last executing test programs:

24.749509567s ago: executing program 1 (id=1657):
r0 = syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000001280)={<r3=>0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010100}}, 0x5, 0x9, 0x3e, 0x9, 0x2a, 0x0, 0x5}, &(0x7f0000000680)=0x9c)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000001340)={0x0, 0x6, 0x4, 0x9, 0x1, 0x7, 0x0, 0xffff7fff, {<r4=>0x0, @in={{0x2, 0x4e21, @empty}}, 0x2, 0xa4, 0x5, 0x1}}, &(0x7f0000000700)=0xb0)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000380)=@in6={0xa, 0x4e20, 0x2, @remote, 0x9}, 0x1c, &(0x7f00000004c0)=[{&(0x7f00000003c0)="19eb1dd409b2eeb0de27271d3c4d878d10a11d0e47fd45627a4111", 0x1b}], 0x1, &(0x7f0000001400)=[@sndrcv={0x30, 0x84, 0x1, {0x7, 0x8, 0x800a, 0x7, 0x10001, 0x3, 0x39, 0x1000, r3}}, @sndinfo={0x20, 0x84, 0x2, {0x40, 0x8, 0x6, 0x8, r4}}, @dstaddrv6={0x20, 0x84, 0x8, @loopback}, @sndrcv={0x30, 0x84, 0x1, {0x9, 0x0, 0x8, 0x6, 0x2, 0xfffffb47, 0x2, 0x1}}, @dstaddrv4={0x18, 0x84, 0x7, @remote}, @dstaddrv6={0x20, 0x84, 0x8, @empty}, @authinfo={0x18, 0x84, 0x6, {0xea}}, @authinfo={0x18, 0x84, 0x6, {0x101}}, @dstaddrv6={0x20, 0x84, 0x8, @local}, @dstaddrv4={0x18, 0x84, 0x7, @empty}], 0x140, 0x4010}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001580)=ANY=[@ANYBLOB="40000000040601010000000000000000010000020900020073797a32000000000900020073797a308f4f846bae51f3c5490000001c0900020073797a4480fddaf92493320000000005"], 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x7, &(0x7f00000002c0)=ANY=[@ANYRES32=r2, @ANYRES8=r0, @ANYRESHEX=r1, @ANYRES64=r2, @ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="b363828ec10f48ecf7d5a156a5e4e6de89c8b98151024ce3d49c721a6ee92ede52e9eb2c988d8eeaa20220e31d5a53f274e87e5dd3e1d97ceb5f514178e131aab9999c8a67a3cf99632d3a382e45906caf198353edf565beed26f55282549edf6229ff06f0b50e61f888c62bd5f094d0e7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
syz_usb_connect(0x127afde79231a2fe, 0x65f, &(0x7f0000000780)={{0x12, 0x1, 0x110, 0x5, 0x83, 0x78, 0x40, 0x46d, 0x8d8, 0x4ea5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64d, 0x3, 0x7, 0x9, 0x0, 0x2, [{{0x9, 0x4, 0xa8, 0xb, 0x9, 0xf4, 0x49, 0xab, 0x7f, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, "84"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0xfa, 0x8, 0x9, 0x9}, {0x6, 0x24, 0x1a, 0x5, 0x8}, [@network_terminal={0x7, 0x24, 0xa, 0x8, 0x5b, 0x8, 0xff}]}], [{{0x9, 0x5, 0x0, 0x4, 0x10, 0x5, 0x5, 0x0, [@generic={0x9f, 0x22, "5edb7f1ce619fa52cd5db3cfe2d083087c9f9f42cac97e581304d45b9c8abeef0516ab05f79e13edc9ed158bc70ea40e513a6b14ef0d328bef0f59cb065a4ab9177c16b6f70c37278c293cf1ca2eb1bdf32ecfe175548dc3b3169c92ee5051b73acd2b31538bd467bbb502f61e6b3d102a1a2aa2107a9225ce69a74a97f34562f19d19f29fa0b65a9b4dfc6e1f8507b5c437f4259108fc22ec34a0626c"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x401}]}}, {{0x9, 0x5, 0xa, 0x0, 0x58cbb4224670ae58, 0x93, 0x1, 0xc}}, {{0x9, 0x5, 0xe, 0x0, 0x3ff, 0x2, 0x8, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0xfffc}]}}, {{0x9, 0x5, 0xd, 0x4, 0x8, 0x0, 0x7, 0xd}}, {{0x9, 0x5, 0x8, 0x18, 0x40, 0x4, 0x2, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x5, 0x1cf0}, @generic={0x25, 0x10, "3840adc42d7e91362e86a1b9230a4891b3bb5c467b5a3719d6d487ba070212a242025b"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x40, 0x26, 0x4, 0x3, [@generic={0x9d, 0x6, "72490a52fd81f00e258fc2f4d12b0bfcc6526c9fe8583c470683946b6e054b39dde5533b4a4ac64550fd03ac707afbf3f69a8937d9b128c63393d8ee9a3916fbeaf74364cf0c2301318870ce971173c9c7b7fdf9442373c926b12f3a2542eda64c0e775fc2200c755653fdfc323c935239c235648926097040151897f0f9d1e6157c0309ac2cb9030e52f72e2e5a7cde18490e391293162c5d59ef"}, @generic={0x3b, 0x1, "b1b753be309c4111f3e1774b809b18bdba29d2205028578c878c0eb8f41f3ce38e35062be53d3f9af87d45faa7ed2593d9e1af3384837eea0d"}]}}, {{0x9, 0x5, 0x2, 0x3, 0x660, 0x1, 0xef, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x2, 0x7}]}}, {{0x9, 0x5, 0xe, 0xc, 0x0, 0x6, 0x4, 0x52, [@generic={0xb, 0x6, "cca33ebf2c021055b3"}]}}, {{0x9, 0x5, 0x8f, 0x1, 0x610, 0xfb, 0xb, 0xf, [@generic={0xa1, 0x2, "797d949f6e5c0b284a883ad66a0c55c561084baeed5458acd1e78f734f8206842b001c9799dc415c9c2ce558925a3eaaa449e58bda304be5b42dab68ced8fcbd356922c4e0811fad2c20869e79959f096a9b2a91403d7384da93e10536111a3d72a36dc7b404dfaa16eacc0dcbf52a83a8d98b9124e1af39d4a911626bd377cede05685de7580d6090379da2ce75f80697a938b1b0abe1cdf21b50315f8b21"}]}}]}}, {{0x9, 0x4, 0xb1, 0x0, 0x2, 0xb6, 0x31, 0xac, 0xc, [], [{{0x9, 0x5, 0xa, 0x10, 0x3ff, 0x4, 0x40, 0xf7, [@generic={0xd4, 0x5, "dd0810146021c8bf3c86b9bb1d4d7a46969cc4db713262be013fa82069af29ce9bf7c170c0f23404cf977c3aabb7ea1f55680a184109bc777679c7db01af44ea80edc4fd747c96db79a03ca7bf3a6d28d4f13ba0098614d6232e4bf116ba5aa6aa66f8eca8869b04949454a947fc6a0d2bdf63bb8d0999fe465c033b2c02bac6e9daaf7199e6c860f722b6a0f93192c1bd22170c62f6577d0d9beb0daeacccd0a9c3adbdff7aae0192e78ffface8a985fdbe8e1d8482acff31b114e7736586ab257ef8a54761b1b26b6bed19e8b01805e135"}]}}, {{0x9, 0x5, 0x8, 0x10, 0x200, 0x27, 0x40, 0x7, [@generic={0x28, 0x31, "953f7c8f4d34dc08b256283f240e6d370e89af234fc67ea10a854e5fc77923db4c5e48d46bb5"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x5, 0x7}]}}]}}, {{0x9, 0x4, 0x53, 0x5, 0x4, 0x2, 0x6, 0x0, 0x1, [@generic={0x8c, 0x2, "0e8da51da3406cd13f1785e8322431522c585823f7b421f9fc26f75a8c51654858da73552414f721b1821693e5ca6046544c4300c045bcc75f48d0aca60f0bf8a5037a5031729a12e6225799a435c74f0b48f9b6025507fba91ff8e61ec1c04a929cd630658d671a42b71522f59296072191a732c4f88e4450cb4cddfcac2a8c6d8bace6e66be6f4a12f"}, @cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "39a3a4e3"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x80000001, 0x8, 0x3, 0x10}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x5}, @network_terminal={0x7, 0x24, 0xa, 0x4, 0x9a, 0x81, 0xd}, @mdlm_detail={0xc3, 0x24, 0x13, 0x8, "4ea0cd31aa8b060868c7aab1e1427e60fe71b3617c66310589f25e5474c960fa156bc2c5bb364f89820ec64b93b6e01e33f787415b5f1eb3b3b7c5ddb2552442e17fb29e33fe19c590538ee17bfbf450e56775142d00f58ed7c7fd1d327730db5f3d5601de28f98f5ac1cc0f8b3fcd31c4bdb9395d3bc271e84ece4566ced86b8bd17b2027bd4585e5954b82a9b1f360aeeefe8d97adb38c3ac809bcb5a0c8b693211a70b341fd722630be99c2e77b82e13692740cb1c26e939ca55c1f2e48"}, @mbim={0xc, 0x24, 0x1b, 0x7, 0xb, 0x2, 0xb, 0x3, 0x40}]}], [{{0x9, 0x5, 0xd, 0x1, 0x400, 0x3, 0x3c, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x40, 0xa000}, @generic={0x40, 0x30, "fb32858d60958b7ff808439bc96feea1a8a568ac6c9301eac9a486980cbee99a59358128b945e608d482f90011ff994867a17effd5af6959eea8e7b43f71"}]}}, {{0x9, 0x5, 0x2, 0xc, 0x40, 0xff, 0xfe, 0x40, [@generic={0x46, 0x11, "1a8b35bd187785ddd30cec7cacf8a2ba38aca577aa17e777db01d5ea14d0e7fab38f0840dea010619729f6edcb8b43cbf3c9d4e33d877713e605e83cc79efef1bddd5d68"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x200, 0xaa, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x8, 0x7ff}]}}, {{0x9, 0x5, 0xc, 0x0, 0x200, 0x8, 0x0, 0x7}}]}}]}}]}}, &(0x7f0000000fc0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x310, 0x3, 0x4, 0xbe, 0x40, 0x40}, 0x238, &(0x7f0000001040)={0x5, 0xf, 0x238, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0x3, 0x7, 0x9}, @ssp_cap={0x24, 0x10, 0xa, 0x5, 0x6, 0x3, 0xf0f, 0x2, [0xf, 0xff3f00, 0x3fc0, 0xff7ec0, 0xc00f, 0xc03f]}, @ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x4, 0x8a, 0x5, 0x8, 0x2, 0xc}, @generic={0xff, 0x10, 0xb, "7d4521470b7df9bb2146587b182639df1534933d7c370e3b0e2529b07560fd9c408dcd752016bc51db8bbae36b3eff67d1d9b0cb24bfce435cdb8d156cc6bbc56ae55626e7adfb916b389a6bd48333e2f5f010bf7b2a76d6eea7ddead5532945485e5cbca11af244fb3ebdfabdf6a45d70e6131e712e907ec2a6e006a12e5826d9d499f3c46a7af8cdd3c5c84eb0c75fcbd646b44fb5d2b662343199ccb448adeeea52d4056e814dfacb61d06a4674e84eecc52e7f3c3240fa74779da0d4764fa3abc7f1c4613a27753c74bad5df9e5a8e2cd0422a0b7d0283b7213d4a45b4927aaab6394d60eb0b192264a9a4b5638e924adbf2e7623c68be3c2bb8"}, @generic={0xf8, 0x10, 0xa, "da1804cee431b1bcd3b45d4e7347811a85c0680decf65fe8d296e826bfa581820e82354e45130dc30cdeaa6540d5d613bed85b3296f0a40e14046b5800c73eecc0d1d00db6a3ebeb3f3bf15904030000002043caa258f0e914309f918d30ea56d7b62fa95bf75096e8123cd1cab5048fb2a3ef2a6a3977dc353fa93a46488fabb4c5ce2b56211999cfa62ffb3d7254625e769525785d0ae925c9613016586f7877dd83ca8936d11697052d128dbe96f8a255375ed6bd5b909002c178d0b34a47d9a7c74f2a7aeaa5d4a6c7d848cb6fd7977e805349a0f1c3ae463dac0434f0e1ed999d019e685ae34f47bb7dddd457c7eda7465b4d"}]}, 0x7, [{0x82, &(0x7f0000000500)=@string={0x82, 0x3, "c53a3e7f8a537e7f3af071d71a7de9b840ffd78eaf6edca0595abf17bb7f975602591a4320936806382d31b1f8ee20764e057f2b4a5b9007dd66dc35c3668f5d249db0cdb00a5f59d8a3bf7bb32b26d4af30efec969666773c27679d1ad0dae48ad38a220c737b5bcdd18c8dbb6d7635c0ec055e89572cbd0e4078813fbf47d8"}}, {0xa0, &(0x7f00000005c0)=@string={0xa0, 0x3, "8d1631ef9f710660d6db2cf6a7aecdb1958ffd86ca64bbe7794ac3951daa06bc51bc72e986668ff2fca74bde16c3827dd145a443457adb2f1d4bc70be364e58034024ef8834f33769c644b0a6db7f5942b274bb14513755eaf59d3af1099c22f444c4f880cadc1c143607e5e678f7b3c7ef4f3c5b4197580b9a9643f27f87af3746080bf555a898cc2ed0c9746119aac09a2c43688d56ef05182f303fcb9"}}, {0xba, &(0x7f0000000e00)=@string={0xba, 0x3, "162ff2cb05dd4971d3487a614e9d8d23277e85acc91e28ff8b8299bda78269cc16038f8dab23632c9db16b26eec7c6b135645da3e6f22a8ea589e0ba105664aad418b57d0ae18ba04e6f2ab00aba6f0cc7066bf7623ea1592bb0fdc5d9b3cd03acb61e635692e88d21e6dd674d467f5a2d2e5c6cc3567a389cdcbacc3fdf250dc02caa6b5c15d1719c6ab69dcb26cbb440bd4c2edda3c30617b55d78d133a4fc06777613a8e465f8b5f53539eaeeb54f49c4e4209dbd104c"}}, {0x80, &(0x7f0000000ec0)=@string={0x80, 0x3, "d15e674625bdb0153225a8775bd78a87917e73c4c4816896a1e1bb0c8b38d2a547fcf6767dd557bfc56d3cdfe9dd31c7535f6c99e1ba032d42257c9ee12103820f460a8372b48d77f60534f6ef73abde1ab16a2f747e66d9c8e9271b39884f37625b657f59267651d8332d6ae48321c4f89db58f9c3c9f430ac12966dc31"}}, {0x6a, &(0x7f0000000f40)=@string={0x6a, 0x3, "a1a73b7820d0aa6a8e7c189029edf6bd04932f70fca2378ef969b24a4473c0a739f8b763e682b5ef5eaadc47206abbab6a89ebe1c9e6ef0c2ad2b48e71aca058feeca91097ea2b2a698cc85163a556623528cac53c37f95b45268cc31146829986cc4b079c53d984"}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x801}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x44c}}]})
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0xe, 0x2, 0xfa, 0xb7, 0x7fff, 0x2, 0x3, 0xfffffeff, 0x2df, 0x40, 0x303, 0x0, 0x8, 0x38, 0x1, 0x4, 0x4, 0xd}, [{0x3, 0x8000, 0x0, 0x7, 0x40000000000008, 0x5, 0x402, 0xca8}]}, 0x78)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000001ec0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r7, 0x5101)
add_key(&(0x7f0000000040)='dns_resolver\x00', 0x0, &(0x7f0000000300)='\x00\x00\x00\x00\x00\x00', 0x6, 0xffffffffffffffff)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r8)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x40, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x3c}, @val={0x8, 0x3, r9}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x1374}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x1}]}, 0x40}}, 0x0)
socket$netlink(0x10, 0x3, 0x12)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xf, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r12, <r13=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r11}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000100)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r13}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0xfeb, &(0x7f0000001e00)=""/4075, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})

20.484163886s ago: executing program 1 (id=1666):
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmmsg(r3, &(0x7f00000005c0), 0x0, 0x2022, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001180)={0x2020}, 0x2020)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0xc4200, 0xc3)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x5)
ioctl$TCFLSH(r4, 0x8925, 0x4000000000000)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/snmp6\x00')
read$FUSE(r5, &(0x7f0000007700)={0x2020}, 0x2020)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)

19.694250161s ago: executing program 4 (id=1671):
socket(0x10, 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ptrace$setopts(0x4206, 0x0, 0x3, 0x43)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e22, 0x8, @local, 0x7}}, 0x17a}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0xcf, &(0x7f0000000480)={0x0, 0x0, 0x8000, 0xfffffffc}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
write$tcp_mem(r7, &(0x7f00000000c0)={0x9, 0x2d, 0xfffffffffffffff9, 0x3a, 0x0, 0x2c}, 0x48)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)

18.671519725s ago: executing program 4 (id=1672):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
times(0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r3 = add_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x7, r3, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000440), r6)
syz_open_dev$sndmidi(&(0x7f0000000380), 0x4, 0x640a00)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r8, 0x5421, &(0x7f00000000c0)=0x1)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
close_range(r7, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)

14.39699659s ago: executing program 4 (id=1679):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000d80)={0x0, @multicast1, @multicast1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1, 0xfffefffe}, {0x4, 0x0, 0x0, 0x3b03}, {0x6, 0x1}]})
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x2, 0x30}]}}}]}, 0x3c}}, 0x0)

11.021151813s ago: executing program 3 (id=1684):
socket$packet(0x11, 0x3, 0x300)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0) (async, rerun: 32)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0) (rerun: 32)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) (async, rerun: 32)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0) (async)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x800, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

10.59313727s ago: executing program 1 (id=1685):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x5, 0x16, 0xb4, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
r2 = dup(r1)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000440)={0x80, 0x6, 0x5, 0x5, 0x0, 0x3, 0x0})
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f00000001c0)={0x2b, 0x28, '\x00', [@generic={0x0, 0xfe, "f2afc92b42f9d1da4d0223c3994dc8f3ce9bce5384b8005a0c5bc060f419eb68f0ace61685077faf06fdd583622614fb34b9cdc5c2e61750fd6e8f6046ce923b1d779fd5e83500f741f27954366960be8517f0bc28abf69f2563c5d179d0ca82dc2d8ead62ded418778e278785a582028be9a400531e6733f1b3392605722d72582de786b05b04972e508533351601f97a92c80022f8b71fabde291951fc4bf133f2c257040b1e2cc246464f3f0cbfed37dadfbfcb8223e5fe8bf6d0e4a1c54b57d294b25adeb60b00d65cdbbec887a24619bfea3f4fb7ab6c5117ad133b664c7759f3eceffbcaf43e8e6b4633b83ebd5f11913a7b1f975f5cff57502e44"}, @pad1, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @hao={0xc9, 0x10, @mcast2}, @padn, @calipso={0x7, 0x18, {0x2, 0x4, 0x1, 0x7, [0x7fffffffffffffff, 0x0]}}]}, 0x150)
ioctl$KDSETLED(r2, 0x4b32, 0x89b)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000500)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000079c00000000000001800000000000000000000000000000095000000000000009500000000000000ca16d6c510e707bffc7e7f6e2ecf15b19cef3dbe2ea2a29100db5f0daab7516bbd07afc69b8ab5dc56c5aade306462fdda0c623ed1214f36a20c2a749c1f0dc0b344f657e0a51e5ffd200dad3cff239738a2c710a18447440319a1d7d55248036d524cb65fd75c6fd09137f0b17ab83d3e331731662d429be5940c15ae850701f0ed06622fab98b4dde8569a1cd8800d3f531bf5b2872b644ff2482d263357b0e532487ab6"], &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$inet(r2, &(0x7f0000000c00)={&(0x7f0000000080)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000ac0)=[{&(0x7f0000000600)="ca1f2dbbdad9581763e0a5e83c27d30bd8883d389f6e66d714b4318c206037bf2f2d704c2bc9b4934118bfe2c255c1204219bbf6c3e34d6b43c2772ffdafedc13b5427961f4217a41e34ce1a3abbda2c490d04445f97b7a7d22524e9714ca4326c71422f5b2a375219df8ce09d5f51767443169dbda9af285eefbb97246ca7c8eb1ba8a0d52530fb00af9434efd3fef819bd95347d4326e2336a50ce60344e1ebb1188dcf8602fd873b7bd3342c605621c8cb11ed1faa007543ded69a6d643790c9a2972248aa2a8894c85d5d858be060e9a95786e6881a0438059c31ed0e48116be80ebb4b0ec0e023b", 0xea}, {&(0x7f0000000700)="6a624e7006c8801484b08aa928792ebe9fdfa560c795f018b376e6ac5b642166cf5a4b30fed86b7939eae952de003c4898272a5c06cd477fb491217e85e42489119742b3d9883d76beafaa8dd356f4eb52c86c2c900ca0674e31e83e5b3de6804c096ebcf1b6b229ecd4f40c5402d3bf385e3f39272c9382bdb747d5602a8a80c4c5ba2f609e1a3425410d182ac7949f9aded1e5a2132c4e5a99ede78c925e29244707d695d2f90b932de0c29b394a114699a8d64921f83257508920058c9f04034079935731959caca4262f535cdb9340e71210588bd4b5099d6718f5c235adaaf0e450e1ec727591", 0xe9}, {&(0x7f00000000c0)="e824e145a9eaf5f6c0144eb5ac9b98d1aaad9c5f0464f097c44488eca59df27131e7dc49c653b8e98ddf488d53d8cc7f5bafa5920d9128d386faeca1fee5bf616307fb99268fb5d4e97f08123abd9fc1f118d195d3de0109826f2661f90373", 0x5f}, {&(0x7f0000000800)="4eb07ba6df41ac4bc5d5427d97d504e6898279067cc6b65c48bd5a0f9d5194ccceb26037d38deaad908c820337d5b23c3efb924437c77660cb02e995cbfc06ed4aebb783f5e89faccae3e8b88326d70c89e961ba20eba199d7109cc6dcaf5fbb8f0d16", 0x63}, {&(0x7f0000000880)="fe2bf13b23384b1590b57406eb72e2b5db8e808fe9ff22ae45eefdeba936adebd6868cc0d3ffbe06bb34fa3be4b75b5626f6497e6532fb56d38de6a15573dbfff982c197a68ddd9ef31d13b543a104b28cf49192dc8fcf0221790d", 0x5b}, {&(0x7f0000000900)="1f0220a03de81c7d11a92e652aa34e296f459aabb0432e5b2c0a6dc4567cd5879dc2", 0x22}, {&(0x7f0000000940)="7743a76e0ce639df54572c9d4f6a61ee7193da001f1bb437a27955f4c08a6d", 0x1f}, {&(0x7f0000000980)="0805afcbf14cb913ca16e50a2c604a86cc26c04f32a528611f66435ba775fc3341bcf8b6b5339e0cac67d2665627c9766b5616d5ef85d723bda13e95bedf7f940b1350e02b765c82f936ce70dd", 0x4d}, {&(0x7f0000000a00)="9346577ccbf8dcb2cde7b1f841002541840437ed453cdc1785a27411b055de1018449f176474ad642bab09e26f113d4731d483d8cf6ec2b164650e8af0bab202e117e8cd4fd39419b69dfe6a5245a417521a87e932b70ae95d4a70d2f38d55c4865078d83d2e5a4eec784dd48526e9e265afd48ec07d111127b57733b63de98d43ac65060af86a8a6139c8d06f61bae09673", 0x92}], 0x9, &(0x7f0000000b80)=[@ip_retopts={{0x50, 0x0, 0x7, {[@rr={0x7, 0x1b, 0xb0, [@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, @multicast1, @private=0xa010100, @loopback, @local]}, @end, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x1f, 0xa6, [@rand_addr=0x64010101, @multicast2, @local, @local, @local, @multicast2, @empty]}]}}}, @ip_retopts={{0x10}}], 0x60}, 0x20008000)

