last executing test programs:

15.133238389s ago: executing program 0 (id=341):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = timerfd_create(0x8, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0)
timerfd_settime(r3, 0x0, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x80)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x22282)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)
r5 = syz_io_uring_setup(0x4dd, &(0x7f0000000140)={0x0, 0xb4d9, 0x100, 0x4, 0xbfdffff8}, &(0x7f0000000340), &(0x7f00000000c0))
io_uring_enter(r5, 0x47f6, 0x0, 0x2, 0x0, 0x0)
io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x11, &(0x7f00000002c0)=[0x7, 0x2], 0x2)

14.157482375s ago: executing program 2 (id=342):
r0 = ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000080)={0xffffffffffffffff, 0x1, 0x0, 0x4000})
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix_mp={0x8e0, 0xffff8000, 0x3136564e, 0x2, 0x3, [{0x2, 0x6}, {0xc00, 0x3ff}, {0x3, 0x5de3}, {0x14, 0xfff}, {0x9, 0x4000069a}, {0x7, 0x7f}, {0x81, 0x5}, {0x82, 0x17}], 0x7b, 0x2, 0x8, 0x2, 0x4}})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280), 0x0)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, &(0x7f00000000c0)=0x3ff, 0x80b, 0x2)
mbind(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x6, &(0x7f00000002c0)=0x5, 0x4, 0x5)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x20343059, 0x0, 0x400000, 0x0, 0x0, 0xfffffffc}})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYRES16=0x0], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r6}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000940)=@generic={0x0, r5}, 0x18)
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSNLIST(r7, 0x8010640b, &(0x7f0000000000)={0x2, &(0x7f00000004c0)=[{0x2000000, 0x0, 0x0, 0x9, 0x3}, {0xa000006, 0x0, 0x0, 0x8, 0xffff}]})
r8 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x11b000, 0x8)
fchown(r8, 0xffffffffffffffff, 0x0)

13.884498053s ago: executing program 4 (id=343):
socket$alg(0x26, 0x5, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x2dd}, 0x0, 0x0)
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, 0x0, 0x40000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000000abc0)=""/102392, 0x18ff8)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = memfd_create(&(0x7f0000002180)='\xa3\xcb\x04=\x827\xe7\x81S\bD\xd8K| \x8b\xdb\xb1\x03\xd0\x9d2\x9es\x19_=#n_\xeb\xbdR\xfd`U\xa7k\xd0\xd8\xd2\xc0\x91\xc1\x98#\r\xa7\x16\xfd@\xd7V*^\xcf\x9f\b1\xce3\vN\xa6\x01\xb5\xb5\xba\xdc\xc8\xda\xd2\apY\vu\x80\xa9\x14X\xcf!\xd3W\'\xb44#\xf6\x7fHS\xa6l\x17\x97\x80\xea\xc5+T\xe3\"\xda\x14\xfe,\xf3\\\xeb\x1cp\xd6\xc1\b\xec\xe1\x94\xdf\xdb\xa1\xf7=B\xb2\x94o\xd5{\xd2_\x93\xa1)\xdem\'H\\e\x8bu\xbcVw\xaeb\xa1b\xb1\xc1\f\x9f0\x93\x0f\x16,\xeb!Z\xa9\\\xf7B\xf8L\x05\xc7\xf7q\x9d_\xb4\xbb3i[t\xb6\xbc\x824\x7f\xd7\xb7 \xd4\x7fUE\xcb7\xe3\xb4\xb6\xa0\xd8\x1b\a8\xfe$\xa1\x12&\xb2\xfc\xfb\x12U\xb9u\xb4=\xa5\x9e\x1f`\x05q5\xee\xde\xdf\xba\xc4\xc5q\x8bk\xf1\x9c\xc3\xa4w\xf9!^#\x8c', 0x4)
ftruncate(r4, 0x200000)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x801, 0xfffffffc, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x4008040)
fsopen(0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)

13.800656372s ago: executing program 1 (id=345):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = shmget$private(0x0, 0x400000, 0x40, &(0x7f000000e000/0x400000)=nil)
shmat(r1, &(0x7f0000fed000/0x3000)=nil, 0x400c)
mremap(&(0x7f00003df000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x6}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x1e, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, 0x0, &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, 0x0, 0x0)

12.797972935s ago: executing program 0 (id=346):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$packet(0x11, 0x3, 0x300)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x18)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x5, 0x0, 0x0, 0xe4}]}, 0x10)

