28 84 c0 0f 85 20 13 00 00 48 89 e8 48 c1 e8 03 48 89 44 24 78 42 0f b6 04 28 <84> c0 0f 85 27 13 00 00 41 0f b6 5c 24 01 83 e3 07 48 89 df 48 c7
[  248.327982][    C1] RSP: 0018:ffffc90009cc75c8 EFLAGS: 00000a02
[  248.327995][    C1] RAX: 0000000000000000 RBX: ffffffff90879115 RCX: ffff88802bad0000
[  248.328007][    C1] RDX: ffffffff90879114 RSI: ffffc90009cc7a98 RDI: 0000000000000005
[  248.328019][    C1] RBP: ffffffff90879119 R08: 0000000000000005 R09: ffffffff81411f0e
[  248.328030][    C1] R10: 0000000000000008 R11: ffff88802bad0000 R12: ffffffff90879118
[  248.328041][    C1] R13: dffffc0000000000 R14: ffffc90009cc76f0 R15: 1ffff92001398ed4
[  248.328053][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  248.328066][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  248.328078][    C1] CR2: 00007fa2540e6678 CR3: 000000000e534000 CR4: 00000000003526f0
[  248.328092][    C1] DR0: 000000000000008d DR1: 0000000000000000 DR2: 0000000000000000
[  248.328102][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  248.328113][    C1] Call Trace:
[  248.328119][    C1]  <NMI>
[  248.328125][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  248.328143][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  248.328164][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  248.328181][    C1]  ? nmi_handle+0x2a/0x5a0
[  248.328205][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  248.328221][    C1]  ? nmi_handle+0x14f/0x5a0
[  248.328236][    C1]  ? nmi_handle+0x2a/0x5a0
[  248.328256][    C1]  ? unwind_next_frame+0xfd6/0x2a00
[  248.328276][    C1]  ? default_do_nmi+0x63/0x160
[  248.328294][    C1]  ? exc_nmi+0x123/0x1f0
[  248.328310][    C1]  ? end_repeat_nmi+0xf/0x53
[  248.328330][    C1]  ? unwind_next_frame+0x7be/0x2a00
[  248.328351][    C1]  ? unwind_next_frame+0xfd6/0x2a00
[  248.328371][    C1]  ? unwind_next_frame+0xfd6/0x2a00
[  248.328392][    C1]  ? unwind_next_frame+0xfd6/0x2a00
[  248.328412][    C1]  </NMI>
[  248.328417][    C1]  <TASK>
[  248.328428][    C1]  ? poison_slab_object+0xe0/0x150
[  248.328445][    C1]  ? poison_slab_object+0xe0/0x150
[  248.328460][    C1]  ? __kernel_text_address+0xd/0x40
[  248.328475][    C1]  ? poison_slab_object+0xe0/0x150
[  248.328490][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  248.328509][    C1]  arch_stack_walk+0x151/0x1b0
[  248.328527][    C1]  ? ieee80211_iface_work+0x272/0xf20
[  248.328546][    C1]  ? poison_slab_object+0xe0/0x150
[  248.328564][    C1]  stack_trace_save+0x118/0x1d0
[  248.328583][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  248.328604][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.328625][    C1]  kasan_save_track+0x3f/0x80
[  248.328640][    C1]  ? kasan_save_track+0x3f/0x80
[  248.328654][    C1]  ? kasan_save_free_info+0x40/0x50
[  248.328672][    C1]  ? poison_slab_object+0xe0/0x150
[  248.328715][    C1]  ? ieee80211_iface_work+0x272/0xf20
[  248.328732][    C1]  kasan_save_free_info+0x40/0x50
[  248.328751][    C1]  poison_slab_object+0xe0/0x150
[  248.328768][    C1]  ? ieee80211_iface_work+0x272/0xf20
[  248.328786][    C1]  __kasan_slab_free+0x37/0x60
[  248.328802][    C1]  kmem_cache_free+0x145/0x350
[  248.328823][    C1]  ieee80211_iface_work+0x272/0xf20
[  248.328847][    C1]  cfg80211_wiphy_work+0x2db/0x490
[  248.328867][    C1]  ? process_scheduled_works+0x945/0x1830
[  248.328885][    C1]  process_scheduled_works+0xa2c/0x1830
[  248.328917][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  248.328941][    C1]  ? assign_work+0x364/0x3d0
[  248.328962][    C1]  worker_thread+0x86d/0xd40
[  248.328988][    C1]  ? __kthread_parkme+0x169/0x1d0
[  248.329008][    C1]  ? __pfx_worker_thread+0x10/0x10
[  248.329026][    C1]  kthread+0x2f0/0x390
[  248.329045][    C1]  ? __pfx_worker_thread+0x10/0x10
[  248.329063][    C1]  ? __pfx_kthread+0x10/0x10
[  248.329082][    C1]  ret_from_fork+0x4b/0x80
[  248.329100][    C1]  ? __pfx_kthread+0x10/0x10
[  248.329119][    C1]  ret_from_fork_asm+0x1a/0x30
[  248.329146][    C1]  </TASK>
[  248.753698][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  248.760573][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  248.771075][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  248.781207][   T30] Call Trace:
[  248.784478][   T30]  <TASK>
[  248.787401][   T30]  dump_stack_lvl+0x241/0x360
[  248.792100][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.797295][   T30]  ? __pfx__printk+0x10/0x10
[  248.801878][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.807857][   T30]  ? vscnprintf+0x5d/0x90
[  248.812182][   T30]  panic+0x349/0x860
[  248.816070][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  248.822212][   T30]  ? __pfx_panic+0x10/0x10
[  248.826619][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  248.831981][   T30]  ? __irq_work_queue_local+0x137/0x410
[  248.837519][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  248.842877][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  248.849020][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  248.855164][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  248.861310][   T30]  watchdog+0x102d/0x1030
[  248.865640][   T30]  ? watchdog+0x1ea/0x1030
[  248.870064][   T30]  ? __pfx_watchdog+0x10/0x10
[  248.874732][   T30]  kthread+0x2f0/0x390
[  248.878791][   T30]  ? __pfx_watchdog+0x10/0x10
[  248.883452][   T30]  ? __pfx_kthread+0x10/0x10
[  248.888033][   T30]  ret_from_fork+0x4b/0x80
[  248.892443][   T30]  ? __pfx_kthread+0x10/0x10
[  248.897025][   T30]  ret_from_fork_asm+0x1a/0x30
[  248.901788][   T30]  </TASK>
[  248.905007][   T30] Kernel Offset: disabled
[  248.909315][   T30] Rebooting in 86400 seconds..