10.592625213s ago: executing program 4 (id=1686):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getuid()
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x0, 0x800, 0x0, 0x40000000}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
socket(0x15, 0x5, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$tipc(r5, 0x0, 0x4000010)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x141081, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x1)

10.52543807s ago: executing program 0 (id=1687):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000340)={0x1, 0x26, "0000000000000000b7dc314fc800000000dc15ffffff7f00000000354d4cba126d43eec1dd73"})
io_submit(r4, 0x2, &(0x7f0000000380)=[&(0x7f0000001440)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2, 0x7418, r3, &(0x7f0000000280)="df195b8c6ee941ecfbc4ebb386cfec110402e514069b9457bceecc22967fd086fd7d", 0x22, 0x7f, 0x0, 0x2, r5}])
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r6)
mremap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffff0180c2000000080045119078000000000000000000004e20001090780200"/50], 0x0)
r8 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
io_setup(0x3, &(0x7f00000003c0)=<r9=>0x0)
io_submit(r9, 0x2, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x0, r8, 0x0, 0x0, 0xa38, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r8, &(0x7f0000000400)="8f1a17eceebe109a39e60506a5d85878a3a4911aeb4ec15b633b161299074b2c1775458c786c15b6c701c20a9a56cacc3a4fdbd7f77691c494ef483184d3760340dd4a52090ca5bd8adf327d7bbc4b76516fe175b99c72e2ee306ec43d0d040c07cb876168565743c40cd2c2b5206f7fa8d0331372a13606046a91864926a3061487c70d5a6adc9163562e8dfddb6287e49b43af29e28a9f92d9b65d4e10ee4b188d9b161871a23711df2dd044a60f577e27f0bbc6f9b567c310be70c865a694d6b1232cddd0a44beec277fc8248fda6a8ff0a41bd3cfa3923fd9b4d24666f4b6ad6cfff6f486fcb83db4d4eacdd1c2a0f0f367ddb9b8cd8e3ae8309dd3d6822f3a08f7977aded72f92efb3b14d15d094575c72c3e7c260055d04e6d0aaab26c2492000ad71ea3bf3daa187b5b55eca2fc9d3317135dab57c95712660a297891de0717e82ff036b7a70cfef82d3673fd201f60d7d9cb23f63989f68f6beb2882a284b2f2a071202697b2f67ba5f80878edeb19c76cf819a963166e35a39c6445ad58037a56f862f894b24bf55d58b78b733932f5ca163680185252d8f896336e057609964363c795ee6048395b9a5b79667e729eb7b229bfc2c0763435c3188b3a7cacb045971776ae720014ff9f3db196a4a15d0a988cd774cef45fcbb505048306781af5ba92ec7844dc7f7b30fe51c5e086ca944f8b8aa18779f5a3031004e415f4d0045c10faa7a7057b8fd8e62bd0897f766b2b7d2f0a3160c5f219b52100dbfc88229add91beea4d654387a539181a3263c40151b27b41a78fd575dd318735389ffec0c5ecff64f9ca3e7c7022cd1dd819f76e4c1f540e5fa826848b0218380c4e95ea655cdc3e909b68c463cc27339e9e4161cc8461adc49083f1241fed3278923381aee0aa2520098b6e699e958830faf1e7bdf7e7dce4cfc8d45cf868be8b3c026fd4c0604bcfcd94430d85dde6ecc333b645b6c55d2486465fa76345eee0dbf40ff5eecc94822b55a443c05c6d8f1f517c9d1ce040f84a3ba2a651385eb1fbc8e72af02ea35bf13b2d3cea9fc6b6a1fc7f5a24c52fa12a906a7c16df60f79e3b36879c6acf58be9bb25a8f2cd5d1bbc9b9c4d40b6618cee0366cbcdcf3b55c4610766cf2822ee30defc05e210b1db9c41dd4018e5a3771ccb2d2100fe819a2ac33ccd58dc990546cf1a0ed40bdb2133a8b98a89a826ed707a79e63c35d9750c7e4e0454e50497379838ed077df654bcabbeabb2d2aac9a461a31885e273e75bce5200a2e7a2920e56f9320bd20498cefded87838bd8c2a3304ff48a5ad7160eb279e6503e5d511063bd17d18c995640725650d4a56da3bb9bcc6af0990d98c3453dcdc68bcd9ca7e4fd8944f5fb54cd40eb859043aca26c7b9eaf0195fe7e518b37431cf2c3556a2f22e1a8b6b547b11fe674242817b54886e9b4161a95dfa04c41549850e68fdc4ece4e29552feaf5165f54a5ce0038d81b43e940bd9861752e13073470c7b176e1ee703617e50c0f4d3e8eb3ae6e1f99813f443659a26137456094d456bdab3a2ca0497f096b2adf137be6d5d07be33577df68402358db7704b864050a0fdfdafedd26fec42d3037b4513eb77ae153c8d2fa58fac746787e6a84da9a67a8ff022ec5449a2908b02770e979c4cd509ff96c3a11a56f6bf484cb5cbd7dd3287caa7a326cc657dc768ce3747f373628dfb96913ee9b524182a4e6d82414cdaf243ff1c89ede3a82e1bee01d73e8a2d4c5cbba36ec5c7c7f2e8cd83ef637e2444559431577f784a5ad8cdd5aa5b0eb3fcfd2affeb96d816a757ebe5bfc88d114f109895f379284d6c90b04a7bdba7aa94af5d6b5029d0752ef3be4753c2dfdf0b5831c4749a019af9d793effe11b33f56b6b914702061127919a81ec3168e96d81c27d5fd940a1c3b2293ce7bcf7ce7956b1d1ee1e4f7e835eee379d4283cb5c55ae6b20c235ad3f05771352091a6686ede331caaaf62a29f1a13f2b1066da691232b4d8dc69ac92d2ca5baaadb03ddec5ba3f4fc6431bb32373543e42566dc2a75f036b0e1d70809fad3e55d66594b0a8f714607ea29fccd8f4daf7d9543bcd6077f2462b6c91a6fe3e63928af6bf875385d30a4e714211eeb000f0c05b8b44e32cc4fc42ce61053e1c7a5fc27210a4f775a9379fd2de9aa45006c3aae41e4c50239fb7c03606e7baf7d50f3091e684c08cd5e45fd0a02d9a1e48d27e397807413fe35009f8985c1020176a057fda905d3121cb58ef9e980118b0721ce3de895f9a9e72efb8bb68e8b180f6106980aea608bc3175e3d671640e7a81801dde5e45a5702007636f6978653d9c330094043470e244717fce0eb4339a1a8679d227fdcfd1b1f0b2db36394eefcddecec4fa02a362091f260c0dda183ae07ef47de918f26a88cedfae368246ff4b1412d250f82f2e7bbb31665bf7a455a26ad065749ba7d44b5f42dfd0049d4619bf44459f9633624b30e2a31a2558b33e2ce2afbe99725b1794678a02395f998ac58dbc1b3e5f66d6a1a22a658a096927dd95aa8d5f71a8160df7bf452797c475fae10cfdf5b9377e531277898ca1cff923fe411ab4b25564b28a6381dc8a2bbccb111e4dc30b66dfbc7667b6e8e85f1da1f7c41fe9a056a9c2dd853c24de735632f8139e6c0f8947e0712330d7971d7d7ef17e71a82f67e3d40abaaf7c78a6283bfab719542c6a72bd1eb64ea55cda69ba2101599750c83be49b1f5b77e3237b25ba6f4d839f16d3b811ea7cd0bb3b2136c82c46bc7ff33b49b0e9ce37070fe7d84d7dc49afad088c84d52fd24c9e431ceef7f37ff534fe0a168707bd31af65ebcd1675367dd627f31897cc18133b8567099bd67d24b1c3eb4dd8575d4710350fe6ac17578c8c2115aa02abd859d9ddbe12340637a41ca74f42232ca02c86f4f9d6256438463d226b8adc49839f29f9dca26be7d65f7ff52daf4c975b7f0344aefd38594a097cc93d5f49c4231ed8aec184656017a87f7a99e1d7ba5d36348119fb29ccb8592d7e67c9168398c3b922e4a513473c1fbc7497df758de28aca65e1f65864f0e7e03b7c4742854bdc54b1461b3f20849377c646b556ad67eccc6efe994b16e9ab91c111b833310742865406f0443ced82211f69c737ad33e51b14b8ab766d24f78a1692f20225dcca1888ff5a6abc36a0b1ae7fc37b6db525266274262e3b3a8d197b1507f6724af6d258cc89ef96523398f63321cbfa61060f187253583b00b34542b64c0eb5f9e0f6182556c43ea67d34180f108e6ad0474d8a1feb3843882a8bd75a66a7e3a6e586aca2ff2e6f1fb58bf3169888dc925800c4ee20fc644a0c84320457e0efede7b2e613d9f921f16fbbf510b6006d5a1db684069d4618450e16e995bb88305af4c9b15b73a4fec3d3da8e5ee3be68fd150a18d0f574f3a2cf97a1a6bf570e57ff895ca4c60804b0153d2c63227f604ded97216357ff1c503b00738dad30c53beddda78d7ada4ab0ee162deeea0cf57fee78e983882a2afce5169f277bfb4527a5bdf303cf9391ef1b76c8563d9cfaec672d9c48abccfffefc48dd7f6a2865c283ccc204853bc8b04611d7c5c7fcaef07d2e85b3737dc8cf44a1d37751c8980614b82385f518c40300e7f9ddc5e9f22669de739cfd320ded5386c09de43f61b76e8b6a7917deb738bd2895eee16d6414564a727ab87565ecf5dd7e0bae65a0f0cdde68ce89f67989fbd07080dcaf3d37fd1dc1ccc0f050ad7d91d1a01261d8c633fb74973ba47ebc61b5652bb8e8285de1e8c28881d8dc4501f545193a2c4208260ee7bb3bdc4b5322c5c450f357b38d5b43385add20520d2cdf7b8bade7a37e269c59a6c9b717c5d0b69a5465678efb6f6ff6a2b74693a3de6d7df7056ea5b838105d8f97cf664ab95aae7e9c08ddcff10a9fea5b348378d056f20f99c3e7d6411973b787cb519276c38f92d5178f518ff2ca5b509b257442072290f8f904f176d13475f8af6b4bf0640a9aaffffb7e222870cefb623dbb8e177aece0eac6bd3ef2dece07b969ae9f0105831851f586ded0ff90a752184552393e9de454b75be6ae17fc6a4ec89884ec119fd6a8c6a700e650bc26c5f72dce3e86bd8f92a81d2d16431791fe97cee195a0e12e7d311f14be1a5fcf7e2da848390fcbd39b8f0de48e8ac2b7f0f792d0f40cdea116be9a09ebfc07b79f2658d755ca1c30e3449a3f41571253fe11c2c821ef318c1a41c134aaa3f7ede1fd25dbba4b56dc96c282c421cb6a47b60a667e6ccb61b56e6bbac351e052048b7236e15a006ed6aa5fdc594eaf65f25fe498b6fcba158ff911d46e627ccbb7a41c8c93ea503cc39a537c2f368045359b4b138a70f60d9cee79f26a6055bc9f22ac5061908b8596f426a03b152c40618c515831566eb788dbd72deada3b899a06b866f67c8070ab7d147953a0d585cc70025f562afe0699934435896c628a7a321e0c39586463686fafda5f236b45d4ebc8f714c81c4ca681b812fca1b3404a9eecea54a23385218f35a0ab7e37313d87b7ead1de27f13938afe658560843371cdced704fffba4442068c7871ba86fe3028222847d6a7cc6e1a42b8010d1702a4ac8e549ac1029364e174bca841de9b6b9e5eda41e6033e05f4a36a87a94c4324fc0b5cc385058df87692c9aa0c1c2e4fde95fba6abf4c58937bb2092a98c85456d1077318868fc33783771c8084683ce69ec422e3eb6a45196c3ec26d9378cc93f29810867fb7c42a7b102c7efed8c056d65ab100f278d74c418aadaff8874e40522af2465077a6fb218475d92c355eb992f29860f56873bcfa36b1efc2620f1e4456679baf6009d85bb06bde15a3ae57d0f7044f3136264edd103d0f167a811a7560f8eb4fc366c3ef705db6fbafab34d8bec59264bd716161371ab0fdf8456cc0924107b0c46f093969470527292ffb561da81efd6630ae90773c92de14bf65df760af046539748c4858fb199f1699728e24f57bf080c584f533d708105cc913e698ea0cb99fce13d832f549603c3bb6ccff69a2261c4c927f7ec6b2c4bc54a7b6eac6c3dcd70a2477fc78a4fc8b96083631676314823df4ade114c0f52780f445a78e841b4d67d35be4b79020ee962fbd964c691d69e8fc6a03e319f478fe3b4fc0ac7ee6d1ed511d665a3ff2e8587dbb1e6a39f4018c44217bc429496771772d197ac2d3f1dbb8fedaeb6332c16b056eb55d8757e47990f01c5c7a817de736dfa0fbc98908880428e72f1153f4fa69d9ac7d463dd80e9a28d2406509c1b21a44086dcad2c8ec906ab44730dc4f87b523342216159f8b261c02f7facda5b10befb93ee4574513e5492adf0f01cc13ee72c07cfbabe7f28789e90b3b633e0284c731577b9c7fb5652f736a09469714b3e5c5bfdc45f14fb46c2f3b39807c1929261cff24e66923d90bf0384cb0f5e577d0fdc06d8f4bf24cdd780a8fa7a038255cd0f26af67963b2b05523f25c61c6dfcf868d92c321410a3ee28d03d344eaa28c811b52f616df7ac61410004843579337f56ca0447009a871af10e6c5385569f4eca7d235277ac3b5ea840aac18d05eba5b58306724889ea424b423effb019586761d5803998b2b93b70c490687eb4ce1f0af2256fdcca1af03e7b78638f91c19fd1285c1ac8b27e2866403bbf45ae243ca18c4520d9890fb88b16d50cd33cc1c9dee1916b325462cdae45235b223c07c33ac5246bc33e4e81a1c46b712736afd017479321726e98c6558c636178b8e712157a252b396c9d7da83498d9d641dd7f540cb2236", 0x1000, 0x3}])
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

10.460377769s ago: executing program 1 (id=1688):
unshare(0x24060400)
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
unshare(0x44040000)
r0 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000a00)={r0})
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[], 0x80}}, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x119880, 0x0)
r8 = ioctl$TIOCGPTPEER(r7, 0x5441, 0x1)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$TCFLSH(r7, 0x400455c8, 0x1)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="2400000007060102000000000000e1ff0000000005000100070000000800064000000004", @ANYRES16=0x0], 0x24}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=r8, @ANYRES32, @ANYBLOB="00668e9ea8af727c4d00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000008500), 0x22002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

9.577041858s ago: executing program 4 (id=1689):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x2, 0x2, &(0x7f0000000240)=[0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0], 0x0, 0x3a, &(0x7f00000002c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0xe0, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000540)={'ip6gre0\x00', r0, 0x2f, 0x14, 0x6, 0x6c, 0x14, @loopback, @empty, 0x20, 0x80, 0x96, 0xfffffff2}})
close(0x3) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000040)) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f7c0000000c0a01080000000000000000010000000900020073797a3200000000500003804c000080080003400000000240000b803c0001800a0001006c696d69740000002c0002800c00024000000000000000000c000140fffffffffffffceb0800034000000c6348000440000000010900010073797a30"], 0x100}}, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0xf9, 0x66, 0x67, 0x20, 0x547, 0x201, 0xff50, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x8b, 0x0, 0x0, 0xf8, 0x62, 0x67}}]}}]}}, 0x0)

8.140659058s ago: executing program 0 (id=1692):
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f00000001c0)={0x87e2, 0x1, 0x6, 0x9, 0x15, "0500"})
r0 = openat$sndseq(0xffffff9c, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4, &(0x7f0000000000)=0x1, 0x4)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f0000001bc0)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)}}], 0x1, 0x1005)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
set_mempolicy(0x1, &(0x7f0000000000)=0x40006, 0x3)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x3, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0xb6, 0x0)
set_mempolicy(0x3, &(0x7f0000000200)=0x3, 0x6)
r4 = socket$inet(0x2, 0x3, 0x4)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x6)
socket(0x2e, 0x1, 0xffff)
sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r7, 0x84, 0x76, &(0x7f0000000480)=@sack_info={r2, 0xff, 0x3}, 0xc)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000140)={{0x0, 0x1}, {0x8, 0x5}, 0xcc000, 0x1})

7.94067066s ago: executing program 1 (id=1693):
prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0)
r0 = syz_io_uring_setup(0x10f, &(0x7f0000000700)={0x0, 0xfffffffe, 0x100, 0x1}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47f5, 0x6021, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000640)={0x8, 0x420004008d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x1, 0x803, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='io\x00')
read$hiddev(r4, &(0x7f0000000100)=""/100, 0x64)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000780)={{0x1, 0x1, 0x18, <r5=>r0, {0x9}}, './file0\x00'})
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsmount(r6, 0x0, 0x0)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000800))
r7 = syz_open_dev$radio(&(0x7f0000000d80), 0x1, 0x2)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x0, @dev}], 0x10)
ioctl$VIDIOC_S_PRIORITY(r7, 0x40045644, 0x20000000)
mount$9p_fd(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0), 0x1410020, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="2c7746f05538c6366b4960642f0400c4f107724cf9c18eead3ac8f94e7378cb9e4fd2dcf137463296c9b31c4eefd617fa85a47c813b0ff7195d1ff45e8e100544dd8d6308bf69860fa4337feac84242ada87258edda59b425c917b51210a32be73090ec548d4885ee3260d258260610ee072f7c9fd9bfa10bf", @ANYRESHEX=r6, @ANYBLOB=',cache=fscache,mmap,aname=*:,mmap,seclabel,mask=^MAY_READ,measure,\x00'])
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

6.961128747s ago: executing program 2 (id=1694):
r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x1b, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000003c0)={0x0, 0x1, 0x2, 0x0, 0x86})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x87)
connect$inet6(r2, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000e40)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x1c, r4, 0xf21, 0xfffffffe, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000100)='cpuacct.usage_all\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000440), 0x1000a)
sendfile(r2, r7, &(0x7f0000000000)=0x5, 0x20001)
ioctl$VHOST_SET_LOG_BASE(r7, 0x4008af04, &(0x7f0000000040))
write(r1, &(0x7f0000000340)="1c0000005e001f3814584707f9f4ffffff000000230000001ff80000", 0x1c)

6.914435802s ago: executing program 0 (id=1695):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$watch_queue(&(0x7f0000000140)={<r4=>0xffffffffffffffff}, 0x80)
r5 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000280)={'fscrypt:', @desc3}, &(0x7f00000002c0)={0x0, "8cae5c2ba870cf8332c44080390ccfab55a54fcdb1e936e9f7cb93da03274b08aa62ae5494c2171c241f22fe0a4229b07a204683ae863556b3b5a0e2f3515ee2"}, 0x48, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r4, 0x0)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r4, 0x2f)
close_range(r4, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)

6.643885304s ago: executing program 2 (id=1696):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) (fail_nth: 6)

6.111364766s ago: executing program 4 (id=1697):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000d80)={0x0, @multicast1, @multicast1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1, 0xfffefffe}, {0x4, 0x0, 0x0, 0x3b03}, {0x6, 0x1}]})
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x2, 0x30}]}}}]}, 0x3c}}, 0x0)

5.900959155s ago: executing program 2 (id=1698):
socket$qrtr(0x2a, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000100"/28], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = fsopen(&(0x7f0000005880)='zonefs\x00', 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x0, 0x0, @mcast2}, r5}}, 0x48)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000580)=0x1, r7, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x0, 0x0, @remote}, r7}}, 0x48)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
io_setup(0xffffffff, &(0x7f0000000280))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

5.816061904s ago: executing program 3 (id=1699):
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x100000000001f)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000100000005000500010600000400040005000600000000000800030001000000db957ef52088671841380c46f3cd3e737ee79d7406b8c26b6a3d63b040df44261156ca824b41e568d1daf5f2d2a15b8654361aa645e3e65f8a1d3573459c912339e19e3baebd875f20caa1a9f0e17dd8ef"], 0x30}}, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240), 0x129800, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x800005, 0x0, &(0x7f0000000000), 0x0)
r3 = socket(0x2b, 0x1, 0x1)
accept$inet(r3, 0x0, 0x0)
syz_open_dev$mouse(0x0, 0x10000000006, 0x408040)
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000100)={0x0, 0x1, 0x8})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
r4 = socket(0x40000000015, 0x80000, 0x3)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)

4.28632899s ago: executing program 2 (id=1700):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
finit_module(r0, 0x0, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f00000007c0)={0x1b, 0x4, 0x2})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0)
readv(r3, 0x0, 0x0)
futex(&(0x7f0000000040)=0x1, 0x80, 0x1, &(0x7f0000000180)={0x77359400}, 0x0, 0x2)
syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100))