11.281839247s ago: executing program 0 (id=347):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
r2 = gettid()
timer_create(0x1, &(0x7f0000000900)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f00000008c0))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
preadv(r3, &(0x7f00000007c0)=[{&(0x7f0000000700)=""/188, 0xbc}], 0x1, 0x7, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r4, 0x80046402, 0x0)
close(r4)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x40, 0x22, 0x14}, 0x18)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'veth1_to_batadv\x00', <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000580)={&(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_SETPLANE(r3, 0xc03064b7, &(0x7f0000000600)={r1, 0x0, r8, 0x3ff, 0x3, 0x1000, 0x0, 0xfffffe00, 0x9, 0x9, 0x1, 0x400})
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0xda2, 0x0, 0x0, 0x0, 0x0, 0x800}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0x3ff, 0xb70c}}, @TCA_NETEM_RATE={0x14, 0x6, {0x3, 0xfffffff7, 0x3, 0x2}}]}}}]}, 0x6c}}, 0x4000000)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[<r10=>0x0]})
openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0xd0000)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000440)={&(0x7f0000000240)=[<r11=>0x0], &(0x7f00000002c0), 0x1, r9})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x601, 0x1, &(0x7f00000000c0)=[r9], &(0x7f0000000200), &(0x7f0000000300)=[r11], &(0x7f0000000580)})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000500)={&(0x7f0000000180)=[0x0, 0x0, 0x0], 0x3, r10})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="b40000000000000061114800000000004600feff000000009500000000000000ac9247d1b03f0fcc2688cb87405eddd38b13e208590f40ed19b0c4f277af10985a91bbdba5cccedd66fcc3dd726efdfbc0aea250f1bea1ad0c31fce77682bd2bdded3dfbf70ed47251899bfc75030691a10f2194d1e24d3ee6da"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0xffffff33}, 0x48)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @loopback}]}]}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_MASTER={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x840}, 0x0)

10.858067511s ago: executing program 1 (id=349):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_tables_matches\x00')
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000100)={@dev, <r3=>0x0}, &(0x7f0000000140)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000200)={'syztnl2\x00', r3, 0x4, 0x6, 0x20, 0xf, 0x20, @ipv4={'\x00', '\xff\xff', @empty}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7800, 0x0, 0x6, 0x80000000}})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000026c0)={0x0, 0x25, &(0x7f0000002680)={&(0x7f0000000500)={0x14, 0x38, 0x1, 0x70bd2c, 0x25dfdbff, {0xb}, [@generic="e8f3655beafe9892e3dc37deacc74db25f4f5689e90bd21ec16e103d0c2026d6146c11f2c381a332d228c5ac43574a32e362954012730eb29304ed09c0bb6bea38fcff9021c90ad43fd428bb3c488e7e66519166daad25ccc24da42c313768dda734e7edc436ba596fda7a2c2b76603a77a9c1f417d1577149f6f53c5d8462d5b842a5bd71eefce8f6a5e6fabe600ae059200c39336d8e6a3d53ad0aa8f90114aaa6918a1a911275db26637035d0ce5ea2"]}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc080)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE(r6, 0x29, 0x19, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x9, 0x2, 0x200, 0x0, 0x8}, 0x0, &(0x7f0000000200)={0x3ff, 0x0, 0x0, 0x9, 0x1, 0x0, 0x7fffffff, 0x100002}, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x401, 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r7, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
r9 = dup(r8)
write$FUSE_INIT(r9, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x53b, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)

10.650487789s ago: executing program 4 (id=351):
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x0, 0x0)
r1 = socket$inet(0x2, 0x3, 0x1)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0xe8c}, 0x2d, 0xfffffffffffffff9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x801, 0x0, 0x0, {0x5}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4081}, 0x10000)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'trusted:'}, 0x20, 0xfffffffffffffffd)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r1, &(0x7f0000000280)="9a9c", 0xffeb, 0x24000080, &(0x7f0000001080)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r3 = timerfd_create(0x9, 0x0)
clock_gettime(0x0, &(0x7f0000000040)={<r4=>0x0, <r5=>0x0})
timerfd_settime(r3, 0x1, &(0x7f0000000080)={{r4, r5+60000000}, {0x0, 0x3938700}}, &(0x7f00000000c0))

8.758978405s ago: executing program 3 (id=353):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180), 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r3)
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000000)={0x14, r4, 0x341, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x2400c090}, 0x14)

8.688412918s ago: executing program 1 (id=354):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001980)=@newtaction={0x18, 0x30, 0x200, 0x70bd2d, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x23456})
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000740)={0x53, 0xfffffffffffffffe, 0x74, 0xfe, @buffer={0x600, 0x70, &(0x7f00000003c0)=""/112}, &(0x7f0000000340)="29f8a81b133dbfaded918391187e7e76062f357fcec060cf2d2cbb76e8142dbe4b407f4bed3a817178de3bf70a8a39aa72ca9ecb34c78443afc8f36f28fb810495c807b92df15593051800260c12f90ae60a0603d4a84ac3702c6289735e269691072026ddb41a608f99e9660f6345abd4c70000", 0x0, 0xfffffffd, 0x10010, 0x0, 0x0})

8.680930553s ago: executing program 0 (id=355):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
sendfile(r1, r0, &(0x7f0000002700)=0x1, 0x8)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x2)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r4, 0xc0045540, &(0x7f0000000000)=0xfffffffd)