3.814322251s ago: executing program 3 (id=1701):
listen(0xffffffffffffffff, 0x20000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x1000088}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x11)
fcntl$notify(0xffffffffffffffff, 0x402, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x9)
ioctl$TCXONC(r4, 0x540a, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)
r5 = getpgrp(0x0)
sched_setaffinity(r5, 0x8, &(0x7f00000000c0)=0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtaction={0x1c5c, 0x30, 0x10, 0x70bd27, 0x25dfdbfe, {}, [{0x220, 0x1, [@m_sample={0x138, 0x18, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1ff}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x80000001}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x1, 0x200, 0x6, 0x9a, 0xdc}}]}, {0xe3, 0x6, "30182fc22bcca0d3506086fd3e3e57fc7969a4e013b64cacb3355c85220eb2901c7a9343e1a502b158948062cb96ca80b8efd7f9886fc2f2c181e21e83b3ff6296105cabd29e254f2cac7c90ab3dc1019f582b8f2a256d0c5f9329f3050d7cf75facc0120094eb8f7d31aa3c6d6bbdfc33f2cebaf25a6815c743fe48b86000ba0ec8e1408fab60cdbb298b9212a16bf4eff9dc4f6c48c54aec591fdbe0669124bea4d7ddbbb069983a15e7614cda6a2aae4d49dda7033cb257297fa4dc8089e73d86145077c6965ee366c9c912754ec38cda94f09705e0df913a9bd5c50237"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x5}}}}, @m_simple={0xe4, 0x7, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, '#}:\x00'}]}, {0xb0, 0x6, "3b490037efd24be226e20fda19047445ab223ab412e525b47d51d216d96b574c835e3a9b454977c7ef9f2d4738ce2b356fae73ceb499ed2f9f80105f59ec5e9aca59f7589f4e20f4b91f5f990ba16e5b2b1d2d0b381195feaa31e3aadec855bd80856147ada5f8ae3e2a2bf0fe9967174a9198a2dea2c065cc0055fba25908f8a35d2dab210aac7e2247853d5e152c99381ec6b99a62e1d2e51c93e3470d8c68df7261d061232a108a259039"}, {0xc}, {0xc, 0x8, {0x1, 0x6}}}}]}, {0x5c0, 0x1, [@m_pedit={0x154, 0x1b, 0x0, 0x0, {{0xa}, {0x58, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x28, 0x5, 0x0, 0x1, [{0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}]}]}, @TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x4}, {0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}]}]}, {0xd2, 0x6, "5cfe63ef3e4aa0e00a9ba7a55b560381d02df5013a10309e09af4551dacd55515e0af8fb403e96a61fd5016c26df01e9e631d63aa2e0ca98691d3e9f4ddd39dfa674dd709780d726ba5470a9b426ab3e4414c8b6f37185023b551323edda92d9ff6bfdc1d95d73478562606479f9957421a9c4c26838ad7b6ecc5f244ba21ca6cf0e68559be35733373466a88d802b6d1600db1c7fc3c69bcdc3967ab93d6088081bac9cfedd87062b31f750f3d90564fc5370faa69306f2b55dee56ab4e65ecdd995f599a7894ed291f983d7726"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_skbedit={0x12c, 0x11, 0x0, 0x0, {{0xc}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x2, 0xe}}]}, {0xf7, 0x6, "db8dc1d3d0440e1278feb3c62f4f25f62d6cdded277a785f74ac76e8807735f107158d20894068aab30c4b3f0c05a1ed363e5bd545cca1939a3969e78a11f8bfac76458114cf088dc48c0f384f531bda97d18a0699d1483b54b933a83404514e19cb90736682485271ff52e945c82d65cef438cd2aa1681f96e4ce861b4b826cd1df7abcfca7a074619cf29518064bc42163727ba368ba8fe09427bff8d421a04a7781996fd52f2fdfd0c5a8ead3122bb69217eea8d4475b4797a7a38c60b2cb4de1c1fe09b59ed44d26e1164b99c7f21fa6c5a6f990f1f6e28d7a9e9e33758ce73b3c15fe54c6b5fcf5a8112984a5d51e3887"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_ct={0xb8, 0x1c, 0x0, 0x0, {{0x7}, {0x4}, {0x8f, 0x6, "a9e04dfafceda0b9ab60e306a4eaa972a2ead25d7b368d91f575c8844feba0661a38e7cdb7295c8aee9bdeaa677bd243e4030d532da597aae0f4af71de19a1b8fb9b0b596cf3c3e3ee86de1ea36a299b6c62c286e9181e27ebb2ee0c66b8da6aa3644448e92e4eebc5ba985fa6b085ee996d3f214b88564706c2bb726f5fa88743595b2c14e3d07dd21bc1"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_mpls={0x178, 0x1e, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_MPLS_BOS={0x5}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}, @TCA_MPLS_TTL={0x5, 0x7, 0x6}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3, 0x4, 0x5, 0x6, 0xfffffffc}, 0x1}}, @TCA_MPLS_BOS={0x5}, @TCA_MPLS_LABEL={0x8, 0x5, 0xdaff}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x2, 0x4, 0x8, 0xbf9, 0x3}, 0x4}}, @TCA_MPLS_TC={0x5, 0x6, 0x1}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}]}, {0xdc, 0x6, "fdbd7944d6ec3199bea2fa04ae5ac1a59a219d5243fa6542598c94b0e6478b0481246adac7c397dd6fdf84218cf5109bf037b41cfff8f8de621b8ad265d74921bf851d7d3462b0ad7807d2b31d1e15761dc8b848ab9008602e3da5f048e43d521257b937296e09b42ef1ca327302ac0aac1ba62e10f271ddafda3fb9b47aa88db2416209fb54c95989e8609ee2f10cd49b226841e0fc3061d323fe994a02b5eab5432cb882a282676a0f53d5446d669fd3a07b20f5dcd62aade16359d1bfc59a323f95564f5bf6dec860167d61148dc3759f306adda16414"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mpls={0x10c, 0x1, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0xd6608}, @TCA_MPLS_LABEL={0x8, 0x5, 0xf5524}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x7, 0x7fff, 0xb, 0x80000001, 0x8}}}, @TCA_MPLS_BOS={0x5}, @TCA_MPLS_BOS={0x5}]}, {0xa4, 0x6, "e5dd7e6d58c92ab65afa27675ac4b32548ec5b487cbbeeab3e5f9649fdac2430b8da698c1f400889c8c36986cf9dc2b377e3d8bb17a540ea03a2f51a28c6fa4502bdb38fd964466e1a4b1e57a32ab7690e1efe365ed2115531ed5928229f2f406a191b2674e917e83a98d867f444e4961c55f287ae204854e70675cfca1016914e82cf344be4f4972da6fa7ecf10c0fbc4e533fcac06433ab419d133fabdfd46"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, {0x1468, 0x1, [@m_simple={0x124, 0x11, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x3, 0x7ff, 0x1, 0x0, 0x2}}, @TCA_DEF_PARMS={0x18, 0x2, {0x71, 0x6, 0x0, 0x6, 0x7}}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0xdb, 0x20000000, 0x3, 0x8}}, @TCA_DEF_PARMS={0x18, 0x2, {0x8, 0x6, 0x7, 0x7, 0x80000000}}]}, {0x96, 0x6, "866ff38ac0792f49150767444ed8b2b10660c49694f7557cebf9b928cab8fe1881bdb30aa3d9b96425a6b8ba1aee3d89630bfd9714bff8714d7880a1a25813a2b184c737a9c7f05aa53b6ddd283e04bc72a176794970208ef09cc5a7594a815909571f09516d73416d23ebee084b280d8f5c412f12e2ce718024576545ce54917f0791c2c81e1554e3fc42e809d3551b6add"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_mpls={0x1040, 0x9, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_MPLS_BOS={0x5}, @TCA_MPLS_TC={0x5, 0x6, 0x2}]}, {0x1004, 0x6, "fdf9755461a9c9fb1151effd8ca9b3692e23b77a5bd5a63a0165662795a935bde4d25f05b53b48f0bd3cc9eeb227d3f3fd3a50539f96546e9fb29e232ddef501a11cb2939257d73e200a85767429a85626d91d9c93d606e2ca4e0e9f8c2ee7be6c927a3e54313178e8209e1256006b1a120e498cdb5e9dd7cec7d363d37292c0be3006dfc380be6b70f291b7e2b962b726043f40e190f94955e44447a4e1acdf871173da347a1a3885163438bd46ee2614dfc0281b067f5c5ea491920fcdd6d1784a4f1dd73967236e0f3e0332d5406bb1987fa52f29467a297f463871408a0a11ba454cbba9335de7b177ab86ed26c4b049cf07a5df7bc88dc8ec9ffec0044ffb5cd120458a0fd801a3a10ea1d2cf6bda0de68a103922c715128ec5280accc1009efc06b4add70658e4993fd7af5a293aaf52c904c09eb055d82ad705d9872696137b241160b61b4b4de3fa00f98aa35c3f543d2119020cf5455b0682893f805417ca3970b4775bda1d90cb79aab7193995c9482e7bc3b7e7dcab5f8c854a8122795398648e0fa437925e675b28ef7eba7759d197c1983f2823fc34919b1d875edfbf5a2f1e1a5d54537b58079c53f95708b21532481cccbc4c4eddffada1936182bce8671fc2f2fed41edb02305cc76d3df1a9675892717a8e198f71a517ae8f9d8688f05737d6d76aae581a3fb10a2e681f8b1b0f3ab364797440ca9b420ac0f331d8dafbfbe6a50506877b123b085b4c13c50cd54fb5f50240d545fd37b0e2cceac8c87656a166c95d5e17bf6da2307474ba5592a804df01261026cbbb6920f5ac39a13c771e1407d35b00f1db4a167bd1206bd1d599f00451f91a0b7f889dd193b6e7eb15145de542e8b035f36da40c91260f17ef78c041452575af689cec999b7f83766c81f4b0ca5d87607947bc73ccf22fb9fcaf56d6b68c45502a909a6c0bec296effb849ae9a715e3af244617b7c52313500e4ac62f20887ee5bc08cd247074763c005ed5b5fa4dd6bc8b3a2ab0e984704f790bad238f24d95f01af7741db42a26c403630c46fc48d35d3db2cedd6718eaa08dbb1bb2533ac71e391ba24254063548c0ca99b13287b8c256e9811b4dde5a58598a3797155452e3b452ab69ebff73f9bec4330573ab8569e948627119f20ff07f20ac01ce9ea1ca7f5c76c02f6489f08fb557acacfe4d906bb3effd52181c0404e701a7d11c0540d6a7e79c17aa7ba9d63d9113f3cbea775a95835ca4ef0ab32a26ebaa6af27df7f30ca01245d3e71d475d5a811cd5cfd8a34c3f629f402227c1591e88d0370f860f5b3797de53e5d447fc39d0b686d0f487cfefaa2d052c7bf4fea5b51cfb9eba475b2bb5ec06a890db013c2e6cb33e089455561a75820b1ba8e298bbeb2a28eceb2cf543732657a82e22193a931b3d14ab925146b476c265ec276040d798665abb1d72290d853247f5e03774b9ef8ec07641ceb7759c2302050d1876b0e0284b23d8a669826ca04d562ea9139a46b11951f14355d14492e5744cdec27618c233f886ceea617129e6c7eacf051c0e50acf8e87b02db3e9f3c55092a9776484057515ee5c8d74e1302aa09ee8923e3580d9c23bbada8edfa309fd87e6758f0039a59267f4c251a45ab19f48349c22a601f2867805b68d87cebfc48836aa8e89039f999f97803dbb7413bc92d7a89c112599c8a2c5703b0287fc54c4e32eac20658915863a591191b40d8d9408e6652ee0c5e54ec52c503f621511d4662a41b1cdaf52df0d69eebef8c1059adf6424ba36fa95ef9e8722d2206ff05d9a580e445cdae179d3d6f23757baf9bc2d29f128baabc3799c45a438616f357d33ffba84b4e4d4889d6fed85d29ef606cbd541ca9dceecee73eb18764310729679b612f36cc11c50ff87ff70895498092db0b4976ffe6c76435034b12b7a1e29c2240e32d89c89b2bcf0911865f06eeba5d1e2e0a9740d27932a631a66d8de2a004de75c70c5f478ca6ac1ce6b8f5d2ddf112de5aece2bb98993e340ac5ccc6f652e864f4e07c9f28afc0f1c80ca154f53069f578fbece9964b9120e0bc293d71fe968e02e901842744027e59febd575f41fed43960ee15b508949bcc4666c484ab80e34ae218ff663126ac203d7eab9f623773f4bf2735908f17c112b1e62ee27d2d51d2b2cae0f6d73b58026a0338d58f2c50d8cc9d9ec1ca439b9f6a795550decd3dccd205e7ed85cb02d4621830863ff33ab1dfa3a462fe580af4050b871c58e77c099408e4115b64083093542063fbb69e43e25e620cc46e415df4bdaac16a7371a4311d58f072bb36930797d8575612cea4a3cb9652a06c2c138b6c1f656b3d477a2e70e73cfc9f477efd9c37f63a4a8f8e18fea39c5eea3e015a04d495540ad4115273b0a6fa0b681ad2af9ccb12613810edc8f8a104ee5f2d1e15cbeb6c79aa4cc95ad2b16d9aa5238bc517c794e2ef9b9e0cbc31cf31fcaff9d63cbfb832016e92876e61da23da47e53aea0e47d5e103724a995ace0aa2971d860216474bc8aded5820ae936bcf034e7b13a86b3e3fab6f3df738f98764d7c7b6516abf5132a86925014353e45edb7744bae3b731bc492b27f23ab289c123257f5e932a5b0f15a70d947a01ea4896045eb87d5fa48becb2f202cc8388870e2f982dc6e3dffc6cf2f9fba07be7e4bd0d907f7c607dfe1c6069b71d4ab5414d875f6a1852fe5d1df1eb546d5179c95503ecd9ddb987e62369fc5825ed840378862604d2576a815ba0de0d9b1c56f2d44bdb97afa09e80d4f819d7e6a9461d1fbcb44bbe0cf58ec2d888f3c8aa1675bf340ccf29099b84418d9cd404579f4013b16d661ca509a9fcfbe59962ddec18b5a4cbb42ed1968ced504e2007a00f2e9f13ac303df6abcac2801172491abfd2ae38717b327f3cc3c49ad6ee6c3fb44c8b2c8cec123ff94029acf3653c3b78e162951e169369948a93967edb0ad8eeb0a5423cc965649b7b9e622a8d24615eaaffa2d11ec1cb9e4fce3cdc9d2492c2fcf97c334135aab0763eb792e9d908dc8af112676dbcf333b8c90a90bbc6e316864e3662e15e4a9d4ad12148563de84d89a365b7e5aa0b8cb03dc1964e52c55b6dcf608a0931c436907a2c4d0eb38af5b597cca7890089f6ad63ba02ead10a5db3e791f59c02221243b2f2510a49a1e0d924b7940ba1d1da99328d6fdb9334d729012c54723a665115b2b274d8d1a49f1e3db0e863a0673598c2fa9e82f74c1cee73ba78600938a6a8df6101f41a12082a004eb078439e2fbcb78a78b377387aedf0c3045ce7ab2a888d1e6c875c06e5d7d750445380f42f95df356825356e3827da39d1ddcec66a021d1a04e0b52db23696df2d4a103b469eeee9fb855c2e03f6c785a4e7650c934c3d275c8a318f61c54b7490dbac74ea5ce67baecbe2606cb351a864d22d0e25dc21ef0cd40eab42f2fe93f046988f06e775f8148308c6aa70ae23c44b10051aa1574b5511503c0ef2722e190868d55023426d2e19923b1104e42ff96e6ddf8563a05db6a266b9ee1bc1771072fc7f212ea41ba96e54ffe32d608321ac5ea02ff88b1ee1dc2c0cfe2c2cee06312cc24d747fae0a9ac555a817a464b4babb0be89138a0083a9e4e3ff0394e512701a8b97ba0f938e79e602f28e6b59a6e84382df1953f7d415e8dad3a22fd932e66822f6c1629f371dffb46f98845b660f98a9e2b90c4ceca032186edcba5ed00af645258536c3b0c80c55c524a42106a41bc05081fff5b45a01c01b22f3901d767a2d057e61315c9cae5dbecf2d860a21ba6b51308dae1eb065a41ce4970bef73bc199b873a0ca17acfd5be7353a5c56aa330ba54aa08638e46770a91380418516ae55e9de34e879a31239076fa56f4fb3184c8edad55607216ec503164c9db661a0984e6d31187d867c403d5123596ebc9acaf350ed72e657a18887931868cbb7eb506db9216d34a2887acd8db7f737f66352c8a1ccbdbd24bb0a3fe44beeb444b2b94c4b3b8bd944fc0126812fea544a13eb6c6df20382897f3953df7ac13c405fd15f7e051b107535b6ae677670cd94b798e21e8b02c4157e1984a971a857c82e2360252f47c6171f0ffaa74306f739560c32b95461551f89ef5ca1faba53087079bd9297b3d27d1a0af2763496e983912a5d76529b71cfb0bdb33c362be1974a3b944971ff16593e821b071b4e8dbda6c4b6d3788180455f33f2c762856d92f1d2f98e4626e266e85d382fb767a792a9fa92103abe190904d8857bff811bc39e75330a89a039678d2217ab7b1fcac5877dba3d7a052728c86f3fd0426af1fdc38140ec64707aad011237aa576379d1d28ca8b80e32bd71b07becfba6c05f0d46869536cfe650f836c0ef6edeba5b94c91559a901def1933317c39e91a1e7d46b429088176157816cad9ad701271fdc6f575d7d60e1481d7462e39c6da79c8fe22c17912825c81abd96bee95e2c6462b0bf5b012d69e51456104948f96b079ff2d2ad2bf23cffb64eb1d5113b683f8c35620efd10d8115f2a552cef0962fc6cb3fd418769c47b6d16a945f8f397246b3575cc59183c0337df2b4dc1f51bfef210fe18230e840145a1b17d34d7ccc62a98f9f1f9ea8bc6ff679a8c71308ece496201e1a6260389ffe5f0cb5ddca29cc179b27d0deb74a694a95c6c876a725b8c5e40f05b0891b12483afa4792c9915250969cbe0729d55e11daa25b7ecdd792826bc6adca188d5d0abb7ea926af6737859d4606a8cd707bebe39d73c0c941bfc2c18838ac27e646ed37069e7f7ff5d819e5f937dfafeb8f90af340b33fcddf0a2ddc107eea9484d19741f09b93a49effe2aacde44ee64a8324fd7a0ad71270171bfc0a978c07aee1167d9178334eb51b8b5f40a02e75c57fefa29150d377a99e5e95e11318214e4716d9bca360d7f6b405951bcc892ed9f9869a52b7a14a5f538e969bfba0de532347dad391c7ed5454ff42b86d8464a38b34fd5377ef2bd537a3558c89adbd08e1095910c0071a116074c077344297d339bc982d0189bd39e7fd0dfbef0d01cde516c46487d5f8300251151368dc88d61157767606ff9a2c06f703f8110755033d3f55d9dd1e936f2323b8cca59bbb91daa83033ea1386b912ed8cdee90ac63f95e1d5e5525bd659a279e656fe90e9a72ddd1240ac51e9fd2103de4bf8ee74abba0c419d9816b99eb197d5951fb1a706354c843d975bf3b1e48577e09cca9edf8044146c58c432a73a2d74a60c757d9be1f9d91b231a1a22215e1be7570186f6322c8a799378f25418f5bb1241f5603ec2aafa76294bfc66d9e11d2644f15248978f4584b0e306ac1012ea97c96586f3aa339122ccfccf8d4726ac6daaa9841af23d0a0f8ee02eb70b99b1529c62bf1d333636491a220486c45eb547e1f8bd04e9e202902099ae286f5dc966132b1039ad11638659a3d3ea4000693822eddecd78c3d5aa4ed3c5c4c4ffe9fce29dcd556bd8ccc70a6bedddd124045ff2a924ba76ca738e0f8cb04833c46b9aca5db15ae8f14d5c4fc5b763b8e36a425e90410d2bdd818c6d45660e078acfbfbe954356c96432f8897590e1c56d02b236a78777b1ed3616a88dcf6b0bb8e6e16d74d25d9dba1b5078ede02ed452b1ff688bdaec6e5162c11323779cc180f199e155b98001256d3db96057fd81f5063afdd67931d6049a960acee9fc4983ae01752b3cd66c940a4f5bc3531dc80d1c8224d113680a27c509561bb2ea18a6674d9c1f6f030a95ce5ae20689cc15a07bc56bbdb106330df2d9a9f119b88b597982d10fd2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_bpf={0x88, 0x17, 0x0, 0x0, {{0x8}, {0x44, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS={0x34, 0x4, [{0xb00, 0x3, 0x49, 0x40}, {0x7, 0x6, 0x3, 0xfffffff8}, {0x9, 0x2, 0x5, 0x1}, {0x8, 0x13, 0x1, 0x4}, {0x1, 0x0, 0xb7, 0x9c6}, {0x5, 0x0, 0x9, 0x4}]}]}, {0x1e, 0x6, "810162138d6b8e4a3db329f8a26cf561e442e923703ed348348e"}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_skbedit={0x144, 0xc, 0x0, 0x0, {{0xc}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x7}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x7, 0xff, 0x7, 0x2, 0x7}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xe80ca830d3c10d78, 0xc}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x2, 0x9, 0x20000000, 0x8, 0x9}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x1}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x9, 0x4}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xc, 0x0, 0x3, 0x8, 0x8001}}]}, {0xb0, 0x6, "af2c947130addb777aa6c332612d9d8e9b598bcfef3364b2ff6612fd083fd15f5de54b0e0055780a282370608b7ecbadcad8be3b4d7be554c4779609c2cd731d8e9cb471eabfc2688b8668a2d1bf9e71a87736d27950f3bb3fe1fc3c1cb4d28eda47c4a5550c9b0dff543ace6f1408a318c79cd2c9c22ad2db98c80ab19334fdd2784bc48de90da3a17648aaf5e9b0f9c4fe511f63a9f055df163124c1933ef5f1502c1b00cca407ece6b6e3"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_skbmod={0x134, 0xf, 0x0, 0x0, {{0xb}, {0x18, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}}, @TCA_SKBMOD_ETYPE={0x6}]}, {0xf3, 0x6, "b46df8534c4875407eb7cdcf23be230a89fd7473bdbb671eda2d58340048af600137281d66cd5ce51befa624c4ff39d49a07c6e51133a65127a0174c43e917cd536a60995843b13e56b406d43e70bcd59b1906a4c1231d388e057206af1a17a47ec8987763fb8aabcc6ee6da585cd9d3b8522e35ada0212356c5157c305a8aa2273cc233673223edf65670e37b2cba7db78a69db2562da947609f46d1346ffb433f0147ea01cca5a1c63ff3356d692163f710a785021747431b09b91734028d73a3e0559561609cf9aa4e1fb211f6bf2925f4cbc25e01ce4fdcee56c5cebf25ccf099b11dd4fdab0ff3bad2d549709"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x1c5c}}, 0x0)
r6 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
dup3(r6, 0xffffffffffffffff, 0x0)

2.885527299s ago: executing program 3 (id=1702):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x2000000080005, 0xffffffd2)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000340)={0x1, 0x26, "0000000000000000b7dc314fc800000000dc15ffffff7f00000000354d4cba126d43eec1dd73"})
io_submit(r4, 0x2, &(0x7f0000000380)=[&(0x7f0000001440)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2, 0x7418, r3, &(0x7f0000000280)="df195b8c6ee941ecfbc4ebb386cfec110402e514069b9457bceecc22967fd086fd7d", 0x22, 0x7f, 0x0, 0x2, r5}])
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r6)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYRESHEX=r6], 0x30}}, 0x20000800)
mremap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)

2.867917911s ago: executing program 2 (id=1703):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x78, 0xb, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x4c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x7, 0x1a, '$.\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x9}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x10}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0xffff}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}}]}, @IPSET_ATTR_ADT={0x4}]}, 0x78}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600050a000004"], 0x528}}, 0xc000)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300), 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x700, 0x0, [@sadb_key={0x2, 0x9, 0x18, 0x0, "e9255b"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}]}, 0x60}, 0x1, 0x7}, 0x0)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
write$binfmt_script(r3, &(0x7f00000003c0)={'#! ', './file0', [{0x20, '^^@%l(v](-%([]*[\x13(!$}\xaf^.'}, {0x20, '\x00'}, {0x20, '@+-'}, {0x20, '/dev/cpu/#/msr\x00'}], 0xa, "6cb7f894ef0f08646c61b3827ed060923ed027502b9e1449d6a7336ef327da80428578ecf2bc012c55e05e2975090b884555a41eb21d8b22917ff7a9557d388c2c325ccc6583a48e3ca171070e001d005b875cb64070b01a9cd5c26de8d42ed6e20dc3eee2a247efd1a76cb91aef0142c02fb0038dfb16e485499b7b1dc238efa28c8c8d56b16ea68f016396450c911bcad83e4d3b7c21ed26"}, 0xd3)

1.586293528s ago: executing program 0 (id=1704):
socket(0x10, 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ptrace$setopts(0x4206, 0x0, 0x3, 0x43)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e22, 0x8, @local, 0x7}}, 0x17a}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0xcf, &(0x7f0000000480)={0x0, 0x0, 0x8000, 0xfffffffc}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
write$tcp_mem(r7, &(0x7f00000000c0)={0x9, 0x2d, 0xfffffffffffffff9, 0x3a, 0x0, 0x2c}, 0x48)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)

1.222388693s ago: executing program 3 (id=1705):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x70}, 0x1, 0x2000000}, 0x0)

410.296373ms ago: executing program 0 (id=1706):
r0 = syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9b0906, 0x2b, '\x00', @p_u32=&(0x7f0000000240)=0x3}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000540), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af25, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

398.259689ms ago: executing program 1 (id=1707):
clock_gettime(0x0, &(0x7f0000000040))
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x0, 0x0)
cachestat(r0, 0x0, 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x1, {0x2, 0x1, 0x2}}, 0x10)
socket$unix(0x1, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
socket$igmp(0x2, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$kcm(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001a140100000000000000000008000300000000000800", @ANYRES64=r2], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0))
clock_settime(0x0, &(0x7f0000000100)={0x77359400})
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080)="290000002000190f00003fffffffda060200007ffee80001dd0048040d000600fe7f00000005000500", 0x29}], 0x1)

337.502035ms ago: executing program 2 (id=1708):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000400), 0x13f, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x50, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x7, 0x6e07, 0x94db, 0x2, 0xe26, 0x5}}, {0x4}}]}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x50}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x111}}, 0x20)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)

610.135µs ago: executing program 3 (id=1709):
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x13, &(0x7f00000009c0)=@framed={{}, [@printk={@llx, {0x3, 0x0, 0x3, 0xa, 0x0}, {0x5}, {0x6, 0x0, 0x2}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, @printk={@p, {0x5, 0x3, 0x6, 0xa, 0x1, 0xfff5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet(0x2, 0x802, 0x1)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c00010062"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5000000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0834000000000000140012800900010076657468000000000400028008000a00", @ANYRES32=r4, @ANYBLOB="08002900a829fff208000d000000000004003480"], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=@newlink={0x1bc, 0x10, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_VF_PORTS={0x194, 0x18, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x0, 0x4, "698af35eb30f15e5a71decc82323d745"}]}, {0x4, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x0, 0x6, 0x2}, @IFLA_PORT_PROFILE={0x0, 0x2, '\x00'}, @IFLA_PORT_PROFILE={0x0, 0x2, 'GPL\x00'}, @IFLA_PORT_HOST_UUID={0x0, 0x5, "2f1bc135b3d4b1f7627e52f685d9434d"}, @IFLA_PORT_REQUEST={0x0, 0x6, 0xc}]}, {0x80, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "2100e2e3cfdfb49099b85cca0af15819"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "39d468bce765c55bfcd344c8c7ba1256"}, @IFLA_PORT_PROFILE={0x12, 0x2, '}}/}!}&)([[{^\x00'}, @IFLA_PORT_HOST_UUID={0x0, 0x5, "2d8a5ff7f13ff90775e6081d2e7135a7"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "f563930000000200"}, @IFLA_PORT_VF={0x8, 0x1, 0x6}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b7b06e305fc387838a47c2e1b572ca51"}, @IFLA_PORT_VF={0x8, 0x1, 0x8}]}, {0x4, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x4b}]}, {0x84, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0xe9}, @IFLA_PORT_VF={0x0, 0x1, 0x2}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x1}, @IFLA_PORT_VF={0x8, 0x1, 0x4}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "37e5288beeb2242e6138a8a73a314aab"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0xd}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e246966b0071790e59a41e4ae0f86f2d"}, @IFLA_PORT_PROFILE={0x13, 0x2, '/dev/cpu/#/msr\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "8fb2c7b4f480ade2e73b7afde45263cc"}]}, {0x48, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x0, 0x5, "117d6c84901887d1197091cf4659a098"}, @IFLA_PORT_VF={0x8, 0x1, 0xfffffffa}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "cdf074c55316cb31efc44176eec6ed44"}, @IFLA_PORT_HOST_UUID={0x14}]}, {0x28, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x7d31}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "c2311b620f86167c5ac9a5bbd20df9ba"}, @IFLA_PORT_HOST_UUID={0x0, 0x5, "6a4409e5861131381ebe462942ac4371"}]}]}, @IFLA_MASTER={0x8}]}, 0x1bc}}, 0x8000)
connect$inet(r2, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x708})

0s ago: executing program 0 (id=1710):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, 0x0, 0x440, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
ioctl$TUNSETOFFLOAD(r2, 0x8010743f, 0x20000015)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x400, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc058560f, &(0x7f0000000180)={0x0, 0xa})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x58, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x30}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x58}}, 0x0)
setpriority(0x1, 0x0, 0x100000001)

kernel console output (not intermixed with test programs):