8.196445761s ago: executing program 4 (id=356):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x80000000006, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x1, @pix={0x0, 0x0, 0x32314742}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
pwritev(r2, &(0x7f0000000380)=[{&(0x7f0000000140)="c021", 0x2}], 0x1, 0x1, 0x2)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x29, 0x0, 0x0, 0x1000004}]}, 0x8)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000400)=ANY=[], 0xa)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000580)=[@text64={0x40, &(0x7f0000000500)="c403614c6d077fb805000000b9003000000f01c1b96d0a0000b80e000000ba000000000f30460f009800000080dab4f8020000000fc75c35f0c462412f24fc460f183a0f35f30f09", 0x48}], 0x1, 0x4e, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r8, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0)
sendto$packet(r6, &(0x7f0000000480)="7eeb99b6f78c67515ea2f0d01d76", 0xac, 0x94, &(0x7f0000000140)={0x11, 0x86dd, r8, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})

8.025727704s ago: executing program 3 (id=357):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$packet(0x11, 0x3, 0x300)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x18)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x5, 0x0, 0x0, 0xe4}]}, 0x10)

6.986037644s ago: executing program 3 (id=358):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendto$packet(r1, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000", 0x14, 0x0, &(0x7f0000000140), 0x14)
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4c00000010003b15000800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100626f6e6400000000140002800500010006000000080003000000000008000a00", @ANYRES32], 0x4c}}, 0x0)
r4 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722", 0x44}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/69, 0x45}, {&(0x7f0000000840)=""/83, 0x53}], 0x2}, 0x2000)
mount$fuse(0x0, 0x0, 0x0, 0x4000, &(0x7f0000000080)=ANY=[@ANYRESHEX=0x0])
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)

6.252759987s ago: executing program 4 (id=359):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f00), r0)
sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000f40)={0x1c, r1, 0xb5413aed0fada92d, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000240), &(0x7f0000000140)=0x8)