85.667261][ T9815] bridge_slave_1: left allmulticast mode
[  485.673150][ T9815] bridge_slave_1: left promiscuous mode
[  485.680109][ T9815] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.772297][ T9815] bridge1: port 1(bridge_slave_1) entered blocking state
[  485.780049][ T9815] bridge1: port 1(bridge_slave_1) entered disabled state
[  485.788253][ T9815] bridge_slave_1: entered allmulticast mode
[  485.801980][ T9815] bridge_slave_1: entered promiscuous mode
[  489.495389][   T29] kauditd_printk_skb: 52 callbacks suppressed
[  489.495449][   T29] audit: type=1326 audit(1738113709.060:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  489.690790][   T29] audit: type=1326 audit(1738113709.110:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  489.714187][   T29] audit: type=1326 audit(1738113709.270:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  489.740194][   T29] audit: type=1326 audit(1738113709.270:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  489.762811][   T29] audit: type=1326 audit(1738113709.270:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  490.112118][ T9863] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1056'.
[  490.142924][ T9863] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1056'.
[  490.704471][   T29] audit: type=1326 audit(1738113709.270:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  490.878561][   T29] audit: type=1326 audit(1738113709.270:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  490.922045][   T29] audit: type=1326 audit(1738113709.270:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  490.946696][   T29] audit: type=1326 audit(1738113709.270:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  490.973346][   T59] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  491.116335][   T29] audit: type=1326 audit(1738113709.270:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9848 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  492.125888][   T59] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  492.145899][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  492.158648][   T59] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  492.172998][   T59] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  492.355914][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.722783][   T59] usb 5-1: config 0 descriptor??
[  493.106813][   T59] usbhid 5-1:0.0: can't add hid device: -71
[  493.136517][   T59] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  493.186589][   T59] usb 5-1: USB disconnect, device number 10
[  493.789285][ T9892] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1065'.
[  493.818370][ T9892] bridge_slave_1: left allmulticast mode
[  493.833561][ T9892] bridge_slave_1: left promiscuous mode
[  493.939689][ T9892] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.203590][ T9892] bridge_slave_0: left allmulticast mode
[  494.209314][ T9892] bridge_slave_0: left promiscuous mode
[  494.215307][ T9892] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.829908][ T9921] loop2: detected capacity change from 0 to 7
[  496.111849][ T9921] Dev loop2: unable to read RDB block 7
[  496.118213][ T9921]  loop2: AHDI p3
[  496.122543][ T9921] loop2: partition table partially beyond EOD, truncated
[  499.327891][ T9946] bridge_slave_1: left allmulticast mode
[  499.338065][ T9946] bridge_slave_1: left promiscuous mode
[  499.350248][ T9946] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.442971][   T59] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  500.820056][   T59] usb 5-1: Using ep0 maxpacket: 16
[  500.840032][   T59] usb 5-1: config 1 interface 0 has no altsetting 0
[  500.862623][   T59] usb 5-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40
[  500.926750][   T59] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.984565][   T59] usb 5-1: Product: 퓬
[  501.012946][   T59] usb 5-1: SerialNumber: à°š
[  501.445406][ T9963] Falling back ldisc for ptm0.
[  501.474856][ T9966] Falling back ldisc for ptm1.
[  501.503875][ T9952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1076'.
[  501.679471][   T59] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input11
[  501.701857][ T5180] bcm5974 5-1:1.0: could not read from device
[  501.724408][ T5180] bcm5974 5-1:1.0: could not read from device
[  501.839211][   T59] usb 5-1: USB disconnect, device number 11
[  501.846604][ T5180] bcm5974 5-1:1.0: could not read from device
[  501.858089][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.866493][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  503.779166][ T9992] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  503.832166][ T9992] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  503.967300][ T9992] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  504.025816][ T9992] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  505.914431][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  506.013222][ T8818] Bluetooth: hci3: command 0x0c1a tx timeout
[  506.093011][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  506.982986][   T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  507.254457][T10027] mkiss: ax0: crc mode is auto.
[  507.353153][   T25] usb 1-1: Using ep0 maxpacket: 32
[  507.403252][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  507.433467][T10031] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  507.453687][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  507.509087][   T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  507.606439][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.115602][   T25] usb 1-1: config 0 descriptor??
[  508.204316][   T25] hub 1-1:0.0: USB hub found
[  508.786152][   T25] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  508.832495][   T25] usbhid 1-1:0.0: can't add hid device: -71
[  508.863031][   T25] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  508.917510][   T25] usb 1-1: USB disconnect, device number 12
[  508.996160][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  508.996181][   T29] audit: type=1326 audit(1738113728.580:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  509.217575][   T29] audit: type=1326 audit(1738113728.580:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  509.281083][   T29] audit: type=1326 audit(1738113728.580:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e5778ecc7 code=0x7ffc0000
[  509.347191][   T29] audit: type=1326 audit(1738113728.580:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5e5778ec3c code=0x7ffc0000
[  509.419439][   T29] audit: type=1326 audit(1738113728.580:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5e5778eb74 code=0x7ffc0000
[  509.529136][   T29] audit: type=1326 audit(1738113728.580:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5e5778eb74 code=0x7ffc0000
[  509.605257][   T29] audit: type=1326 audit(1738113728.580:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5e5778ba0a code=0x7ffc0000
[  509.662718][   T29] audit: type=1326 audit(1738113728.580:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  509.762611][   T29] audit: type=1326 audit(1738113728.580:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  509.790801][   T29] audit: type=1326 audit(1738113728.580:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10038 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  511.073683][   T25] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  511.719471][   T25] usb 3-1: Using ep0 maxpacket: 16
[  512.077329][   T25] usb 3-1: config 0 has an invalid interface number: 68 but max is 0
[  512.160011][   T25] usb 3-1: config 0 has no interface number 0
[  512.342946][   T25] usb 3-1: config 0 interface 68 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.412642][   T25] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[  512.452464][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.465263][T10078] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  512.484677][   T25] usb 3-1: Product: syz
[  512.489028][   T25] usb 3-1: Manufacturer: syz
[  512.507295][   T25] usb 3-1: SerialNumber: syz
[  512.509545][T10078] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  512.527973][   T25] usb 3-1: config 0 descriptor??
[  512.670882][   T25] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  512.695389][T10078] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  512.789590][T10078] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  513.364234][T10089] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  513.370676][T10089] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  513.377556][T10089] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  513.384199][T10089] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  513.645518][ T5978] usb 3-1: Failed to submit usb control message: -71
[  513.652797][ T5978] usb 3-1: unable to send the bmi data to the device: -71
[  513.684970][ T5872] usb 3-1: USB disconnect, device number 19
[  513.698389][ T5978] usb 3-1: unable to get target info from device
[  513.706543][ T5978] usb 3-1: could not get target info (-71)
[  513.721607][ T5978] usb 3-1: could not probe fw (-71)
[  514.302797][T10106] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1113'.
[  514.312023][T10106] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1113'.
[  515.848622][T10121] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1119'.
[  515.857850][T10121] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1119'.
[  516.224818][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  516.230985][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  516.237235][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  517.148899][T10133] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1123'.
[  517.823123][T10134] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  517.863444][T10134] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  517.910773][T10134] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  517.937554][T10134] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  518.185951][T10141] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  518.192121][T10141] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  518.307733][T10141] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  518.340907][T10141] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  518.357834][T10147] FAULT_INJECTION: forcing a failure.
[  518.357834][T10147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.420937][T10147] CPU: 1 UID: 0 PID: 10147 Comm: syz.2.1126 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  518.420970][T10147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  518.420983][T10147] Call Trace:
[  518.420991][T10147]  <TASK>
[  518.421000][T10147]  dump_stack_lvl+0x241/0x360
[  518.421031][T10147]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.421053][T10147]  ? __pfx__printk+0x10/0x10
[  518.421091][T10147]  ? snprintf+0xda/0x120
[  518.421116][T10147]  should_fail_ex+0x40a/0x550
[  518.421145][T10147]  _copy_to_user+0x31/0xb0
[  518.421169][T10147]  simple_read_from_buffer+0xca/0x150
[  518.421200][T10147]  proc_fail_nth_read+0x1e9/0x250
[  518.421229][T10147]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  518.421303][T10147]  ? rw_verify_area+0x243/0x630
[  518.421336][T10147]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  518.421363][T10147]  vfs_read+0x1f8/0xb40
[  518.421397][T10147]  ? fdget_pos+0x254/0x320
[  518.421428][T10147]  ? __pfx___mutex_lock+0x10/0x10
[  518.421456][T10147]  ? __pfx_vfs_read+0x10/0x10
[  518.421492][T10147]  ? __fget_files+0x2a/0x410
[  518.421520][T10147]  ? __fget_files+0x395/0x410
[  518.421547][T10147]  ? __fget_files+0x2a/0x410
[  518.421585][T10147]  ksys_read+0x18f/0x2b0
[  518.421607][T10147]  ? __pfx_ksys_read+0x10/0x10
[  518.421627][T10147]  ? __secure_computing+0x125/0x370
[  518.421670][T10147]  do_syscall_64+0xf3/0x230
[  518.421698][T10147]  ? clear_bhb_loop+0x35/0x90
[  518.421731][T10147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.421759][T10147] RIP: 0033:0x7f886358b7bc
[  518.421778][T10147] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  518.421797][T10147] RSP: 002b:00007f88613f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  518.421819][T10147] RAX: ffffffffffffffda RBX: 00007f88637a5fa0 RCX: 00007f886358b7bc
[  518.421835][T10147] RDX: 000000000000000f RSI: 00007f88613f60a0 RDI: 0000000000000005
[  518.421848][T10147] RBP: 00007f88613f6090 R08: 0000000000000000 R09: 0000000000000000
[  518.421861][T10147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.421873][T10147] R13: 0000000000000000 R14: 00007f88637a5fa0 R15: 00007ffd47e263e8
[  518.421905][T10147]  </TASK>
[  519.025340][T10151] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  519.063601][T10151] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  519.069791][T10151] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  519.173443][T10151] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  521.133533][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  521.140017][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  521.603210][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  522.163347][T10174] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1135'.
[  523.596589][T10191] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  523.613218][T10191] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  523.654082][T10191] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  523.694181][T10191] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  525.323123][T10217] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1144'.
[  525.354668][T10217] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  525.693727][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  525.700202][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  525.772999][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  527.467591][T10227] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  527.475297][T10227] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  527.497092][T10227] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  527.516852][T10227] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  529.533139][ T8818] Bluetooth: hci3: command 0x0c1a tx timeout
[  529.539362][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  529.546425][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  529.726775][T10260] netlink: 'syz.0.1157': attribute type 29 has an invalid length.
[  529.759774][T10260] netlink: 'syz.0.1157': attribute type 29 has an invalid length.
[  530.963795][T10271] batman_adv: batadv0: Adding interface: dummy0
[  530.970103][T10271] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  531.122952][T10271] batman_adv: batadv0: Interface activated: dummy0
[  531.301119][T10271] batadv0: mtu less than device minimum
[  531.303441][T10272] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1160'.
[  531.315855][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.328300][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.340107][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.351973][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.363816][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.375644][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.387397][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.399166][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  531.410933][T10271] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  533.957180][T10294] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  533.983185][T10294] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  534.064714][T10294] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  534.080975][T10294] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  535.832881][T10318] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1174'.
[  535.861795][T10318] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  536.013430][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  536.103465][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  536.109846][ T8818] Bluetooth: hci3: command 0x0c1a tx timeout
[  537.505329][T10338] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1181'.
[  538.102351][T10328] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  538.157880][T10328] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  538.181189][T10328] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  538.192920][T10328] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  538.280462][T10330] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  538.293171][T10330] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  538.299369][T10330] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  538.323158][T10330] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  540.345024][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  540.356399][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  540.356407][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  541.375642][T10367] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  541.381804][T10367] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  541.399199][T10367] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  541.478623][T10367] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  543.453338][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  543.453336][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  543.603104][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  543.655596][T10391] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1194'.
[  543.664789][T10391] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1194'.
[  544.924602][T10397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1195'.
[  544.954182][T10397] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  548.330192][T10420] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  548.473326][T10420] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  548.593193][T10420] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  549.418653][T10420] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  550.493363][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  550.651472][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  550.651490][   T29] audit: type=1326 audit(1738113770.220:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.685712][ T8818] Bluetooth: hci3: command 0x0c1a tx timeout
[  550.733042][   T29] audit: type=1326 audit(1738113770.220:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.755745][   T29] audit: type=1326 audit(1738113770.260:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.784842][   T29] audit: type=1326 audit(1738113770.260:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.807001][   T29] audit: type=1326 audit(1738113770.260:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.828888][   T29] audit: type=1326 audit(1738113770.270:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.859450][T10449] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1212'.
[  550.897969][   T29] audit: type=1326 audit(1738113770.320:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  550.921122][T10449] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1212'.
[  550.969383][   T29] audit: type=1326 audit(1738113770.320:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  551.055397][   T29] audit: type=1326 audit(1738113770.320:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  551.146090][   T29] audit: type=1326 audit(1738113770.320:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10443 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  551.453089][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  551.495429][T10458] FAULT_INJECTION: forcing a failure.
[  551.495429][T10458] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  551.509407][T10458] CPU: 0 UID: 0 PID: 10458 Comm: syz.2.1217 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  551.509435][T10458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  551.509448][T10458] Call Trace:
[  551.509457][T10458]  <TASK>
[  551.509467][T10458]  dump_stack_lvl+0x241/0x360
[  551.509497][T10458]  ? __pfx_dump_stack_lvl+0x10/0x10
[  551.509519][T10458]  ? __pfx__printk+0x10/0x10
[  551.509551][T10458]  ? validate_chain+0x15c0/0x5920
[  551.509624][T10458]  should_fail_ex+0x40a/0x550
[  551.509653][T10458]  prepare_alloc_pages+0x1da/0x5b0
[  551.509685][T10458]  __alloc_frozen_pages_noprof+0x16f/0x710
[  551.509711][T10458]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  551.509732][T10458]  ? rcu_is_watching+0x15/0xb0
[  551.509765][T10458]  ? lock_release+0xbf/0xa30
[  551.509796][T10458]  ? __pfx_lock_acquire+0x10/0x10
[  551.509824][T10458]  ? __pfx_lock_release+0x10/0x10
[  551.509855][T10458]  alloc_pages_mpol+0x311/0x660
[  551.509889][T10458]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  551.509926][T10458]  vma_alloc_folio_noprof+0x12b/0x260
[  551.509957][T10458]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  551.509987][T10458]  ? do_raw_spin_unlock+0x13c/0x8b0
[  551.510015][T10458]  folio_prealloc+0x2e/0x170
[  551.510038][T10458]  do_wp_page+0x1253/0x49b0
[  551.510084][T10458]  ? __pfx_do_wp_page+0x10/0x10
[  551.510122][T10458]  ? __pfx_lock_acquire+0x10/0x10
[  551.510146][T10458]  ? rcu_is_watching+0x15/0xb0
[  551.510182][T10458]  ? do_raw_spin_lock+0x14f/0x370
[  551.510204][T10458]  ? __pfx____pte_offset_map+0x10/0x10
[  551.510253][T10458]  __handle_mm_fault+0x24d5/0x70f0
[  551.510316][T10458]  ? __pfx___handle_mm_fault+0x10/0x10
[  551.510361][T10458]  ? mt_find+0x2a9/0x920
[  551.510389][T10458]  ? __pfx_lock_release+0x10/0x10
[  551.510429][T10458]  ? mt_find+0x2a9/0x920
[  551.510457][T10458]  ? mt_find+0x6c8/0x920
[  551.510493][T10458]  ? __pfx_mt_find+0x10/0x10
[  551.510541][T10458]  ? find_vma+0xf9/0x170
[  551.510580][T10458]  ? __pfx_find_vma+0x10/0x10
[  551.510613][T10458]  handle_mm_fault+0x2c1/0x7e0
[  551.510657][T10458]  exc_page_fault+0x2b9/0x8b0
[  551.510683][T10458]  ? __might_fault+0xaa/0x120
[  551.510718][T10458]  asm_exc_page_fault+0x26/0x30
[  551.510746][T10458] RIP: 0010:rep_movs_alternative+0x33/0x70
[  551.510768][T10458] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  551.510786][T10458] RSP: 0018:ffffc90002ec7948 EFLAGS: 00050246
[  551.510805][T10458] RAX: 000032bf00000008 RBX: 000000002000ac12 RCX: 0000000000000008
[  551.510820][T10458] RDX: 0000000000000000 RSI: ffffc90002ec79e0 RDI: 000000002000ac0a
[  551.510834][T10458] RBP: ffffc90002ec7a50 R08: ffffc90002ec79e7 R09: 1ffff920005d8f3c
[  551.510850][T10458] R10: dffffc0000000000 R11: fffff520005d8f3d R12: 0000000000000008
[  551.510864][T10458] R13: 00007ffffffff000 R14: ffffc90002ec79e0 R15: 000000002000ac0a
[  551.510895][T10458]  _copy_to_user+0x8b/0xb0
[  551.510918][T10458]  io_register_iowq_max_workers+0x470/0x7b0
[  551.510953][T10458]  ? __pfx_io_register_iowq_max_workers+0x10/0x10
[  551.510985][T10458]  ? __fget_files+0x395/0x410
[  551.511012][T10458]  ? __fget_files+0x2a/0x410
[  551.511044][T10458]  __se_sys_io_uring_register+0x192e/0x3a40
[  551.511079][T10458]  ? __pfx_lock_acquire+0x10/0x10
[  551.511109][T10458]  ? __pfx_lock_release+0x10/0x10
[  551.511134][T10458]  ? kstrtouint_from_user+0x128/0x190
[  551.511171][T10458]  ? __pfx___se_sys_io_uring_register+0x10/0x10
[  551.511207][T10458]  ? ksys_write+0x22a/0x2b0
[  551.511227][T10458]  ? __pfx_lock_release+0x10/0x10
[  551.511259][T10458]  ? sb_end_write+0xe9/0x1c0
[  551.511286][T10458]  ? vfs_write+0x7fa/0xd10
[  551.511309][T10458]  ? __mutex_unlock_slowpath+0x227/0x800
[  551.511341][T10458]  ? do_sys_openat2+0x17a/0x1d0
[  551.511372][T10458]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  551.511397][T10458]  ? __fget_files+0x2a/0x410
[  551.511428][T10458]  ? __fget_files+0x2a/0x410
[  551.511485][T10458]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  551.511515][T10458]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  551.511545][T10458]  ? do_syscall_64+0x100/0x230
[  551.511583][T10458]  ? do_syscall_64+0xb6/0x230
[  551.511615][T10458]  do_syscall_64+0xf3/0x230
[  551.511642][T10458]  ? clear_bhb_loop+0x35/0x90
[  551.511675][T10458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.511704][T10458] RIP: 0033:0x7f886358cda9
[  551.511721][T10458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  551.511739][T10458] RSP: 002b:00007f88613f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  551.511761][T10458] RAX: ffffffffffffffda RBX: 00007f88637a5fa0 RCX: 00007f886358cda9
[  551.511776][T10458] RDX: 000000002000ac0a RSI: 0000000000000013 RDI: 0000000000000003
[  551.511789][T10458] RBP: 00007f88613f6090 R08: 0000000000000000 R09: 0000000000000000
[  551.511802][T10458] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  551.511815][T10458] R13: 0000000000000000 R14: 00007f88637a5fa0 R15: 00007ffd47e263e8
[  551.511848][T10458]  </TASK>
[  553.293329][T10475] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  553.309104][T10475] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  553.334292][T10475] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  553.371043][T10475] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  553.453527][T10477] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  553.459686][T10477] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  553.485456][T10477] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  553.492248][T10477] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  554.252392][T10494] program syz.2.1224 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  556.007681][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  556.013928][ T8818] Bluetooth: hci3: command 0x0c1a tx timeout
[  556.016370][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  556.462083][T10524] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  557.318942][T10524] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  557.621107][T10524] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  557.702980][T10524] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  557.782784][T10538] FAULT_INJECTION: forcing a failure.
[  557.782784][T10538] name failslab, interval 1, probability 0, space 0, times 0
[  557.822009][T10538] CPU: 0 UID: 0 PID: 10538 Comm: syz.3.1237 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  557.822043][T10538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  557.822056][T10538] Call Trace:
[  557.822063][T10538]  <TASK>
[  557.822072][T10538]  dump_stack_lvl+0x241/0x360
[  557.822101][T10538]  ? __pfx_dump_stack_lvl+0x10/0x10
[  557.822122][T10538]  ? __pfx__printk+0x10/0x10
[  557.822157][T10538]  ? kmem_cache_alloc_noprof+0x48/0x380
[  557.822185][T10538]  ? __pfx___might_resched+0x10/0x10
[  557.822223][T10538]  ? up_write+0x1a9/0x590
[  557.822247][T10538]  should_fail_ex+0x40a/0x550
[  557.822275][T10538]  should_failslab+0xac/0x100
[  557.822303][T10538]  ? vm_area_dup+0x27/0x290
[  557.822332][T10538]  kmem_cache_alloc_noprof+0x70/0x380
[  557.822365][T10538]  vm_area_dup+0x27/0x290
[  557.822399][T10538]  __split_vma+0x1cb/0xc50
[  557.822427][T10538]  ? validate_chain+0x11e/0x5920
[  557.822468][T10538]  ? __pfx___split_vma+0x10/0x10
[  557.822503][T10538]  ? validate_chain+0x11e/0x5920
[  557.822539][T10538]  vms_gather_munmap_vmas+0x2e6/0x1600
[  557.822572][T10538]  ? validate_chain+0x11e/0x5920
[  557.822607][T10538]  ? __pfx_lock_acquire+0x10/0x10
[  557.822634][T10538]  ? __pfx_validate_chain+0x10/0x10
[  557.822666][T10538]  ? __pfx_lock_release+0x10/0x10
[  557.822693][T10538]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  557.822718][T10538]  ? unwind_next_frame+0x18e6/0x22d0
[  557.822750][T10538]  ? mark_lock+0x9a/0x360
[  557.822777][T10538]  ? __pfx_validate_chain+0x10/0x10
[  557.822822][T10538]  do_vmi_align_munmap+0x3ff/0x6f0
[  557.822845][T10538]  ? __lock_acquire+0x1397/0x2100
[  557.822878][T10538]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  557.822937][T10538]  ? mas_find+0x8c0/0xbb0
[  557.822967][T10538]  do_vmi_munmap+0x24e/0x2d0
[  557.822998][T10538]  do_munmap+0x18a/0x240
[  557.823032][T10538]  ? __pfx_do_munmap+0x10/0x10
[  557.823069][T10538]  ? __pfx_down_write_killable+0x10/0x10
[  557.823100][T10538]  ? ksys_write+0x22a/0x2b0
[  557.823120][T10538]  ? __pfx_lock_release+0x10/0x10
[  557.823150][T10538]  __se_sys_mremap+0x10c1/0x1b20
[  557.823195][T10538]  ? __pfx___se_sys_mremap+0x10/0x10
[  557.823220][T10538]  ? do_sys_openat2+0x17a/0x1d0
[  557.823257][T10538]  ? __fget_files+0x2a/0x410
[  557.823294][T10538]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  557.823324][T10538]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  557.823353][T10538]  ? do_syscall_64+0x100/0x230
[  557.823384][T10538]  ? __x64_sys_mremap+0x20/0xc0
[  557.823412][T10538]  do_syscall_64+0xf3/0x230
[  557.823437][T10538]  ? clear_bhb_loop+0x35/0x90
[  557.823469][T10538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.823497][T10538] RIP: 0033:0x7fd90578cda9
[  557.823516][T10538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.823534][T10538] RSP: 002b:00007fd9066a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  557.823556][T10538] RAX: ffffffffffffffda RBX: 00007fd9059a5fa0 RCX: 00007fd90578cda9
[  557.823571][T10538] RDX: 0000000000400000 RSI: 0000000000002000 RDI: 0000000020241000
[  557.823585][T10538] RBP: 00007fd9066a3090 R08: 000000002082a000 R09: 0000000000000000
[  557.823599][T10538] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  557.823611][T10538] R13: 0000000000000000 R14: 00007fd9059a5fa0 R15: 00007ffdb8e41718
[  557.823641][T10538]  </TASK>
[  559.587903][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  559.698841][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  559.773027][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout
[  560.451279][T10566] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1245'.
[  560.460562][T10566] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1245'.
[  561.598973][T10568] syz_tun: entered allmulticast mode
[  561.635662][T10567] syz_tun: left allmulticast mode
[  561.837927][T10573] FAULT_INJECTION: forcing a failure.
[  561.837927][T10573] name failslab, interval 1, probability 0, space 0, times 0