6.153334983s ago: executing program 1 (id=360):
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000020c0)="c6cfdab7e6f83fe5e44dd3a8d886a720a29cfb7e50ef99fcf38be6c3b9a9f8c9fdb7b1332c99b85247977ad2d66a577e6f0853366c7561476cb35cf07e6fc1c21d33853a21771a8835a50d941d35a4ccb511cb67ed64259c99811f0e6f176fba1e0fa45fefe030a588f0cf64895fb12a794fd0bd176a38440328d3c6c24c85f50e95c5190eb03fb04f1eb34cae287ed75c8ca8fab2c04dc1fafa14ef93e2a721a12238700dfdabd057e94e697534e1af81921756270313d22a185c146852a5e94300bc8de9904e8c6948d5d2aed05337b9572ee74b77209c6b4710e87fa6661b19283079a46f70a538d96f484b63171bdc3622fcbab6d9bafeaacd755923209c07b8c2f39c04ea713020bcd9e6f1120ea3fbc8dd0b55986c05aa0c0b13ad52f250e9505ba53a887ed7c857e0f56282d6dd5932930efe384bbb198c50aae4b9a65e6a6ccc2904a9121a28df865011c39a54fb0f890cc1f7ef5f5172754f1c2aa8e8acf8c754f22efa88ffea91f2a14133e0a7a8a06bc80d042ce1affa2ebc74b49b48169404b33c62915e54c554d10bc432ec988f7081a8690335d58d0a819d33296db1377af876d84fd557f9a2018ee91f7d39819fc72b0a9bbdd05d6efe6cc459cd42e16f955dcb1a6a2b8b2a71b3a7e1bfa82816abf8c7d3688d53decbc480eaa3821cef557290284d9c504a63768852e15b39841ef3648f14c7edab006a30c7bd518f300df6ff307c0740150dddfdab1e408edb96b2e6ed612b0bc2fca570fa1813d86160a766fe6c11cdbc7a67014fa7645b4b1d3aad378bcce27aa4725ecf7675b2682cc5a15673136e7181ed5ef122017dc72df65af147dcb9ac702f8a6a2eb3f6824ba7db3c32fa4bfbf63dcd45e42a49b6edee22856fc2a43aeb6a3eea91dbd53a231b559ca7b38564853be3bdee7f820966faa916ed4fd335159328f8b727ba068b0ade0e11c9f2c2af4d5244f5d49f9c9f94105a6fe4c71112bcacf9c3dd2861d06cb3fa6b2159bc2028e513298b594ca7da60f4ed30edd7b066c23ca7d9b7d9555b47e687b43b7b5ca3210d939e34dd3d176d8b3d3d2f32f28518aa8b5169362fee4a4ede7d3d218db0ecc3de14789344df20188d907093bbf621fe67ab2a1f29221b2ec3b32cdb18345fc829005f4f81fc13ad0f5590742295812a7f2108cbbbc37387a7d4174592bf4f94f272306942e6c44b23e96d92911ef416b4159e81b19f267aad20c2aabf7fd285330cbf4c1bb8ac86493e0ef84de88eb7953fcf833e6cc5ebdd50b706050000001d24e9d3736ed66e28f75e6a1e2c9a4e2abba887b27815d2f5739fe5f8afe7240841337bfe7a69308186180fed5736fe3cbc2892cb991d0f4400d66952459c54a16448f06fd49995aa65501631d5c42e2abd8f0d890a6bbe49b384bfe27599afd536493981be5f7dbb15bfbc198fcd8ebfca182c53156742e237df31c1dca495e40cf030623a8a081e3bec3b8e5109ba05c0830ef00ff98a4419bae14762d8e0a790c1d517f1f683bb1712a6a0951f024a46efb5c2122460495fa0f4ebaae86286b8a626be2052874f947f18b0c2860ce681a33d5f4217415363fe7a6f8fca125742f03433988d88a5b8e2bf4f3079eb990b6e1ff381b7199717fb885f4f37351bf18bedbeeca351b7bfca5b791b91be0dcf8d169914c449829669e0577d1ebc4fa783d57e0c695cafae201014831a16d8fec47f22d9b79c2acc820f4dba9d1a2986731681ed1f8dd1e83bc2d491302d2f769e6b0bc470404930cad6511492b3adadc6f5073220590d1ce89a520b6d51d6903dd54360cd7047aed76e0a6cd3c3625e67b7c1636fd627aa48f1ee6dd567730c6ec19d1634f62a77f70c64736532455f0d2ae85003e7bb32f06b480a9f7fba5e6917305fd77e38f6936e49c1a3b2a07e242ccc2f9d629d7992937a035574b3efefd515096e30058cb60cc89d8565205f15e71d805ba5d1c4f7b971918ebd81611a574fc651bc8094f7f3aef8a3ebf95aef1c062ec66e288b1d1ee17ab75723bc46b031744a25cf055c1bc8b083313e38d0fd5d60e832ef28fbff4c93d2d2ed283575a486167c7158e08fe7094d23984bdf38cf6000db39c5d0f7db72325af909b18247d8fddd89eff8831c294d52194a11dae2339938a79ae903eb63bc6e5535796e1c0416cdad01e1493a3075930a0b3b50ad904ff760bec5c6406b10808bf13251df73b4d6fd149a378ac277ccbbfddd9536abdf5c7a8d29e128a290f0d56c9635540f4c9a3ff1d3e0e2b974b50497ebd690dc9393f8b3acfd1650627db8ab784233727f997dab536f1e993980a41f510fa0128d6bf2c8445ed1578b25a36e05f7170b9fbe8ca63e1b4a7235