[  561.993264][T10573] CPU: 1 UID: 0 PID: 10573 Comm: syz.2.1249 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  561.993302][T10573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  561.993315][T10573] Call Trace:
[  561.993323][T10573]  <TASK>
[  561.993332][T10573]  dump_stack_lvl+0x241/0x360
[  561.993362][T10573]  ? __pfx_dump_stack_lvl+0x10/0x10
[  561.993384][T10573]  ? __pfx__printk+0x10/0x10
[  561.993419][T10573]  ? __kmalloc_noprof+0xb5/0x4c0
[  561.993448][T10573]  ? __pfx___might_resched+0x10/0x10
[  561.993479][T10573]  should_fail_ex+0x40a/0x550
[  561.993510][T10573]  should_failslab+0xac/0x100
[  561.993538][T10573]  __kmalloc_noprof+0xdd/0x4c0
[  561.993565][T10573]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  561.993599][T10573]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  561.993645][T10573]  genl_rcv_msg+0x802/0xec0
[  561.993679][T10573]  ? __pfx_genl_rcv_msg+0x10/0x10
[  561.993736][T10573]  ? __pfx_lock_acquire+0x10/0x10
[  561.993764][T10573]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  561.993797][T10573]  ? __pfx___might_resched+0x10/0x10
[  561.993833][T10573]  netlink_rcv_skb+0x1e3/0x430
[  561.993866][T10573]  ? __pfx_genl_rcv_msg+0x10/0x10
[  561.993892][T10573]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  561.993939][T10573]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  561.993987][T10573]  genl_rcv+0x28/0x40
[  561.994008][T10573]  netlink_unicast+0x7f6/0x990
[  561.994048][T10573]  ? __pfx_netlink_unicast+0x10/0x10
[  561.994074][T10573]  ? __virt_addr_valid+0x45f/0x530
[  561.994105][T10573]  ? __phys_addr_symbol+0x2f/0x70
[  561.994134][T10573]  ? __check_object_size+0x47a/0x730
[  561.994167][T10573]  netlink_sendmsg+0x8e4/0xcb0
[  561.994214][T10573]  ? __pfx_netlink_sendmsg+0x10/0x10
[  561.994260][T10573]  ? __pfx_netlink_sendmsg+0x10/0x10
[  561.994291][T10573]  __sock_sendmsg+0x221/0x270
[  561.994320][T10573]  ____sys_sendmsg+0x52a/0x7e0
[  561.994363][T10573]  ? __pfx_____sys_sendmsg+0x10/0x10
[  561.994392][T10573]  ? __fget_files+0x2a/0x410
[  561.994424][T10573]  ? __fget_files+0x2a/0x410
[  561.994462][T10573]  __sys_sendmsg+0x269/0x350
[  561.994500][T10573]  ? __pfx___sys_sendmsg+0x10/0x10
[  561.994548][T10573]  ? do_sys_openat2+0x17a/0x1d0
[  561.994607][T10573]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  561.994648][T10573]  ? do_syscall_64+0x100/0x230
[  561.994681][T10573]  ? do_syscall_64+0xb6/0x230
[  561.994711][T10573]  do_syscall_64+0xf3/0x230
[  561.994738][T10573]  ? clear_bhb_loop+0x35/0x90
[  561.994772][T10573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.994800][T10573] RIP: 0033:0x7f886358cda9
[  561.994819][T10573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  561.994837][T10573] RSP: 002b:00007f88613f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  561.994860][T10573] RAX: ffffffffffffffda RBX: 00007f88637a5fa0 RCX: 00007f886358cda9
[  561.994876][T10573] RDX: 0000000020000000 RSI: 0000000020000140 RDI: 0000000000000003
[  561.994890][T10573] RBP: 00007f88613f6090 R08: 0000000000000000 R09: 0000000000000000
[  561.994903][T10573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  561.994917][T10573] R13: 0000000000000000 R14: 00007f88637a5fa0 R15: 00007ffd47e263e8
[  561.994949][T10573]  </TASK>
[  562.116584][T10577] Invalid logical block size (9)
[  563.302736][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  563.309417][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  563.313682][ T9025] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  564.163049][ T9025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.267477][ T9025] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  564.358339][ T9025] usb 5-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  564.375041][ T9025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.417371][ T9025] usb 5-1: config 0 descriptor??
[  564.962089][T10609] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1257'.
[  564.971296][T10609] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1257'.
[  565.841916][ T9025] ortek 0003:1223:3F07.0008: unknown main item tag 0x6
[  565.873674][ T9025] ortek 0003:1223:3F07.0008: report_id 29495 is invalid
[  565.880778][ T9025] ortek 0003:1223:3F07.0008: item 0 2 1 8 parsing failed
[  565.960455][ T9025] ortek 0003:1223:3F07.0008: probe with driver ortek failed with error -22
[  566.356412][ T9025] usb 5-1: USB disconnect, device number 12
[  566.388280][T10614] dlm: non-version read from control device 36
[  566.861237][T10619] binder: Unknown parameter ''
[  568.763376][   T47] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  569.234228][   T47] usb 5-1: Using ep0 maxpacket: 8
[  569.243266][   T47] usb 5-1: config 0 has an invalid interface number: 255 but max is 0
[  569.262106][   T47] usb 5-1: config 0 has no interface number 0
[  569.279255][   T47] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  569.297114][   T47] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  569.318118][   T47] usb 5-1: config 0 interface 255 has no altsetting 0
[  569.590198][   T47] usb 5-1: config 0 has an invalid interface number: 255 but max is 0
[  569.598738][   T47] usb 5-1: config 0 has no interface number 0
[  569.606327][   T47] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  570.368909][   T47] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  570.530041][   T47] usb 5-1: config 0 interface 255 has no altsetting 0
[  570.814158][   T47] usb 5-1: unable to read config index 2 descriptor/start: -71
[  570.833117][   T47] usb 5-1: can't read configurations, error -71
[  571.947081][T10662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1269'.
[  571.956354][T10662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1269'.
[  575.033636][T10668] netlink: 'syz.3.1275': attribute type 1 has an invalid length.
[  575.358501][ T5927] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  575.534774][ T5927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.557819][ T5927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.568956][ T5927] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  575.578838][ T5927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.592479][ T5927] usb 4-1: config 0 descriptor??
[  575.875170][ T5927] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0
[  575.926048][ T5927] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0
[  575.974272][ T5927] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0
[  576.010443][ T5927] lg-g15 0003:046D:C222.0009: unknown main item tag 0x0
[  576.254861][ T5927] lg-g15 0003:046D:C222.0009: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.3-1/input0
[  576.276665][ T5927] usb 4-1: USB disconnect, device number 13
[  577.516680][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  577.516701][   T29] audit: type=1326 audit(1738113797.100:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  577.638188][   T29] audit: type=1326 audit(1738113797.100:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  578.652204][   T29] audit: type=1326 audit(1738113797.150:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd90578ecc7 code=0x7ffc0000
[  578.679716][   T29] audit: type=1326 audit(1738113797.150:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd90578ec3c code=0x7ffc0000
[  578.816924][   T29] audit: type=1326 audit(1738113797.150:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd90578eb74 code=0x7ffc0000
[  578.923151][   T29] audit: type=1326 audit(1738113797.150:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd90578eb74 code=0x7ffc0000
[  579.043986][   T29] audit: type=1326 audit(1738113797.150:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd90578ba0a code=0x7ffc0000
[  579.160888][T10711] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  579.609086][   T29] audit: type=1326 audit(1738113797.150:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  580.663023][   T29] audit: type=1326 audit(1738113797.150:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  580.762970][   T29] audit: type=1326 audit(1738113797.150:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10692 comm="syz.3.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd90578cda9 code=0x7ffc0000
[  581.349685][T10723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1288'.
[  582.293043][T10727] netlink: 424 bytes leftover after parsing attributes in process `syz.2.1290'.
[  582.974136][T10735] FAULT_INJECTION: forcing a failure.
[  582.974136][T10735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  582.987693][T10726] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1290'.
[  583.003064][T10735] CPU: 0 UID: 0 PID: 10735 Comm: syz.3.1292 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  583.003096][T10735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  583.003107][T10735] Call Trace:
[  583.003114][T10735]  <TASK>
[  583.003122][T10735]  dump_stack_lvl+0x241/0x360
[  583.003147][T10735]  ? __pfx_dump_stack_lvl+0x10/0x10
[  583.003163][T10735]  ? __pfx__printk+0x10/0x10
[  583.003203][T10735]  ? __pfx_lock_release+0x10/0x10
[  583.003232][T10735]  should_fail_ex+0x40a/0x550
[  583.003254][T10735]  _copy_from_user+0x2d/0xb0
[  583.003273][T10735]  copy_msghdr_from_user+0xae/0x680
[  583.003298][T10735]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  583.003316][T10735]  ? __fget_files+0x2a/0x410
[  583.003340][T10735]  ? __fget_files+0x2a/0x410
[  583.003368][T10735]  __sys_sendmsg+0x209/0x350
[  583.003397][T10735]  ? __pfx___sys_sendmsg+0x10/0x10
[  583.003432][T10735]  ? do_sys_openat2+0x17a/0x1d0
[  583.003473][T10735]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  583.003496][T10735]  ? do_syscall_64+0x100/0x230
[  583.003520][T10735]  ? do_syscall_64+0xb6/0x230
[  583.003543][T10735]  do_syscall_64+0xf3/0x230
[  583.003565][T10735]  ? clear_bhb_loop+0x35/0x90
[  583.003590][T10735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.003613][T10735] RIP: 0033:0x7fd90578cda9
[  583.003629][T10735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.003644][T10735] RSP: 002b:00007fd9066a3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.003662][T10735] RAX: ffffffffffffffda RBX: 00007fd9059a5fa0 RCX: 00007fd90578cda9
[  583.003674][T10735] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  583.003685][T10735] RBP: 00007fd9066a3090 R08: 0000000000000000 R09: 0000000000000000
[  583.003696][T10735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.003705][T10735] R13: 0000000000000000 R14: 00007fd9059a5fa0 R15: 00007ffdb8e41718
[  583.003729][T10735]  </TASK>
[  583.293041][T10726] net_ratelimit: 10 callbacks suppressed
[  583.293064][T10726] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  583.552978][T10727] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  585.312761][T10755] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1295'.
[  585.342526][T10755] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  586.152608][T10758] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  586.163940][T10758] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  586.180045][T10758] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  586.213146][T10758] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  587.403504][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  587.403526][   T29] audit: type=1326 audit(1738113806.980:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  587.668661][   T29] audit: type=1326 audit(1738113806.980:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  588.174515][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  588.253915][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout
[  588.260465][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  588.469298][   T29] audit: type=1326 audit(1738113807.030:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e5778ecc7 code=0x7ffc0000
[  588.510206][   T29] audit: type=1326 audit(1738113807.030:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5e5778ec3c code=0x7ffc0000
[  589.012999][   T29] audit: type=1326 audit(1738113807.030:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5e5778eb74 code=0x7ffc0000
[  589.080202][   T29] audit: type=1326 audit(1738113807.030:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5e5778eb74 code=0x7ffc0000
[  589.653024][   T29] audit: type=1326 audit(1738113807.030:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5e5778ba0a code=0x7ffc0000
[  589.750552][   T29] audit: type=1326 audit(1738113807.030:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  590.313647][   T29] audit: type=1326 audit(1738113807.040:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  590.442107][   T29] audit: type=1326 audit(1738113807.040:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10778 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  592.237021][T10831] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1313'.
[  593.145076][T10818] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  593.199755][T10818] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  593.306308][T10818] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  593.312482][T10818] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  593.980085][T10842] FAULT_INJECTION: forcing a failure.
[  593.980085][T10842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  594.046039][T10842] CPU: 1 UID: 0 PID: 10842 Comm: syz.3.1317 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  594.046072][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  594.046085][T10842] Call Trace:
[  594.046092][T10842]  <TASK>
[  594.046100][T10842]  dump_stack_lvl+0x241/0x360
[  594.046129][T10842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  594.046149][T10842]  ? __pfx__printk+0x10/0x10
[  594.046186][T10842]  ? snprintf+0xda/0x120
[  594.046210][T10842]  should_fail_ex+0x40a/0x550
[  594.046239][T10842]  _copy_to_user+0x31/0xb0
[  594.046263][T10842]  simple_read_from_buffer+0xca/0x150
[  594.046292][T10842]  proc_fail_nth_read+0x1e9/0x250
[  594.046321][T10842]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  594.046350][T10842]  ? rw_verify_area+0x243/0x630
[  594.046382][T10842]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  594.046409][T10842]  vfs_read+0x1f8/0xb40
[  594.046443][T10842]  ? fdget_pos+0x254/0x320
[  594.046472][T10842]  ? __pfx___mutex_lock+0x10/0x10
[  594.046500][T10842]  ? __pfx_vfs_read+0x10/0x10
[  594.046535][T10842]  ? __fget_files+0x2a/0x410
[  594.046565][T10842]  ? __fget_files+0x395/0x410
[  594.046591][T10842]  ? __fget_files+0x2a/0x410
[  594.046628][T10842]  ksys_read+0x18f/0x2b0
[  594.046650][T10842]  ? __pfx_ksys_read+0x10/0x10
[  594.046671][T10842]  ? do_syscall_64+0x100/0x230
[  594.046701][T10842]  ? do_syscall_64+0xb6/0x230
[  594.046732][T10842]  do_syscall_64+0xf3/0x230
[  594.046758][T10842]  ? clear_bhb_loop+0x35/0x90
[  594.046791][T10842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.046820][T10842] RIP: 0033:0x7fd90578b7bc
[  594.046838][T10842] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  594.046856][T10842] RSP: 002b:00007fd9066a3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  594.046879][T10842] RAX: ffffffffffffffda RBX: 00007fd9059a5fa0 RCX: 00007fd90578b7bc
[  594.046895][T10842] RDX: 000000000000000f RSI: 00007fd9066a30a0 RDI: 0000000000000003
[  594.046908][T10842] RBP: 00007fd9066a3090 R08: 0000000000000000 R09: 0000000000000000
[  594.046921][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  594.046933][T10842] R13: 0000000000000000 R14: 00007fd9059a5fa0 R15: 00007ffdb8e41718
[  594.046973][T10842]  </TASK>
[  594.068433][T10843] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  594.370958][T10843] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  594.398777][T10843] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  594.974033][T10843] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  595.209967][T10857] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  595.234717][T10857] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  595.392321][T10857] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  595.775649][T10857] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  596.563726][T10881] delete_channel: no stack
[  597.102383][T10892] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  597.116345][T10892] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  597.134111][T10892] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  597.379975][T10892] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  598.509267][T10916] mkiss: ax0: crc mode is auto.
[  599.251178][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  599.251238][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  599.465119][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  602.306656][T10937] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1338'.
[  602.316035][T10937] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1338'.
[  603.547946][T10945] FAULT_INJECTION: forcing a failure.
[  603.547946][T10945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  603.569868][T10945] CPU: 0 UID: 0 PID: 10945 Comm: syz.2.1342 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  603.569902][T10945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  603.569914][T10945] Call Trace:
[  603.569922][T10945]  <TASK>
[  603.569930][T10945]  dump_stack_lvl+0x241/0x360
[  603.569959][T10945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  603.569979][T10945]  ? __pfx__printk+0x10/0x10
[  603.570017][T10945]  ? snprintf+0xda/0x120
[  603.570036][T10945]  should_fail_ex+0x40a/0x550
[  603.570063][T10945]  _copy_to_user+0x31/0xb0
[  603.570086][T10945]  simple_read_from_buffer+0xca/0x150
[  603.570114][T10945]  proc_fail_nth_read+0x1e9/0x250
[  603.570141][T10945]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  603.570169][T10945]  ? rw_verify_area+0x243/0x630
[  603.570212][T10945]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  603.570239][T10945]  vfs_read+0x1f8/0xb40
[  603.570273][T10945]  ? fdget_pos+0x254/0x320
[  603.570301][T10945]  ? __pfx___mutex_lock+0x10/0x10
[  603.570329][T10945]  ? __pfx_vfs_read+0x10/0x10
[  603.570364][T10945]  ? __fget_files+0x2a/0x410
[  603.570393][T10945]  ? __fget_files+0x395/0x410
[  603.570419][T10945]  ? __fget_files+0x2a/0x410
[  603.570456][T10945]  ksys_read+0x18f/0x2b0
[  603.570479][T10945]  ? __pfx_ksys_read+0x10/0x10
[  603.570500][T10945]  ? do_syscall_64+0x100/0x230
[  603.570531][T10945]  ? do_syscall_64+0xb6/0x230
[  603.570561][T10945]  do_syscall_64+0xf3/0x230
[  603.570588][T10945]  ? clear_bhb_loop+0x35/0x90
[  603.570621][T10945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.570649][T10945] RIP: 0033:0x7f886358b7bc
[  603.570668][T10945] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  603.570687][T10945] RSP: 002b:00007f88613f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  603.570709][T10945] RAX: ffffffffffffffda RBX: 00007f88637a5fa0 RCX: 00007f886358b7bc
[  603.570725][T10945] RDX: 000000000000000f RSI: 00007f88613f60a0 RDI: 0000000000000006
[  603.570738][T10945] RBP: 00007f88613f6090 R08: 0000000000000000 R09: 0000000000000000
[  603.570751][T10945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.570764][T10945] R13: 0000000000000000 R14: 00007f88637a5fa0 R15: 00007ffd47e263e8
[  603.570795][T10945]  </TASK>
[  603.784436][ T5873] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  604.096557][ T5873] usb 2-1: Using ep0 maxpacket: 16
[  604.117698][ T5873] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  604.493155][ T5873] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  604.523635][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.531874][ T5873] usb 2-1: Product: syz
[  604.547916][ T5873] usb 2-1: Manufacturer: syz
[  604.552597][ T5873] usb 2-1: SerialNumber: syz
[  604.615767][ T5873] usb 2-1: config 0 descriptor??
[  606.166544][ T5927] usb 2-1: USB disconnect, device number 12
[  606.276864][T10972] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1351'.
[  606.382997][ T9025] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  606.399655][T10980] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1350'.
[  606.645284][ T9025] usb 4-1: Using ep0 maxpacket: 8
[  606.748864][ T9025] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1023
[  606.761040][ T9025] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  606.820255][ T9025] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  606.963281][ T9025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.972505][ T9025] usb 4-1: Product: 〉
[  606.977915][ T9025] usb 4-1: Manufacturer: �幺뫙�敀�Ɔ褖�䪠懩蠷쾧�鿣♕积挳赌�謖拥ث᦯��尊㰖�鵩三ᢰ�Ë䭫颯スꞵ쎸ز씼唓�컳擬䃆蘺�䋦擥�ᔞ㛄딱੠�깮怂�зڪﻄ碆핋�噣�齕럑婕
[  607.149218][ T9025] usb 4-1: SerialNumber: syz
[  608.075144][T10965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  608.083733][T10965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  608.384103][ T9025] cdc_ncm 4-1:1.0: bind() failure
[  608.554013][T10999] Â: renamed from pim6reg1
[  608.978011][ T9025] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  609.230113][ T9025] cdc_ncm 4-1:1.1: bind() failure
[  609.284556][ T9025] usb 4-1: USB disconnect, device number 14
[  610.611853][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  610.611874][   T29] audit: type=1326 audit(1738113830.190:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  610.646309][T11020] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1362'.
[  610.664700][   T29] audit: type=1326 audit(1738113830.190:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  610.689614][   T29] audit: type=1326 audit(1738113830.200:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e5778b710 code=0x7ffc0000
[  610.824853][   T29] audit: type=1326 audit(1738113830.200:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e5778b710 code=0x7ffc0000
[  610.847367][   T29] audit: type=1326 audit(1738113830.200:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  610.902744][   T29] audit: type=1326 audit(1738113830.200:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  610.974551][   T29] audit: type=1326 audit(1738113830.200:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  611.084636][   T29] audit: type=1326 audit(1738113830.430:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  611.134158][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1366'.
[  611.195503][   T29] audit: type=1326 audit(1738113830.430:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11014 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  611.311725][   T29] audit: type=1326 audit(1738113830.440:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11024 comm="syz.1.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5e577bf665 code=0x7ffc0000
[  612.474638][ T5832] Bluetooth: hci2: Malformed LE Event: 0x02
[  612.850377][T11053] dlm: non-version read from control device 36
[  613.617516][T11058] libceph: resolve '
[  613.617516][T11058] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[  613.617516][T11058] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[  616.237529][T11075] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1376'.
[  616.472475][T11084] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1381'.
[  617.680833][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  617.680891][   T29] audit: type=1800 audit(1738113837.260:307): pid=11089 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1381" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  618.731728][T11103] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  618.922740][T11103] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  618.935382][T11103] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  618.941689][T11103] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  619.735972][T11117] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1387'.
[  619.746333][T11117] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1387'.
[  619.756491][T11117] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1387'.
[  619.933427][ T5872] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  620.113046][ T5872] usb 4-1: Using ep0 maxpacket: 8
[  620.171382][ T5872] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  620.199462][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  620.213538][ T5872] usb 4-1: Product: syz
[  620.227012][ T5872] usb 4-1: Manufacturer: syz
[  620.235470][ T5872] usb 4-1: SerialNumber: syz
[  620.247005][ T5872] usb 4-1: config 0 descriptor??
[  620.258828][ T5872] gspca_main: sq930x-2.14.0 probing 2770:930c
[  620.753897][T11135] mkiss: ax0: crc mode is auto.
[  620.765831][T11134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  620.792705][T11134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  620.907948][ T5872] gspca_sq930x: ucbus_write failed -71
[  620.973048][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  620.973780][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  620.979237][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  621.206449][ T5872] gspca_sq930x: Sensor ov9630 not yet treated
[  621.212663][ T5872] sq930x 4-1:0.0: probe with driver sq930x failed with error -22
[  621.335158][ T5872] usb 4-1: USB disconnect, device number 15
[  622.562949][ T5872] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  623.162988][ T5872] usb 4-1: Using ep0 maxpacket: 32
[  623.170342][ T5872] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  623.190183][ T5872] usb 4-1: config 0 has no interface number 0
[  623.205093][ T5872] usb 4-1: config 0 interface 184 has no altsetting 0
[  623.214820][ T5872] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  623.224840][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.233502][ T5872] usb 4-1: Product: syz
[  623.237984][ T5872] usb 4-1: Manufacturer: syz
[  623.247419][ T5872] usb 4-1: SerialNumber: syz
[  623.255979][ T5872] usb 4-1: config 0 descriptor??
[  623.406427][ T5872] smsc75xx v1.0.0
[  624.253120][ T5872] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  624.264532][ T5872] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -22
[  624.327318][ T5872] usb 4-1: USB disconnect, device number 16
[  624.498227][T11159] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  624.529248][T11159] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  624.588550][T11159] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  624.611610][T11159] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  624.735411][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  624.742416][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  625.436037][T11175] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1403'.
[  625.453194][T11175] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1403'.
[  625.976652][T11189] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1406'.
[  625.985934][T11189] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1406'.
[  626.933052][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  626.939176][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  626.947499][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  628.278048][ T5873] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  628.654913][ T5873] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  628.699557][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.780482][ T5873] usb 3-1: config 0 descriptor??
[  628.811314][ T5873] gspca_main: spca508-2.14.0 probing 8086:0110
[  628.955183][   T47] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  628.966362][ T5832] Bluetooth: hci4: unexpected event for opcode 0x0c05
[  629.018517][ T5873] gspca_spca508: reg_read err -32
[  629.036372][ T5873] gspca_spca508: reg_read err -32
[  629.045645][ T5873] gspca_spca508: reg_read err -32
[  629.086319][ T5873] gspca_spca508: reg_read err -32
[  629.125444][ T5873] gspca_spca508: reg_read err -32
[  629.203282][   T47] usb 2-1: Using ep0 maxpacket: 8
[  629.284072][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  629.338461][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  629.438805][   T47] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  629.492084][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.630259][   T47] usb 2-1: config 0 descriptor??
[  629.654258][ T5873] gspca_spca508: reg write: error -110
[  629.660351][ T5873] spca508 3-1:0.0: probe with driver spca508 failed with error -110
[  629.979809][   T47] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  630.167602][   T47] usb 3-1: USB disconnect, device number 20
[  631.043638][T11248] mkiss: ax0: crc mode is auto.
[  631.859456][   T47] usb 2-1: USB disconnect, device number 13
[  641.956529][T11327] mkiss: ax0: crc mode is auto.
[  645.043454][T11347] FAULT_INJECTION: forcing a failure.
[  645.043454][T11347] name failslab, interval 1, probability 0, space 0, times 0
[  645.096360][T11347] CPU: 1 UID: 0 PID: 11347 Comm: syz.1.1444 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  645.096391][T11347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  645.096404][T11347] Call Trace:
[  645.096411][T11347]  <TASK>
[  645.096419][T11347]  dump_stack_lvl+0x241/0x360
[  645.096449][T11347]  ? __pfx_dump_stack_lvl+0x10/0x10
[  645.096470][T11347]  ? __pfx__printk+0x10/0x10
[  645.096502][T11347]  ? __kmalloc_noprof+0xb5/0x4c0
[  645.096530][T11347]  ? __pfx___might_resched+0x10/0x10
[  645.096558][T11347]  should_fail_ex+0x40a/0x550
[  645.096586][T11347]  should_failslab+0xac/0x100
[  645.096613][T11347]  __kmalloc_noprof+0xdd/0x4c0
[  645.096638][T11347]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  645.096670][T11347]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  645.096702][T11347]  genl_rcv_msg+0x802/0xec0
[  645.096733][T11347]  ? __pfx_genl_rcv_msg+0x10/0x10
[  645.096792][T11347]  ? __pfx_lock_acquire+0x10/0x10
[  645.096818][T11347]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  645.096852][T11347]  ? __pfx___might_resched+0x10/0x10
[  645.096885][T11347]  netlink_rcv_skb+0x1e3/0x430
[  645.096917][T11347]  ? __pfx_genl_rcv_msg+0x10/0x10
[  645.096941][T11347]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  645.096984][T11347]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  645.097029][T11347]  genl_rcv+0x28/0x40
[  645.097050][T11347]  netlink_unicast+0x7f6/0x990
[  645.097093][T11347]  ? __pfx_netlink_unicast+0x10/0x10
[  645.097118][T11347]  ? __virt_addr_valid+0x45f/0x530
[  645.097148][T11347]  ? __phys_addr_symbol+0x2f/0x70
[  645.097175][T11347]  ? __check_object_size+0x47a/0x730
[  645.097205][T11347]  netlink_sendmsg+0x8e4/0xcb0
[  645.097248][T11347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  645.097291][T11347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  645.097319][T11347]  __sock_sendmsg+0x221/0x270
[  645.097351][T11347]  ____sys_sendmsg+0x52a/0x7e0
[  645.097390][T11347]  ? __pfx_____sys_sendmsg+0x10/0x10
[  645.097418][T11347]  ? __fget_files+0x2a/0x410
[  645.097448][T11347]  ? __fget_files+0x2a/0x410
[  645.097483][T11347]  __sys_sendmsg+0x269/0x350
[  645.097518][T11347]  ? __pfx___sys_sendmsg+0x10/0x10
[  645.097561][T11347]  ? do_sys_openat2+0x17a/0x1d0
[  645.097614][T11347]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  645.097642][T11347]  ? do_syscall_64+0x100/0x230
[  645.097671][T11347]  ? do_syscall_64+0xb6/0x230
[  645.097700][T11347]  do_syscall_64+0xf3/0x230
[  645.097726][T11347]  ? clear_bhb_loop+0x35/0x90
[  645.097757][T11347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  645.097784][T11347] RIP: 0033:0x7f5e5778cda9
[  645.097801][T11347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  645.097818][T11347] RSP: 002b:00007f5e586a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  645.097842][T11347] RAX: ffffffffffffffda RBX: 00007f5e579a5fa0 RCX: 00007f5e5778cda9
[  645.097857][T11347] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000003
[  645.097869][T11347] RBP: 00007f5e586a6090 R08: 0000000000000000 R09: 0000000000000000
[  645.097882][T11347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  645.097894][T11347] R13: 0000000000000000 R14: 00007f5e579a5fa0 R15: 00007fff084349f8
[  645.097923][T11347]  </TASK>
[  645.262998][ T9025] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  645.624075][ T9025] usb 4-1: Using ep0 maxpacket: 16
[  645.635205][ T9025] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  645.714511][ T9025] usb 4-1: New USB device found, idVendor=046d, idProduct=c531, bcdDevice= 0.00
[  645.742945][ T9025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.771132][ T9025] usb 4-1: config 0 descriptor??
[  645.924749][T11349] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  645.932137][T11349] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  645.947473][T11349] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  646.186186][T11349] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  646.516868][T11345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  646.526937][ T9025] logitech-djreceiver 0003:046D:C531.000A: hidraw0: USB HID v0.05 Device [HID 046d:c531] on usb-dummy_hcd.3-1/input0
[  646.545557][T11345] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  647.716183][ T5830] usb 4-1: USB disconnect, device number 17
[  647.933009][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  648.012984][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  648.252972][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  648.264898][ T9025] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  648.554481][ T9025] usb 4-1: Using ep0 maxpacket: 32
[  648.670925][ T9025] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  648.708567][ T9025] usb 4-1: config 0 has no interfaces?
[  648.728853][ T9025] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  648.767914][ T9025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.789064][ T9025] usb 4-1: config 0 descriptor??
[  649.628057][T11415] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  649.658990][T11415] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  649.796004][T11415] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  649.863376][T11415] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  649.950028][   T47] usb 4-1: USB disconnect, device number 18
[  651.113894][T11441] bridge0: entered promiscuous mode
[  651.430379][T11436] bridge0: left promiscuous mode
[  651.475520][T11452] netlink: 'syz.0.1470': attribute type 4 has an invalid length.
[  651.604391][T11434] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  651.635592][T11434] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  651.642293][T11434] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  651.698846][T11434] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  653.194493][T11473] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  653.201997][T11473] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  653.692908][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  653.772965][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  653.896497][T11473] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  653.955984][T11473] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  655.162055][T11487] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  655.215707][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  655.550857][T11517] FAULT_INJECTION: forcing a failure.
[  655.550857][T11517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  655.602155][T11518] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  655.617101][T11517] CPU: 0 UID: 0 PID: 11517 Comm: syz.2.1484 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  655.617136][T11517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  655.617150][T11517] Call Trace:
[  655.617158][T11517]  <TASK>
[  655.617166][T11517]  dump_stack_lvl+0x241/0x360
[  655.617198][T11517]  ? __pfx_dump_stack_lvl+0x10/0x10
[  655.617221][T11517]  ? __pfx__printk+0x10/0x10
[  655.617256][T11517]  ? __pfx_lock_release+0x10/0x10
[  655.617285][T11517]  ? lock_is_held_type+0x13b/0x190
[  655.617319][T11517]  should_fail_ex+0x40a/0x550
[  655.617349][T11517]  _copy_from_user+0x2d/0xb0
[  655.617372][T11517]  input_event_from_user+0x1e2/0x4a0
[  655.617402][T11517]  ? __pfx_input_event_from_user+0x10/0x10
[  655.617432][T11517]  ? input_inject_event+0xd6/0x350
[  655.617468][T11517]  evdev_write+0x470/0x790
[  655.617501][T11517]  ? __pfx_evdev_write+0x10/0x10
[  655.617526][T11517]  ? bpf_lsm_file_permission+0x9/0x10
[  655.617551][T11517]  ? rw_verify_area+0x243/0x630
[  655.617583][T11517]  ? __pfx_evdev_write+0x10/0x10
[  655.617608][T11517]  vfs_write+0x29f/0xd10
[  655.617638][T11517]  ? __pfx_vfs_write+0x10/0x10
[  655.617658][T11517]  ? lockdep_hardirqs_on+0x99/0x150
[  655.617685][T11517]  ? __fget_files+0x2a/0x410
[  655.617716][T11517]  ? __fget_files+0x395/0x410
[  655.617742][T11517]  ? __fget_files+0x2a/0x410
[  655.617780][T11517]  ksys_write+0x18f/0x2b0
[  655.617803][T11517]  ? __pfx_ksys_write+0x10/0x10
[  655.617825][T11517]  ? do_syscall_64+0x100/0x230
[  655.617856][T11517]  ? do_syscall_64+0xb6/0x230
[  655.617896][T11517]  do_syscall_64+0xf3/0x230
[  655.617936][T11517]  ? clear_bhb_loop+0x35/0x90
[  655.617997][T11517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.618031][T11517] RIP: 0033:0x7f886358cda9
[  655.618049][T11517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.618068][T11517] RSP: 002b:00007f88613f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  655.618091][T11517] RAX: ffffffffffffffda RBX: 00007f88637a5fa0 RCX: 00007f886358cda9
[  655.618107][T11517] RDX: 000000000000ff0f RSI: 0000000020000040 RDI: 0000000000000003
[  655.618121][T11517] RBP: 00007f88613f6090 R08: 0000000000000000 R09: 0000000000000000
[  655.618135][T11517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.618148][T11517] R13: 0000000000000000 R14: 00007f88637a5fa0 R15: 00007ffd47e263e8
[  655.618179][T11517]  </TASK>
[  655.933024][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  656.022957][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  656.559922][T11530] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1486'.
[  657.875281][T11523] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  657.886795][T11523] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  657.913297][T11523] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  658.171226][T11549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1489'.
[  658.819297][T11523] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  659.087071][T11553] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  659.103298][T11553] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  659.129804][T11553] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  659.137120][T11553] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  661.197307][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  661.388632][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  661.389937][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  661.474501][T11590] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  661.774487][T11580] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  661.797746][T11580] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  661.848410][T11580] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  661.872138][T11580] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  662.196049][T11604] Bluetooth: MGMT ver 1.23
[  663.400338][T11616] mkiss: ax0: crc mode is auto.
[  663.854012][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  663.854467][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  663.965953][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  666.135699][T11641] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  666.255228][ T5872] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  667.855079][T11640] bridge0: entered allmulticast mode
[  667.871657][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  667.874898][T11640] pim6reg: entered allmulticast mode
[  667.890915][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  667.930561][ T5872] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  667.940300][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.232875][ T5872] usb 5-1: config 0 descriptor??
[  668.734167][T11664] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1512'.
[  668.743367][T11664] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1512'.
[  669.677753][ T5872] usbhid 5-1:0.0: can't add hid device: -71
[  669.703161][ T5872] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  669.757391][ T5872] usb 5-1: USB disconnect, device number 15
[  670.656881][T11680] mkiss: ax0: crc mode is auto.
[  671.732846][   T29] audit: type=1326 audit(1738113891.310:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  671.755946][   T29] audit: type=1326 audit(1738113891.310:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  671.779252][   T29] audit: type=1326 audit(1738113891.310:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f886358b710 code=0x7ffc0000
[  671.887924][   T29] audit: type=1326 audit(1738113891.310:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f886358b710 code=0x7ffc0000
[  671.912960][   T29] audit: type=1326 audit(1738113891.310:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  672.016095][   T29] audit: type=1326 audit(1738113891.320:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  672.078909][   T29] audit: type=1326 audit(1738113891.570:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  672.261879][   T29] audit: type=1326 audit(1738113891.570:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  672.370063][T11698] overlayfs: failed to resolve './file0': -2
[  673.233020][   T29] audit: type=1326 audit(1738113891.570:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11693 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f88635bf665 code=0x7ffc0000
[  673.271076][   T29] audit: type=1326 audit(1738113891.620:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11689 comm="syz.2.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f886358cda9 code=0x7ffc0000
[  673.477303][T11703] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1522'.
[  673.497119][T11703] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1522'.
[  673.583519][T11705] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  674.407691][T11714] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1524'.
[  674.416860][T11714] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1524'.
[  674.895309][T11703] overlayfs: failed to resolve 'hash': -2
[  676.944756][T11741] mkiss: ax0: crc mode is auto.
[  677.590950][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  677.590972][   T29] audit: type=1326 audit(1738113897.170:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  677.747996][   T29] audit: type=1326 audit(1738113897.170:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f78d5d8ecc7 code=0x7ffc0000
[  677.831231][   T29] audit: type=1326 audit(1738113897.170:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f78d5d8ec3c code=0x7ffc0000
[  677.852869][    C0] vkms_vblank_simulate: vblank timer overrun
[  677.904921][   T29] audit: type=1326 audit(1738113897.170:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f78d5d8eb74 code=0x7ffc0000
[  677.927433][   T29] audit: type=1326 audit(1738113897.170:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f78d5d8eb74 code=0x7ffc0000
[  677.949400][   T29] audit: type=1326 audit(1738113897.170:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f78d5d8ba0a code=0x7ffc0000
[  677.970786][    C0] vkms_vblank_simulate: vblank timer overrun
[  677.977281][   T29] audit: type=1326 audit(1738113897.180:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  678.073477][   T29] audit: type=1326 audit(1738113897.180:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  678.211677][   T29] audit: type=1326 audit(1738113897.180:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  678.244722][   T29] audit: type=1326 audit(1738113897.180:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11747 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  678.500162][T11758] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  678.681915][T11764] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1536'.
[  678.691235][T11764] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1536'.
[  678.810599][T11758] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  678.840671][T11758] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  678.856460][T11758] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  680.722608][T11779] FAULT_INJECTION: forcing a failure.
[  680.722608][T11779] name failslab, interval 1, probability 0, space 0, times 0
[  680.740007][T11779] CPU: 0 UID: 0 PID: 11779 Comm: syz.4.1542 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  680.740030][T11779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  680.740040][T11779] Call Trace:
[  680.740045][T11779]  <TASK>
[  680.740052][T11779]  dump_stack_lvl+0x241/0x360
[  680.740074][T11779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  680.740089][T11779]  ? __pfx__printk+0x10/0x10
[  680.740115][T11779]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  680.740137][T11779]  ? __pfx___might_resched+0x10/0x10
[  680.740157][T11779]  should_fail_ex+0x40a/0x550
[  680.740177][T11779]  should_failslab+0xac/0x100
[  680.740197][T11779]  __kmalloc_node_noprof+0xe1/0x4d0
[  680.740217][T11779]  ? __kvmalloc_node_noprof+0x72/0x190
[  680.740244][T11779]  __kvmalloc_node_noprof+0x72/0x190
[  680.740267][T11779]  bpf_uprobe_multi_link_attach+0x498/0xdd0
[  680.740294][T11779]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  680.740315][T11779]  ? __fget_files+0x395/0x410
[  680.740339][T11779]  ? bpf_prog_attach_check_attach_type+0x42c/0x4f0
[  680.740363][T11779]  link_create+0x6d7/0x870
[  680.740385][T11779]  __sys_bpf+0x4bc/0x810
[  680.740403][T11779]  ? __pfx___sys_bpf+0x10/0x10
[  680.740428][T11779]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  680.740451][T11779]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  680.740471][T11779]  ? do_syscall_64+0x100/0x230
[  680.740495][T11779]  __x64_sys_bpf+0x7c/0x90
[  680.740510][T11779]  do_syscall_64+0xf3/0x230
[  680.740529][T11779]  ? clear_bhb_loop+0x35/0x90
[  680.740553][T11779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.740574][T11779] RIP: 0033:0x7f78d5d8cda9
[  680.740587][T11779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.740600][T11779] RSP: 002b:00007f78d6c61038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  680.740617][T11779] RAX: ffffffffffffffda RBX: 00007f78d5fa5fa0 RCX: 00007f78d5d8cda9
[  680.740628][T11779] RDX: 000000000000003c RSI: 00000000200012c0 RDI: 000000000000001c
[  680.740637][T11779] RBP: 00007f78d6c61090 R08: 0000000000000000 R09: 0000000000000000
[  680.740647][T11779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  680.740655][T11779] R13: 0000000000000000 R14: 00007f78d5fa5fa0 R15: 00007ffe028f5e98
[  680.740676][T11779]  </TASK>
[  680.968887][    C0] vkms_vblank_simulate: vblank timer overrun
[  680.983940][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  680.996233][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout
[  681.003029][ T8818] Bluetooth: hci3: command 0x0c1a tx timeout
[  683.045102][T11793] mkiss: ax0: crc mode is auto.
[  683.994869][T11804] FAULT_INJECTION: forcing a failure.
[  683.994869][T11804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  684.039662][T11804] CPU: 0 UID: 0 PID: 11804 Comm: syz.1.1549 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  684.039696][T11804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  684.039710][T11804] Call Trace:
[  684.039719][T11804]  <TASK>
[  684.039729][T11804]  dump_stack_lvl+0x241/0x360
[  684.039757][T11804]  ? __pfx_dump_stack_lvl+0x10/0x10
[  684.039778][T11804]  ? __pfx__printk+0x10/0x10
[  684.039812][T11804]  ? __pfx_lock_release+0x10/0x10
[  684.039849][T11804]  should_fail_ex+0x40a/0x550
[  684.039877][T11804]  _copy_from_user+0x2d/0xb0
[  684.039899][T11804]  copy_msghdr_from_user+0xae/0x680
[  684.039931][T11804]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  684.039953][T11804]  ? __fget_files+0x2a/0x410
[  684.039985][T11804]  ? __fget_files+0x2a/0x410
[  684.040021][T11804]  __sys_sendmmsg+0x32b/0x720
[  684.040065][T11804]  ? __pfx___sys_sendmmsg+0x10/0x10
[  684.040109][T11804]  ? __pfx_lock_release+0x10/0x10
[  684.040133][T11804]  ? kstrtouint_from_user+0x128/0x190
[  684.040185][T11804]  ? ksys_write+0x22a/0x2b0
[  684.040205][T11804]  ? __pfx_lock_release+0x10/0x10
[  684.040239][T11804]  ? sb_end_write+0xe9/0x1c0
[  684.040267][T11804]  ? vfs_write+0x7fa/0xd10
[  684.040289][T11804]  ? __mutex_unlock_slowpath+0x227/0x800
[  684.040345][T11804]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  684.040376][T11804]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  684.040405][T11804]  ? do_syscall_64+0x100/0x230
[  684.040436][T11804]  __x64_sys_sendmmsg+0xa0/0xb0
[  684.040471][T11804]  do_syscall_64+0xf3/0x230
[  684.040498][T11804]  ? clear_bhb_loop+0x35/0x90
[  684.040530][T11804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.040580][T11804] RIP: 0033:0x7f5e5778cda9
[  684.040599][T11804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  684.040624][T11804] RSP: 002b:00007f5e586a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  684.040647][T11804] RAX: ffffffffffffffda RBX: 00007f5e579a5fa0 RCX: 00007f5e5778cda9
[  684.040663][T11804] RDX: 0400000000000172 RSI: 0000000020003cc0 RDI: 0000000000000003
[  684.040678][T11804] RBP: 00007f5e586a6090 R08: 0000000000000000 R09: 0000000000000000
[  684.040691][T11804] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[  684.040704][T11804] R13: 0000000000000000 R14: 00007f5e579a5fa0 R15: 00007fff084349f8
[  684.040735][T11804]  </TASK>
[  684.562922][ T5872] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  685.423160][ T5872] usb 5-1: Using ep0 maxpacket: 16
[  685.445545][ T5872] usb 5-1: New USB device found, idVendor=2770, idProduct=9050, bcdDevice=11.97
[  685.466350][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.482271][ T5872] usb 5-1: config 0 descriptor??
[  685.505934][ T5872] gspca_main: sq905c-2.14.0 probing 2770:9050
[  686.388564][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  686.398852][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  686.470745][ T5872] usb 5-1: USB disconnect, device number 16
[  686.871049][T11824] FAULT_INJECTION: forcing a failure.
[  686.871049][T11824] name failslab, interval 1, probability 0, space 0, times 0
[  686.907805][T11824] CPU: 0 UID: 0 PID: 11824 Comm: syz.0.1556 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  686.907838][T11824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  686.907852][T11824] Call Trace:
[  686.907859][T11824]  <TASK>
[  686.907869][T11824]  dump_stack_lvl+0x241/0x360
[  686.907899][T11824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  686.907921][T11824]  ? __pfx__printk+0x10/0x10
[  686.907955][T11824]  ? __kmalloc_cache_noprof+0x48/0x390
[  686.907992][T11824]  ? __pfx___might_resched+0x10/0x10
[  686.908023][T11824]  should_fail_ex+0x40a/0x550
[  686.908051][T11824]  should_failslab+0xac/0x100
[  686.908080][T11824]  __kmalloc_cache_noprof+0x70/0x390
[  686.908108][T11824]  ? tty_register_device_attr+0x311/0x960
[  686.908143][T11824]  tty_register_device_attr+0x311/0x960
[  686.908178][T11824]  ? __pfx_tty_register_device_attr+0x10/0x10
[  686.908219][T11824]  ? tty_port_register_device+0x5b/0x100
[  686.908252][T11824]  rfcomm_dev_ioctl+0x1a51/0x2220
[  686.908286][T11824]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  686.908309][T11824]  ? tomoyo_path_number_perm+0x679/0x860
[  686.908340][T11824]  ? tomoyo_path_number_perm+0x679/0x860
[  686.908374][T11824]  ? __lock_acquire+0x1397/0x2100
[  686.908405][T11824]  ? bt_sock_ioctl+0xe9/0x2c0
[  686.908434][T11824]  sock_do_ioctl+0x158/0x460
[  686.908459][T11824]  ? __pfx_smack_log+0x10/0x10
[  686.908491][T11824]  ? __pfx_sock_do_ioctl+0x10/0x10
[  686.908520][T11824]  ? smk_tskacc+0x300/0x370
[  686.908548][T11824]  ? smack_file_ioctl+0x29e/0x3a0
[  686.908591][T11824]  sock_ioctl+0x626/0x8e0
[  686.908616][T11824]  ? __pfx_sock_ioctl+0x10/0x10
[  686.908639][T11824]  ? __fget_files+0x2a/0x410
[  686.908671][T11824]  ? __fget_files+0x2a/0x410
[  686.908704][T11824]  ? __pfx_sock_ioctl+0x10/0x10
[  686.908728][T11824]  __se_sys_ioctl+0xf5/0x170
[  686.908752][T11824]  do_syscall_64+0xf3/0x230
[  686.908779][T11824]  ? clear_bhb_loop+0x35/0x90
[  686.908812][T11824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.908841][T11824] RIP: 0033:0x7f676f18cda9
[  686.908859][T11824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  686.908877][T11824] RSP: 002b:00007f6770066038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  686.908901][T11824] RAX: ffffffffffffffda RBX: 00007f676f3a5fa0 RCX: 00007f676f18cda9
[  686.908916][T11824] RDX: 0000000020000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  686.908930][T11824] RBP: 00007f6770066090 R08: 0000000000000000 R09: 0000000000000000
[  686.908943][T11824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  686.908955][T11824] R13: 0000000000000000 R14: 00007f676f3a5fa0 R15: 00007ffd8ce69418
[  686.908987][T11824]  </TASK>
[  688.730656][T11838] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1557'.
[  688.749120][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  688.749138][   T29] audit: type=1326 audit(1738113908.330:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  688.784785][T11839] mkiss: ax0: crc mode is auto.
[  688.853443][   T29] audit: type=1326 audit(1738113908.330:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  688.933710][   T29] audit: type=1326 audit(1738113908.390:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f78d5d8ecc7 code=0x7ffc0000
[  688.958341][   T29] audit: type=1326 audit(1738113908.390:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f78d5d8ec3c code=0x7ffc0000
[  689.005384][   T29] audit: type=1326 audit(1738113908.390:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f78d5d8eb74 code=0x7ffc0000
[  689.027761][   T29] audit: type=1326 audit(1738113908.390:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f78d5d8eb74 code=0x7ffc0000
[  689.050379][   T29] audit: type=1326 audit(1738113908.400:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f78d5d8ba0a code=0x7ffc0000
[  689.275698][   T29] audit: type=1326 audit(1738113908.400:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  689.408494][   T29] audit: type=1326 audit(1738113908.400:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  689.633561][   T29] audit: type=1326 audit(1738113908.400:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11840 comm="syz.4.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f78d5d8cda9 code=0x7ffc0000
[  690.698150][T11869] hub 5-0:1.0: USB hub found
[  691.195699][T11869] hub 5-0:1.0: 1 port detected
[  691.508335][T11881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1570'.
[  691.521401][T11881] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  694.793525][T11903] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1577'.
[  694.820313][T11903] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1577'.
[  694.888944][T11915] x_tables: duplicate underflow at hook 3
[  695.840427][T11929] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1583'.
[  695.886792][T11931] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1584'.
[  695.910669][T11933] xt_bpf: check failed: parse error
[  696.432221][T11941] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  696.892729][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  696.899242][   T29] audit: type=1326 audit(1738113916.470:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  697.411064][   T29] audit: type=1326 audit(1738113916.510:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e5778b710 code=0x7ffc0000
[  697.532721][   T29] audit: type=1326 audit(1738113916.510:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e5778b710 code=0x7ffc0000
[  697.627449][   T29] audit: type=1326 audit(1738113916.510:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  697.717708][   T29] audit: type=1326 audit(1738113916.510:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  697.804604][   T29] audit: type=1326 audit(1738113917.050:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11955 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5e577bf665 code=0x7ffc0000
[  697.902870][   T29] audit: type=1326 audit(1738113917.050:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  698.001329][   T29] audit: type=1326 audit(1738113917.050:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  698.066651][   T29] audit: type=1326 audit(1738113917.050:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  698.115178][   T29] audit: type=1326 audit(1738113917.060:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11949 comm="syz.1.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  698.936499][T11958] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  699.073106][T11958] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  699.089975][T11958] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  699.100362][T11958] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  701.144594][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  701.144633][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  701.144711][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  701.563919][ T5830] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  701.750716][T12006] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  701.755234][ T5830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  701.767951][T12006] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  701.774739][ T5830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  701.778218][T12006] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  701.795761][ T5872] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  701.803668][ T5830] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  701.805585][ T5830] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  701.831430][T12006] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  701.993279][ T5872] usb 1-1: Using ep0 maxpacket: 16
[  702.007917][ T5872] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  702.021796][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  702.072562][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  702.102355][ T5872] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  702.112091][ T5830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  702.248631][ T5830] usb 5-1: config 0 descriptor??
[  702.943789][ T5872] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  703.029670][ T5927] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  703.039816][ T5872] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  703.050093][ T5872] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  703.060731][ T5872] usb 1-1: Manufacturer: syz
[  703.070121][ T5872] usb 1-1: config 0 descriptor??
[  703.172955][ T5927] usb 3-1: device descriptor read/64, error -71
[  703.505226][ T5927] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  703.773885][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  703.853160][ T5927] usb 3-1: device descriptor read/64, error -71
[  703.859636][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  703.866033][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  704.945136][ T5927] usb usb3-port1: attempt power cycle
[  705.273334][ T5872] rc_core: IR keymap rc-hauppauge not found
[  705.286373][ T5872] Registered IR keymap rc-empty
[  705.331528][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.414310][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.434510][ T5872] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  705.464309][ T5872] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input12
[  705.501588][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.524120][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.579615][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.614086][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.667201][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.703267][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.764837][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  705.898418][T12038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1612'.