c27f56790c4dd38168ce26358d12b143e9dbae1d01406778250f1c77c80643016ffd4a7a6703b9c3dfa4e7b51fa1d59605d57c9712159eb34c306a988ac95eeb15c3225ccd022d2ccf5f31a81009d2a25891b83e60efe8f718d6c124202f108d23e5e6c89e269890bda8e5681315db361cdf30e4269f2cb530a188f26621a8b263f22bb385d779b3c4eebd16656451087457892e15074abb1c796f0b7f635b9496f3a17220716c449c11c0e82b67b8f1ee6a2709a20676f40f2751df3d74db503db6cb73c955ae1d6983da44de4d349004f3d9db4ba40124416a67bd18d1d9b3c1e4706ddbb2099a2ae16e99c144860d46ef66bc6844963c0563fe2cb8c4049dea32ce5656fbfec6d1aff7ef48bac92c932c9787d9e4cb0c78fc3d70f730c452c20d077b4d9ea304f1b8a2967b1e7af7f05fd35f84d633bf5095b1af53a506f6f61abc99186eba707843e9db2a18fc1c6c77dd79ab9353eaad6457245709acbe9cb381d4458eb5571fa4f4df069ae668b1df2c97f91271be5fc2040031c3980c7555af2d4186875ea4599c873ffaf47aa08c27a0580ceef6251dce4cfd6eb175a1bf36c1fd750826f4e14966e6f196b68da0a524baf86f49ce8c09430554b50a0b387c02ebd59fae9caa1054cba1304aa6732f3990ce6b7bca6b65237f0fc3c79a102e2989dcf3f884002f2efe83e25a3fb217c24c4f66e0973e7ca62483bb52c943ccfbf31324f2b7938de0555a54f47256c903ab65489906c382d7d1022f7f302b186d18b5775e042ba83b874793420a6d854aaec01e3c819d0b11b51558fb9c10b1e2ff96639fb119d90f80aa302c9a6420b4b1230d79fd1e8105259c4ebf9cc3f1eac67f15bcb9d49ae537084c96994ad08214ac07db663c1bbce6499b5665fb5a949ab3d65062467824a2065a9de2f1edc243e03ad38f0ef227519de50a3dc2e8f4a38538be5557c5de56d0110a0759fe96b0e66d20fcb6066995f77fba9c7468434a53892cf2b3f41d58e08bd2ea3b1da2a1178acf50249d77757353943cd126b511098230698782ca88d018381f233f4331d3980f72f30caf915a18794de1253734b89303f25826a80ddd75a9bdf14c6f01690833190872ca5431ab92ab3dca92595983b11de0076125059234720906641119dab9c96be9c10d60fb54267bda61fcb85a491df037cd563b229eea02cd192796d36803b04691d385471a5f68bb76afafe9df28f50dcabfefc8e2eb334bcace928b8eb8f6449116fb5a0fa4a0c51e21b8b1f99308d396db60418cb5385bdf6bce7227e514f6cbc9a9fc50b79e8b0530fd51b21679ea1c404dba52811b3c9487f670e622ac7b1ce8028eadbd882d4325663d8dc4f0960c047c5f3099c90c6256bc11e80200000000000000279a695f2828762f28ecacdc726aedf42064727ec100ffa74d38d47f383946b9f856e53cb939f98df1bb5af2a12810a619f205e030a302628ffb9b2cfcc2e881e239f33844a118a4de2a5c3d6b857c5105db775a61c5d54d1d82048670e8cd2c44a032904005125eb9f999e845efba3a063e3e26b06298f28799975b51118eece2b7fec02d4b888bfb90919bec287aba71296c66dcf749efa3abcddfccee6ef80d03a1638045f18fb96131cbd9a93e657c29eb74de40f433969e1988ac335bdd9c671b5b75ce6e2440be249975f9d597b4d8523c283e774ed0987e10b88e0c5616720502149db329babc91b225359927f88e0b42f02d41a4c9e0ad7c55a0d2c52cf45da6152c0c742f661b562c3a8ecff1145cac3f63fc053e1a14fe7a57742ab709581604fabe54ff13172b5049434d12f6ed9623265af643f725efea21e2ac1b82365033b9cff4158318f40c8894d2bcffdc954fcf7068c97ca2d2b1bf19b9232b918864e3f63fd59f4c8c578821ec5083e46363d9158451c5a92b425e68081b2c7572df44658a4aae41a439c6bb4bdd2f26ff2a357fa2946e5be5cd97ba25f73bbcc6c05fa966d0aa0cf2e45f22e0021468b37d5afebbfba3233e2cd4fd64e1578be72c38891224cd6c70c4cfd146df6a8142f1493772d48650f8fcbd1435ff704e02ec121e9f43de623eff8070f88a623cd395a02b6b1ffe4ea7ae7f443dc8bdac2cfaa126d4ac9d7788dc972c88fd87d3c8758853f1882532e4ff298b466e7d198daa9015127f2937544b34aaf545f39ee00d74e0e1017a30ff2edff701d53f3a13fc61b31fe7d9032a6c4a517c7527e48c0c44a2beebc9a9f9e6f989bc6c255e05bec5ff99547658143d9eb43a1d96aa5288638b4477aa1f84c59d41194335c09d9d5d660640acb24b53520482fb200ca616e1a6f486e6da3e6721479e85d0676ba142d95ecdf1acc76a49e9bf016f951d8b95adc7e8d4317ddbb28b678135a4a9b98fb8b8b5948b682ee70e04a31f7e3c49c52a11acbb29bd8152bbb4fedd2aae8e7ad5330