[  706.632993][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  706.653158][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  706.673048][ T5872] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  706.697905][ T5872] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  706.794530][ T5872] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  706.858929][ T5872] usb 1-1: USB disconnect, device number 13
[  707.524495][ T5830] usbhid 5-1:0.0: can't add hid device: -71
[  707.530983][ T5830] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  707.573929][ T5830] usb 5-1: USB disconnect, device number 17
[  707.702656][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  707.702677][   T29] audit: type=1326 audit(1738113927.280:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  707.785073][   T29] audit: type=1326 audit(1738113927.280:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  707.818725][T12043] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  707.835370][T12043] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  707.851765][T12043] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  707.885015][   T29] audit: type=1326 audit(1738113927.320:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e5778ecc7 code=0x7ffc0000
[  707.907204][T12043] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  707.952937][   T29] audit: type=1326 audit(1738113927.320:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5e5778ec3c code=0x7ffc0000
[  707.993104][   T29] audit: type=1326 audit(1738113927.320:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5e5778eb74 code=0x7ffc0000
[  708.062900][   T29] audit: type=1326 audit(1738113927.320:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5e5778eb74 code=0x7ffc0000
[  708.355687][   T29] audit: type=1326 audit(1738113927.320:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5e5778ba0a code=0x7ffc0000
[  708.381190][   T29] audit: type=1326 audit(1738113927.330:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  708.403457][   T29] audit: type=1326 audit(1738113927.330:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  708.467280][T12067] FAULT_INJECTION: forcing a failure.
[  708.467280][T12067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  708.480619][T12067] CPU: 1 UID: 0 PID: 12067 Comm: syz.2.1621 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  708.480648][T12067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  708.480662][T12067] Call Trace:
[  708.480670][T12067]  <TASK>
[  708.480679][T12067]  dump_stack_lvl+0x241/0x360
[  708.480709][T12067]  ? __pfx_dump_stack_lvl+0x10/0x10
[  708.480731][T12067]  ? __pfx__printk+0x10/0x10
[  708.480774][T12067]  should_fail_ex+0x40a/0x550
[  708.480804][T12067]  strncpy_from_user+0x36/0x270
[  708.480830][T12067]  getname_flags+0xf1/0x540
[  708.480863][T12067]  user_path_at+0x24/0x60
[  708.480895][T12067]  __se_sys_mount+0x297/0x3c0
[  708.480928][T12067]  ? __pfx___se_sys_mount+0x10/0x10
[  708.480956][T12067]  ? do_syscall_64+0x100/0x230
[  708.480996][T12067]  ? __x64_sys_mount+0x20/0xc0
[  708.481025][T12067]  do_syscall_64+0xf3/0x230
[  708.481053][T12067]  ? clear_bhb_loop+0x35/0x90
[  708.481086][T12067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.481114][T12067] RIP: 0033:0x7f886358cda9
[  708.481133][T12067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.481151][T12067] RSP: 002b:00007f88613b4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  708.481179][T12067] RAX: ffffffffffffffda RBX: 00007f88637a6160 RCX: 00007f886358cda9
[  708.481196][T12067] RDX: 0000000020000280 RSI: 0000000020000100 RDI: 0000000000000000
[  708.481210][T12067] RBP: 00007f88613b4090 R08: 00000000200002c0 R09: 0000000000000000
[  708.481224][T12067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  708.481237][T12067] R13: 0000000000000000 R14: 00007f88637a6160 R15: 00007ffd47e263e8
[  708.481268][T12067]  </TASK>
[  709.372211][   T29] audit: type=1326 audit(1738113927.330:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12050 comm="syz.1.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e5778cda9 code=0x7ffc0000
[  709.854065][ T8818] Bluetooth: hci2: command 0x0c1a tx timeout
[  709.963153][ T8818] Bluetooth: hci4: command 0x0c1a tx timeout
[  709.967466][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  710.042939][ T5873] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  710.226419][ T5873] usb 3-1: Using ep0 maxpacket: 16
[  710.253779][ T5873] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  710.772146][ T5873] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  710.812601][ T5873] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  710.872414][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  711.093481][ T5873] usb 3-1: Product: syz
[  711.097801][ T5873] usb 3-1: Manufacturer: syz
[  711.162932][ T5873] usb 3-1: SerialNumber: syz
[  712.297957][ T5873] usb 3-1: 0:2 : does not exist
[  712.313204][T12103] block nbd3: not configured, cannot reconfigure
[  712.326707][ T5873] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  712.352406][ T5873] usb 3-1: USB disconnect, device number 24
[  715.451821][T12132] mkiss: ax0: crc mode is auto.
[  716.753873][   T29] kauditd_printk_skb: 109 callbacks suppressed
[  716.753905][   T29] audit: type=1326 audit(1738113936.340:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  716.802949][   T29] audit: type=1326 audit(1738113936.370:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  716.911218][   T29] audit: type=1326 audit(1738113936.370:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  717.031072][   T29] audit: type=1326 audit(1738113936.370:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  717.087232][   T29] audit: type=1326 audit(1738113936.410:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  717.720123][   T29] audit: type=1326 audit(1738113936.440:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  717.769400][T12169] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1648'.
[  717.835231][   T29] audit: type=1326 audit(1738113936.460:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  717.868422][T12169] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1648'.
[  717.935378][   T29] audit: type=1326 audit(1738113936.460:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  718.065381][   T29] audit: type=1326 audit(1738113936.460:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  718.164740][   T29] audit: type=1326 audit(1738113936.460:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12155 comm="syz.0.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f676f18cda9 code=0x7ffc0000
[  720.245948][T12182] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  720.263638][T12182] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  720.269719][T12182] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  720.329877][T12182] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  721.453430][   T47] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  722.051356][T12187] dns_resolver: Unsupported server list version (0)
[  722.332901][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  722.339140][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  722.345531][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  722.434708][T12207] FAULT_INJECTION: forcing a failure.
[  722.434708][T12207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.453970][T12207] CPU: 0 UID: 0 PID: 12207 Comm: syz.4.1662 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  722.454002][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  722.454016][T12207] Call Trace:
[  722.454024][T12207]  <TASK>
[  722.454033][T12207]  dump_stack_lvl+0x241/0x360
[  722.454063][T12207]  ? __pfx_dump_stack_lvl+0x10/0x10
[  722.454084][T12207]  ? __pfx__printk+0x10/0x10
[  722.454122][T12207]  ? snprintf+0xda/0x120
[  722.454146][T12207]  should_fail_ex+0x40a/0x550
[  722.454176][T12207]  _copy_to_user+0x31/0xb0
[  722.454198][T12207]  simple_read_from_buffer+0xca/0x150
[  722.454227][T12207]  proc_fail_nth_read+0x1e9/0x250
[  722.454256][T12207]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  722.454285][T12207]  ? rw_verify_area+0x243/0x630
[  722.454317][T12207]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  722.454345][T12207]  vfs_read+0x1f8/0xb40
[  722.454379][T12207]  ? fdget_pos+0x254/0x320
[  722.454409][T12207]  ? __pfx___mutex_lock+0x10/0x10
[  722.454437][T12207]  ? __pfx_vfs_read+0x10/0x10
[  722.454476][T12207]  ? do_sys_openat2+0x17a/0x1d0
[  722.454508][T12207]  ? __fget_files+0x2a/0x410
[  722.454537][T12207]  ? __fget_files+0x395/0x410
[  722.454563][T12207]  ? __fget_files+0x2a/0x410
[  722.454600][T12207]  ksys_read+0x18f/0x2b0
[  722.454623][T12207]  ? __pfx_ksys_read+0x10/0x10
[  722.454645][T12207]  ? do_syscall_64+0x100/0x230
[  722.454676][T12207]  ? do_syscall_64+0xb6/0x230
[  722.454706][T12207]  do_syscall_64+0xf3/0x230
[  722.454733][T12207]  ? clear_bhb_loop+0x35/0x90
[  722.454767][T12207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.454795][T12207] RIP: 0033:0x7f78d5d8b7bc
[  722.454814][T12207] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  722.454832][T12207] RSP: 002b:00007f78d6c61030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  722.454855][T12207] RAX: ffffffffffffffda RBX: 00007f78d5fa5fa0 RCX: 00007f78d5d8b7bc
[  722.454870][T12207] RDX: 000000000000000f RSI: 00007f78d6c610a0 RDI: 0000000000000004
[  722.454883][T12207] RBP: 00007f78d6c61090 R08: 0000000000000000 R09: 0000000000000000
[  722.454896][T12207] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  722.454909][T12207] R13: 0000000000000000 R14: 00007f78d5fa5fa0 R15: 00007ffe028f5e98
[  722.454941][T12207]  </TASK>
[  723.533993][   T47] usb 2-1: unable to get BOS descriptor or descriptor too short
[  723.544918][   T47] usb 2-1: unable to read config index 0 descriptor/start: -71
[  723.562818][   T47] usb 2-1: can't read configurations, error -71
[  724.552945][T12239] mkiss: ax0: crc mode is auto.
[  725.545191][T12238] Bluetooth: MGMT ver 1.23
[  726.165904][   T47] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  726.742883][   T47] usb 5-1: Using ep0 maxpacket: 16
[  726.760244][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  726.972004][   T47] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  726.991298][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.008412][   T47] usb 5-1: Product: syz
[  727.870512][   T47] usb 5-1: Manufacturer: syz
[  727.916126][   T47] usb 5-1: SerialNumber: syz
[  727.984747][   T47] usb 5-1: config 0 descriptor??
[  728.039035][   T47] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  728.233240][   T47] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  729.546173][   T47] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  729.793367][   T47] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  729.865455][   T47] em28xx 5-1:0.0: board has no eeprom
[  730.037328][   T47] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  730.112932][   T47] em28xx 5-1:0.0: dvb set to bulk mode.
[  730.119007][ T5873] em28xx 5-1:0.0: Binding DVB extension
[  730.159130][   T47] usb 5-1: USB disconnect, device number 18
[  730.179898][   T47] em28xx 5-1:0.0: Disconnecting em28xx
[  731.197869][ T5873] em28xx 5-1:0.0: Registering input extension
[  731.232716][   T47] em28xx 5-1:0.0: Closing input extension
[  731.525102][   T47] em28xx 5-1:0.0: Freeing device
[  732.669791][T12282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1682'.
[  734.543655][T12308] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1689'.
[  734.557391][T12305] lo speed is unknown, defaulting to 1000
[  735.303193][   T47] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  736.105706][   T47] usb 5-1: Using ep0 maxpacket: 32
[  736.125046][   T47] usb 5-1: config 0 has an invalid interface number: 139 but max is 0
[  736.137310][   T47] usb 5-1: config 0 has no interface number 0
[  736.148317][   T47] usb 5-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=ff.50
[  736.163959][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  736.174414][   T47] usb 5-1: Product: syz
[  736.178743][   T47] usb 5-1: Manufacturer: syz
[  736.186210][   T47] usb 5-1: SerialNumber: syz
[  736.204659][   T47] usb 5-1: config 0 descriptor??
[  736.385044][T12328] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1691'.
[  736.904015][   T47] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  737.018793][   T47] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  737.037645][   T47] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  737.047538][   T47] usb 5-1: media controller created
[  737.152461][   T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  737.489600][   T47] DVB: Unable to find symbol mt352_attach()
[  737.526493][T12337] FAULT_INJECTION: forcing a failure.
[  737.526493][T12337] name failslab, interval 1, probability 0, space 0, times 0
[  737.586642][T12337] CPU: 1 UID: 0 PID: 12337 Comm: syz.2.1696 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  737.586674][T12337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  737.586687][T12337] Call Trace:
[  737.586695][T12337]  <TASK>
[  737.586704][T12337]  dump_stack_lvl+0x241/0x360
[  737.586734][T12337]  ? __pfx_dump_stack_lvl+0x10/0x10
[  737.586757][T12337]  ? __pfx__printk+0x10/0x10
[  737.586797][T12337]  ? __kmalloc_cache_noprof+0x48/0x390
[  737.586827][T12337]  ? __pfx___might_resched+0x10/0x10
[  737.586856][T12337]  should_fail_ex+0x40a/0x550
[  737.586885][T12337]  should_failslab+0xac/0x100
[  737.586914][T12337]  __kmalloc_cache_noprof+0x70/0x390
[  737.586941][T12337]  ? alloc_async+0x4b/0xb0
[  737.586967][T12337]  alloc_async+0x4b/0xb0
[  737.586991][T12337]  proc_do_submiturb+0xdf4/0x3550
[  737.587040][T12337]  usbdev_ioctl+0x3111/0x6120
[  737.587072][T12337]  ? is_bpf_text_address+0x285/0x2a0
[  737.587097][T12337]  ? is_bpf_text_address+0x26/0x2a0
[  737.587138][T12337]  ? __kernel_text_address+0xd/0x40
[  737.587169][T12337]  ? unwind_get_return_address+0x4d/0x90
[  737.587198][T12337]  ? __pfx_usbdev_ioctl+0x10/0x10
[  737.587238][T12337]  ? arch_stack_walk+0xfd/0x150
[  737.587282][T12337]  ? stack_trace_save+0x118/0x1d0
[  737.587307][T12337]  ? __pfx_stack_trace_save+0x10/0x10
[  737.587332][T12337]  ? stack_depot_save_flags+0x37/0x940
[  737.587364][T12337]  ? kasan_save_track+0x51/0x80
[  737.587382][T12337]  ? kasan_save_track+0x3f/0x80
[  737.587401][T12337]  ? kasan_save_free_info+0x40/0x50
[  737.587429][T12337]  ? __kasan_slab_free+0x59/0x70
[  737.587449][T12337]  ? kfree+0x196/0x430
[  737.587472][T12337]  ? tomoyo_path_number_perm+0x679/0x860
[  737.587497][T12337]  ? security_file_ioctl+0xc6/0x2a0
[  737.587525][T12337]  ? __se_sys_ioctl+0x46/0x170
[  737.587543][T12337]  ? do_syscall_64+0xf3/0x230
[  737.587582][T12337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.587615][T12337]  ? do_vfs_ioctl+0xf07/0x2e40
[  737.587642][T12337]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  737.587666][T12337]  ? mark_lock+0x9a/0x360
[  737.587711][T12337]  ? tomoyo_path_number_perm+0x206/0x860
[  737.587740][T12337]  ? __pfx_lock_release+0x10/0x10
[  737.587771][T12337]  ? tomoyo_path_number_perm+0x679/0x860
[  737.587802][T12337]  ? tomoyo_path_number_perm+0x679/0x860
[  737.587834][T12337]  ? tomoyo_path_number_perm+0x6f9/0x860
[  737.587860][T12337]  ? __lock_acquire+0x1397/0x2100
[  737.587890][T12337]  ? tomoyo_path_number_perm+0x206/0x860
[  737.587917][T12337]  ? smack_log+0x10d/0x5c0
[  737.587945][T12337]  ? __pfx_smack_log+0x10/0x10
[  737.587967][T12337]  ? smk_access+0x4ab/0x4e0
[  737.587997][T12337]  ? smk_tskacc+0x300/0x370
[  737.588025][T12337]  ? smack_file_ioctl+0x2f7/0x3a0
[  737.588053][T12337]  ? __pfx_smack_file_ioctl+0x10/0x10
[  737.588086][T12337]  ? __fget_files+0x2a/0x410
[  737.588117][T12337]  ? __fget_files+0x2a/0x410
[  737.588156][T12337]  ? __pfx_usbdev_ioctl+0x10/0x10
[  737.588190][T12337]  __se_sys_ioctl+0xf5/0x170
[  737.588213][T12337]  do_syscall_64+0xf3/0x230
[  737.588239][T12337]  ? clear_bhb_loop+0x35/0x90
[  737.588272][T12337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.588299][T12337] RIP: 0033:0x7f886358cda9
[  737.588318][T12337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  737.588335][T12337] RSP: 002b:00007f88613f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  737.588358][T12337] RAX: ffffffffffffffda RBX: 00007f88637a5fa0 RCX: 00007f886358cda9
[  737.588374][T12337] RDX: 0000000020000000 RSI: 000000008038550a RDI: 0000000000000004
[  737.588387][T12337] RBP: 00007f88613f6090 R08: 0000000000000000 R09: 0000000000000000
[  737.588400][T12337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  737.588412][T12337] R13: 0000000000000000 R14: 00007f88637a5fa0 R15: 00007ffd47e263e8
[  737.588444][T12337]  </TASK>
[  737.975724][   T47] DVB: Unable to find symbol nxt6000_attach()
[  737.981963][   T47] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  738.270219][   T47] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input14
[  738.283003][   T47] dvb-usb: schedule remote query interval to 1000 msecs.
[  738.290715][   T47] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  739.533490][ T5873] dvb-usb: bulk message failed: -22 (7/0)
[  739.539724][ T5873] dvb-usb: error while querying for an remote control event.
[  739.585605][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  739.585628][   T29] audit: type=1326 audit(1738113958.150:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12339 comm="syz.4.1697" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f78d5d8cda9 code=0x0
[  739.717150][   T47] dvb-usb: bulk message failed: -22 (7/0)
[  739.728242][   T47] dvb-usb: bulk message failed: -22 (7/0)
[  739.790120][   T47] usb 5-1: USB disconnect, device number 19
[  740.148596][   T47] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  741.807527][T12366] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.1703'.
[  743.749455][T12386] netlink: 'syz.1.1707': attribute type 6 has an invalid length.
[  848.742730][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  848.749752][    C0] rcu: 	1-...!: (0 ticks this GP) idle=fe9c/1/0x4000000000000000 softirq=39588/39588 fqs=8
[  848.761277][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=44073, q=152 ncpus=2)
[  848.769047][    C0] Sending NMI from CPU 0 to CPUs 1:
[  848.769097][    C1] NMI backtrace for cpu 1
[  848.769110][    C1] CPU: 1 UID: 0 PID: 12345 Comm: syz.4.1697 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  848.769130][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  848.769141][    C1] RIP: 0010:advance_sched+0x7f/0xca0
[  848.769164][    C1] Code: 03 80 3c 28 00 74 08 48 89 df e8 1c 4e 35 f8 48 8b 1b 48 89 d8 48 c1 e8 03 80 3c 28 00 74 08 48 89 df e8 04 4e 35 f8 48 8b 1b <48> 83 c3 36 48 89 d8 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 bb 0b 00
[  848.769180][    C1] RSP: 0018:ffffc90000a18c70 EFLAGS: 00000046
[  848.769196][    C1] RAX: 1ffff1100ba00800 RBX: ffff88805d000000 RCX: ffff888031591e00
[  848.769210][    C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: ffff888028a2c340
[  848.769221][    C1] RBP: dffffc0000000000 R08: ffffffff81acc01f R09: 1ffffffff2034c6e
[  848.769234][    C1] R10: dffffc0000000000 R11: ffffffff89ee1bf0 R12: dffffc0000000000
[  848.769247][    C1] R13: ffffffff89ee1bf0 R14: ffff888028a2c340 R15: ffff8880315928d8
[  848.769260][    C1] FS:  00007f78d6c406c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  848.769275][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  848.769287][    C1] CR2: 000055557a99f808 CR3: 00000000251da000 CR4: 00000000003526f0
[  848.769302][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  848.769317][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  848.769328][    C1] Call Trace:
[  848.769336][    C1]  <NMI>
[  848.769346][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  848.769365][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  848.769389][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  848.769405][    C1]  ? nmi_handle+0x2a/0x5a0
[  848.769436][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  848.769456][    C1]  ? nmi_handle+0x14f/0x5a0
[  848.769478][    C1]  ? nmi_handle+0x2a/0x5a0
[  848.769502][    C1]  ? advance_sched+0x7f/0xca0
[  848.769517][    C1]  ? default_do_nmi+0x63/0x160
[  848.769543][    C1]  ? exc_nmi+0x123/0x1f0
[  848.769569][    C1]  ? end_repeat_nmi+0xf/0x53
[  848.769593][    C1]  ? __pfx_advance_sched+0x10/0x10
[  848.769609][    C1]  ? __pfx_advance_sched+0x10/0x10
[  848.769625][    C1]  ? __hrtimer_run_queues+0x53f/0xd30
[  848.769653][    C1]  ? advance_sched+0x7f/0xca0
[  848.769669][    C1]  ? advance_sched+0x7f/0xca0
[  848.769685][    C1]  ? advance_sched+0x7f/0xca0
[  848.769701][    C1]  </NMI>
[  848.769706][    C1]  <IRQ>
[  848.769714][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  848.769733][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  848.769756][    C1]  ? __pfx_advance_sched+0x10/0x10
[  848.769772][    C1]  __hrtimer_run_queues+0x59b/0xd30
[  848.769806][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  848.769830][    C1]  ? sched_clock+0x4a/0x70
[  848.769848][    C1]  ? read_tsc+0x9/0x20
[  848.769865][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  848.769889][    C1]  hrtimer_interrupt+0x403/0xa40
[  848.769925][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[  848.769951][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  848.769972][    C1]  </IRQ>
[  848.769977][    C1]  <TASK>
[  848.769983][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  848.770008][    C1] RIP: 0010:lock_acquire+0x264/0x550
[  848.770029][    C1] Code: 2b 00 74 08 4c 89 f7 e8 4a a4 88 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  848.770043][    C1] RSP: 0018:ffffc9001a4978e0 EFLAGS: 00000206
[  848.770058][    C1] RAX: 0000000000000001 RBX: 1ffff92003492f28 RCX: ffff8880315928e8
[  848.770070][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aa220 RDI: ffffffff8c5f6960
[  848.770083][    C1] RBP: ffffc9001a497a38 R08: ffffffff942c6877 R09: 1ffffffff2858d0e
[  848.770096][    C1] R10: dffffc0000000000 R11: fffffbfff2858d0f R12: 1ffff92003492f24
[  848.770108][    C1] R13: dffffc0000000000 R14: ffffc9001a497940 R15: 0000000000000246
[  848.770132][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  848.770155][    C1]  ? __pfx___might_resched+0x10/0x10
[  848.770174][    C1]  ? do_recvmmsg+0x44e/0xab0
[  848.770204][    C1]  ? rcu_is_watching+0x15/0xb0
[  848.770228][    C1]  ? do_recvmmsg+0x44e/0xab0
[  848.770254][    C1]  ? __might_fault+0xaa/0x120
[  848.770279][    C1]  __might_fault+0xc6/0x120
[  848.770311][    C1]  ? __might_fault+0xaa/0x120
[  848.770338][    C1]  do_recvmmsg+0x59c/0xab0
[  848.770369][    C1]  ? __pfx_do_recvmmsg+0x10/0x10
[  848.770394][    C1]  ? finish_task_switch+0x1e5/0x870
[  848.770426][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  848.770454][    C1]  ? __pfx___schedule+0x10/0x10
[  848.770471][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  848.770493][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  848.770522][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  848.770552][    C1]  __x64_sys_recvmmsg+0x199/0x250
[  848.770579][    C1]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  848.770612][    C1]  do_syscall_64+0xf3/0x230
[  848.770634][    C1]  ? clear_bhb_loop+0x35/0x90
[  848.770658][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.770681][    C1] RIP: 0033:0x7f78d5d8cda9
[  848.770697][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  848.770710][    C1] RSP: 002b:00007f78d6c40038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  848.770727][    C1] RAX: ffffffffffffffda RBX: 00007f78d5fa6080 RCX: 00007f78d5d8cda9
[  848.770739][    C1] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  848.770750][    C1] RBP: 00007f78d5e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  848.770760][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  848.770770][    C1] R13: 0000000000000000 R14: 00007f78d5fa6080 R15: 00007ffe028f5e98
[  848.770789][    C1]  </TASK>
[  848.771088][    C0] rcu: rcu_preempt kthread starved for 10486 jiffies! g44073 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  849.341124][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  849.351116][    C0] rcu: RCU grace-period kthread stack dump:
[  849.357026][    C0] task:rcu_preempt     state:R  running task     stack:25752 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[  849.370557][    C0] Call Trace:
[  849.373855][    C0]  <TASK>
[  849.376841][    C0]  __schedule+0x18bc/0x4c40
[  849.381381][    C0]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  849.387411][    C0]  ? __pfx___schedule+0x10/0x10
[  849.392311][    C0]  ? __pfx_lock_release+0x10/0x10
[  849.397413][    C0]  ? __pfx___mod_timer+0x10/0x10
[  849.402402][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  849.408795][    C0]  ? schedule+0x90/0x320
[  849.413081][    C0]  schedule+0x14b/0x320
[  849.417289][    C0]  schedule_timeout+0x15a/0x290
[  849.422173][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  849.427582][    C0]  ? __pfx_process_timeout+0x10/0x10
[  849.432901][    C0]  ? prepare_to_swait_event+0x330/0x350
[  849.438484][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  849.443366][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  849.448603][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  849.454791][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  849.460108][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  849.466037][    C0]  ? finish_swait+0xd4/0x1e0
[  849.470659][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  849.475891][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  849.480527][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  849.485754][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  849.491687][    C0]  ? __kthread_parkme+0x169/0x1d0
[  849.496742][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  849.501973][    C0]  kthread+0x7a9/0x920
[  849.506086][    C0]  ? __pfx_kthread+0x10/0x10
[  849.510710][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  849.515945][    C0]  ? __pfx_kthread+0x10/0x10
[  849.520566][    C0]  ? __pfx_kthread+0x10/0x10
[  849.525202][    C0]  ? __pfx_kthread+0x10/0x10
[  849.529823][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  849.535062][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  849.540293][    C0]  ? __pfx_kthread+0x10/0x10
[  849.544918][    C0]  ret_from_fork+0x4b/0x80
[  849.549363][    C0]  ? __pfx_kthread+0x10/0x10
[  849.553983][    C0]  ret_from_fork_asm+0x1a/0x30
[  849.558794][    C0]  </TASK>
[  849.561832][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  849.568202][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[  849.578204][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  849.588305][    C0] RIP: 0010:acpi_safe_halt+0x21/0x30
[  849.593667][    C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 c0 d4 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 45 39 7c 00 f3 0f 1e fa fb f4 <fa> c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
[  849.613325][    C0] RSP: 0018:ffffffff8e607ca8 EFLAGS: 00000246
[  849.619443][    C0] RAX: ffffffff8e6965c0 RBX: ffff88801da9d864 RCX: 00000000005384d9
[  849.627444][    C0] RDX: 0000000000000001 RSI: ffff88801da9d800 RDI: ffff88801da9d864
[  849.635438][    C0] RBP: 000000000003a8f8 R08: ffff8880b863795b R09: 1ffff110170c6f2b
[  849.643436][    C0] R10: dffffc0000000000 R11: ffffffff8bed0cb0 R12: ffff888140b70800
[  849.651455][    C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8f121ac0
[  849.659463][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  849.668507][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  849.675122][    C0] CR2: 0000001b2f910ff8 CR3: 000000007c278000 CR4: 00000000003526f0
[  849.683126][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  849.691119][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  849.699114][    C0] Call Trace:
[  849.702413][    C0]  <IRQ>
[  849.705277][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  849.711651][    C0]  ? print_other_cpu_stall+0x1481/0x15c0
[  849.717357][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  849.723194][    C0]  ? seqcount_lockdep_reader_access+0x1c6/0x220
[  849.729461][    C0]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  849.736085][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  849.742351][    C0]  ? rcu_sched_clock_irq+0xa26/0x10e0
[  849.747765][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  849.753443][    C0]  ? update_process_times+0x242/0x2f0
[  849.758859][    C0]  ? tick_nohz_handler+0x37c/0x500
[  849.764006][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  849.769490][    C0]  ? __hrtimer_run_queues+0x551/0xd30
[  849.774927][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  849.780695][    C0]  ? read_tsc+0x9/0x20
[  849.784788][    C0]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  849.790892][    C0]  ? hrtimer_interrupt+0x403/0xa40
[  849.796060][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[  849.802252][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  849.808086][    C0]  </IRQ>
[  849.811044][    C0]  <TASK>
[  849.814004][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  849.820197][    C0]  ? __pfx_acpi_idle_enter+0x10/0x10
[  849.825520][    C0]  ? acpi_safe_halt+0x21/0x30
[  849.830235][    C0]  acpi_idle_enter+0xe4/0x140
[  849.834949][    C0]  cpuidle_enter_state+0x109/0x470
[  849.840099][    C0]  ? __pfx_menu_select+0x10/0x10
[  849.845067][    C0]  cpuidle_enter+0x5d/0xa0
[  849.849525][    C0]  do_idle+0x372/0x5c0
[  849.853629][    C0]  ? __pfx_do_idle+0x10/0x10
[  849.858343][    C0]  ? do_idle+0x59e/0x5c0
[  849.862613][    C0]  ? rest_init+0x31/0x300
[  849.866981][    C0]  cpu_startup_entry+0x42/0x60
[  849.871774][    C0]  rest_init+0x2dc/0x300
[  849.876048][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  849.881629][    C0]  start_kernel+0x484/0x510
[  849.886168][    C0]  x86_64_start_reservations+0x2a/0x30
[  849.891654][    C0]  x86_64_start_kernel+0x9f/0xa0
[  849.896616][    C0]  common_startup_64+0x13e/0x147
[  849.901605][    C0]  </TASK>