365213d207677855e6cd72bf93502c14b11bd2f2d6e797efc2cc5bc198730e5cc51c92751ece5c167b3328a6deed4bd73c62623bb3874c9ef18e24997e3ac93b0ad9ca7ddd4c0401ec1b942cb21dfe6abfd3aefe2588ac1684bf6b37dc09d9b9d932d5534c707ef8fe0812a403e057d00955559ca3e0f7e70d3cdfab918b8d125061fd53374c97bd0c9d19e68bacb3db46974d36cb1c96b4475acaf4d46b88a578ed570ce09eb540f30cce4c3f853a9fd669ca36c36ff1f0432713f60e6d6bc789fdae7c7fcf4049e6166b63a12aaa3da6fc35d8783020ceb92f7f90082d4826735618905fc9fdbeb65990882ce130a7e5ebfcdc796ef293019925e80af5074bfed5f62833d9d98e324dd54e30e1d69a15e4beed5da9c6ec01a32978aa29cd26c5703a28e504e7c9264e0421718422b88ef90f6fb4e51c619f29b5fc2f600f88be036eaf28d7f5433715bd493ce55811901a59964f20ac0b06dc3a555eac123c40d3b397053501523a51e8b53a92bbd99ec3bdcd57904cfac3c0d7bcc6613b11a771d32f0f6c60c05449b42820c0a41f757ea1efebebb37f8ea567b2f7dcc4a67ebbdc00716a70f5fe255b9232e27ba05888e034fc50ac0934a43c84577183b83019008edbeb27546e8be7d8402a4c1852198c0e050b96129fd66247c39abff19338300fc3cbe20a395e5805d8cc64c2d87ba27264716e211ab023765e8d454b637aa1320cb18eb4a3dbfa94027a4d75a9a2cc784cbdc22694a8f7e97bd6cea5a4e26b538be9a9dde5637be2d386a85a79ed4df541ab7d0b1370d99d2cfd1f7bf1458bedd0a53f5e6972ee424ed08acb4b49db83cae427d315d1fea4e680258e73b3fc50fdb77692c8798bcda57ac0c34823d69a8ead14c41e9613813838ef80f63138cc9ba3a6b83dfc77b6aa1248678409bd96b64c0b625e88e33262fa0bbee94fec8f3bffedaf8b12d229d0f637848a1dba01892d80f5a5596d37ac1c9c54d32dec3ca56b49aa1157583074af418d0d95a5a46fc3c234814e377963dd4c9c8a5f7cc35aacc892afb9bcede477760688e06f0b2c5a702954f4532c715151eda02f78830129b2612de8fc62fb992d1ba52da164920eb1d1dbc7d1f8f16e31c763581f4c478cf7a84cf01ca904160475a1eabae393bcb852fd550374002bad1ba0827dadcf3f6a2354a3f8f67e6da4f567fe21f55cc34840e79f6af947561c79a141721f6da4625a20fb203f96bd1a3b7322a14a0ab4a38835e1f235f772a18643824cbb9f76664b1212c785055ae17e89f590fdb1b81535e1e3e8a726a9aaf67ae2a8e67eab8f32781bc21027cb1babd932d63bafe7faf48bc57820c5e32288583db4cf369a7fbb479e1e97ca67f63b1880fb33ccf2661d7af9041ea1afc0e90ee0b4b510d094268e4576584a17fcb21b3c3f68bf1e1c4748177cb4cab92df4c254e0d0759d507e5eb096861efcf1aa66805474e3bd32f7055a7d53d47f416d24a5ac7d5fc953206db3a012234d8693e0ff662457ddaf977eaf37d043c407a7ade1fa8eaf85b6e1b1456aec3064ee858742f4e22f2d6084e3881a4783b3a9086009202eb6eb77fc1ce2236d6384cbc62c7db9cecd2fdb06f328d49c066562cf1dee863d33b48288fbb1d4d5bcafcd1b6391879e670c7189bbebafe48214d6e2b405e36192e1067eb8d0363777a174e630467673ca968ea51476b0b8a04d598f6fc593d3f3267ab37e17831dab86a67aac3ec8336c5b6e9e416b1f46d0a9e8ec6c515d86e773baa409e2afae30ea1744f2bc777af11c42f2bf6177e95245c6d601f7cb7b589ccda76a2a314dab023da8128c667a0df682f5c7bbf842a2bb51d4d842cd09d02d67444e5d8ae1f3260c4ef2da5a1c4121fdd47e953d03ff6fea10e35db2c0c110704f513b9d1c57c9da80881ced16d92faf1be60471dc4d82529ea50fd6060be18e8e6deffb15e0a0df4e36117dc22d78bd43b3fedb24cba54c2f2e3bba015bc4c817f70fc1e8b21adb04a9d8c229e9ec178fee0f35d4f169bb7dadd14f46ddc13fc62da4e21e42270a4ed0d60b4034db31ee1e13c97d8d941b2627b255d4283cf0af9044a65765ba88dcb2010fae98a6aeb0a5605d8a904d1cfa0cf8fa67a9d29670a108f014a1b21862e20d4f0f3f0cb99c97f289c657dbd08237aba2f616804ebb0e71819fa46df1a018d8336b534391596cd24b0720dd8a95e5c74b9d047da1da93d653b2aa98e67a65c3868a0c464ad24d427c3c81b41f0b2fb78f6aecd5487c29f4fd871bec21f54d22b661eeed67c866cdf057d585beace568ed52a4399dfdcc8c9a80c94f3cb92f0974b9b33ed89008db33cf95220e03f3d28edd8b80991b0754010e7252392d1e846011defb6c46c73ee015bcb9b288f6903771af90ddd8c548eb6649efff32b0a2b36e743e46135e47fc65d1eb3f7a580104c22bbcc75ec041813cf2496a4793d17112f40333e3c874e0bcbcd889a6bb484e43632b2f9a628a461a2a5d58808b848751642b5c426c50fd82398894dc78c56ed1f0358b626cde2a0167dcb210c8ae2f6d9c95356331cf2a21ed0dfd5165bcac2681ce070f60ffffe69dd75836c4be0aa7f8630bf345a32d246c838552cbb35a6dfdb6ea54c4ecf0ad16990901b7a72280872fc807eda1de4fdce2c223fd089e0f0eac84c1e2980b9b5a032dd1294bd2eb49372f55b9b4cf4d3c1b14050bec1344d71a8316e173bd36f5917100de4dfedfff896517a04468006e5c632c8ad15521324f3abd72545b47df874a4a95d3bb30915ebcc3ed371528f89c7e943286a8cf4ff2cca3f3496ded16b139658bd5d3323ae9007b4dab665cd24e7888735de2cce7bc1b3af39a6d92d787dd237f8d72283f7aab1d99985f3783e5cb0661cadb552293f189f75e7f3fa933c775a27415a3ad22239986364ba7a582f2d9c31e7247aa8d44d5a7e8169fec65daaf62756b34dd307ebc7fbe8a8023aac1553fbf15b48a8ee3bd0c35c7ced684f667500ab2997aa75382475eb35888e72b30ad5aad3910c5ead6797f4182adce92dafc2073f1529ff5f1a42daf3c78e499039864e8e768fb11b33c0d7779e6128579d882761f9b21fcc0696da03eeb049c90b86da8dba548058f0caddb83ec9051a04f3133341e9a17a17b72ac20cd9e242fb383365f6a2f5c795087c7ee682555adadb7305bfe2886a57f3718f30f24b52d481aa35eb2c40417df5ea9d8af1b7b871ce37fb1c84402d269e3a01a5c9a00d3c7d6ff21c90d437066850ea92773288ba925294f9368b74fd1f3c4512ae8be2f86b73641507480f3db07634df10fca86bb4431664ade710d5a8894c368660c95f7a0b8ce5ffcdae136b5c8b4ed8c3b4cd9b71079dfd6d1501df9b7f1477b516f3cceecb2def619c05061502b253af7e3deccc839de56292c95a3912e809b100897a85705cf59af66e194143d13c12b6dc1a31cd15a74fe57666931e3fd6b75512d22f063c68576b1bd6a1ab6d7f4065447daee300b7d4fe330daeda866beb44eb8ed4041d0a36bfa49871e0623eb6f5d7b967e8f969985063e2fc4f4097c2a5189b10c1776713f78193c6e0e847025936b36eaa2e817ebb45c375f18350247f6586214a200f2f17536b52b8fa196d4a6a77317807075d130a77badf745a6076b1241e47942501cba893fd0db02545e49f559e9712a60ffce9f3154459c69984de49e11192266196497c81b7c5b45997c1369c8e8490b1a748985fd4c9ab8929d17a51c331dc160c8ae8d2961351ef103e3427299e4f28faff6ac1905be2814cb02511472c7232bd104ac438d846b4a727df2ed24364e061f157c2447e7d5265b1cd75797603e220a9d2e280868f3c2c56befbc6b1b1a07be1070b293adf324b3aee5140ef5f643c952726d9b770989b07f2cdea2e1d6951027e8b38f07b2547dd78aa85cc113b599ab168ef602e40fc097396341a8e5b97b59032110ddf114129feaed96e85237bb4bb886b287279b96234c18947ce7d2d5e92dd5c68829edd271bfccff21b87f6a061c9b43b51252add291c8f59be1a222d00fb7719664a8b89c452e78cf1d491a036107f0a521545fd96d2548735847e278065c196153028b91f59c7b70f9883f14cfb3343bb230f4af9bd51132cc62ee5459e34e77bb2983d30e65e65ab769fa0a0578bed01f33c76f4138208659a97fbbf380f1321336c14d21012f3cc4ee2101d42321f0123d51377e319e4ff4551f7f83ca62ff9448a28b6134da582f609be7dea5d70370772ef2552f12e97cf390ee2697022168d622ae0c813d86a43c25c758162ab0aadf25c84c790fb32a459997068be01325e473871cb024ff030070434d197558b8df442e1d2ad0c7b33fe021fa6cd57b7477dd76c6a802ddf405e909d48d23321e986d791b44d32d417d63638246fcdd661e6a1453d1411ec85fa0b750354aecdd4f4b90a420d2d4f67c514f15a8fe590735f660dc5eaa7f2873c7841edaf2c0d46a92fc07c6cd22fc978f74bac72e468d96ba370fb88f9a629d4de0a8a83d43c1949aae33fe24859c1bbf8663adc6936e305cf9c56aacc84e7515caf18d0d049bec2f0a484b75a8c2c23abbca66b039a52e606f08df0a3cdd2dc6449e84ce463206d2878de0e4d0f438764a0fe360e95494e9e61581001785b081254971197024460a68ec029052f2d8841dac7e714798027696067e739cd1525df28ac9514c02e25f8ea1146e356fc5941e4661cd244dccee4a1450e4334a20cb572b842d44a8431abf4d5bb82ac6b78ce3c6d394e5969c6fe8216805f6e2db2889f27849e0dd26a5a387958a36c833a8b3d861033c00ffef267e4b09350ca1b819d5c83025e4ad69328970db92520e6ce569d5632caeb6dc42c8f6f8759256ad9c1ffe8c30a92b795bf00544714c957d5d982a4e91ec7a30dfdcacbd41ceb61f208e5442f7f7ce19ba2f0dddf50020ed1c271afe5007277e2496c3bc7f3101d6fa7f0ea2627a99de0c441a11c6afbb721037dcfc897fc5d9e0ed644b9c3aee328bc2beb3801d2bf43b1e360759c1056c74a63aa33cb6e5933b7a0b4f654113ea5830de7e8374e939e4c794be77f1f0c1e1bcedc8f584a56db0c38b6c8da60bad62b41d754d9b6cbf3379374a6126db0ef1ee2da5862acaf117408ad26c66ec8ee4f9f1844fb4cc64bc61212b303c7c622f05d29b7fd540bdc253bc948d373886e5cd4dc9bc1b551dfc514f12cc64ecc3b276ab43a4adc2142fea9c5ecf983b0841729d1771b51c2ff787ac2439f305ca3fe31cdbe24f034fcd3d41141cc0ed5cdd82e3171be1381ad4f0bf81b3be200524c98cad5a3dee3ee618c97d0678c7b4fbf729dbc2baaa2385fb63e6b906b08681c19d55200924c0edb4c3b48463fd9c2ac86510ce1e0a641def11e9e7b7fa74a629895221b06a15c995cafe55dee6c06e01b34f4f18e5ffeb76ffb412277bdfa4cee10823a1e55832c3d1d19ba5b84560668b33fafc672cfba1a85c60c61c45bd562506d9d28542c4b4795ed011a8005862f7add9dc2533dd29d0ddd534eb0a3b537b391c423b527b3ae4ce0c829a6efcf8671e9e5224df6ed6c1f20452cb46cd578a620788f9af325d45825ced3043ef3693ffebf7b881518ba2c71587251edf150772ae1e24f0015f9d9307151b8fbcb83d0da908f4b6c762b777dc406991353e962f181bc06e892ff9e49e557639dafd09b291f79720b866e46bcf14d5bd1ed15a468a8996ecec8ce3d9890fb45c96804dddfe5b7280c0e30934f129e14b344506f70d484eea40baac63b89dc71b030a6c8149ffca2434c773bffe76bbf2e778f0034666970a96bf336ee5240e765ea3715382bd8fe19c5ce5a8814717d87d4d6304a3b0d6581a6fed44975ef8a8186c19a513f5c6c0610acbd31fd58e2cb683162464cf7f50ade879461ee91f433b09d1febe058c101a0ff96cbffd547c2beab15ca343cfe592ea435f980ff03e0aeadcc80d64383d287997a6a937fc22221cec2a1aa6e8dfc1dc6e0f2e02060a18c09957376a72e165728acddf73873a958f43bcd2e9c6c71a83f744bf14c75f5e8308523a7d39bcbfd832c6597b2928b07630ae50540bb71b44b5b4040a1d172fabe8dbfb96a99e7498b12dcc8ed9e43fb36c202d019b4fbe11f715f5de76bede175c22d8355323eb004c5021d892fbe48fa7b6bf382eb03d0e447a38c63bb7fa1154c2cdf08a1cf5fa95ec75a5aa9037ebf8916cb78e6da650016a0c7ed34290e25e2122be24e4373c49c4fc81c39ec1a1ce4b658e1b80562bf911a1f6a5fc2e69d2554d4abf5ad79d9c9b7d9ac8c4122c11f590a35dcee3fbe185027832b4e2a71ebc591a60bb874b36b415b455bd942fe1a69a92b70ce1a1c867c85138449529cab5f63feab609a2ba3344191c416d8409b59962bcee1c4a40874069e28432fcade20f07c9259dec75fb978a6b84b6e8f50fdb341c7c19f55a8fa389cf085f44661c9618d56d32be0bdb3b2928fc2c372e86ea109afaee022bb832e80e869c7cb1053921b862b27599d3665f7fabfd6436743ea893ec43e4e4daa598127df8ee3249be4668d717117a038f0e734a894457df4c64dd76a9d9d42efc29f2311085c9e6fcef385f40af94f283edca078797e96b79719875aed3900252c3acc6a92e23083b3fa24057d9ebf7886df99d652e7d18cbd445560a0afc81bf7c011777837f94b32094fa1bc99472cc2a40bff245abb27d3f628b1b649fd00", 0x2000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f0000002600)=[{0x0}], 0x1}}], 0x1, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="15000000652f80ecd0fdc2d445463f66bcf1ff"], 0x15)
r2 = dup(r1)
open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache'])
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22)

5.965594934s ago: executing program 2 (id=361):
socket$alg(0x26, 0x5, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x2dd}, 0x0, 0x0)
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, 0x0, 0x40000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000000abc0)=""/102392, 0x18ff8)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = memfd_create(&(0x7f0000002180)='\xa3\xcb\x04=\x827\xe7\x81S\bD\xd8K| \x8b\xdb\xb1\x03\xd0\x9d2\x9es\x19_=#n_\xeb\xbdR\xfd`U\xa7k\xd0\xd8\xd2\xc0\x91\xc1\x98#\r\xa7\x16\xfd@\xd7V*^\xcf\x9f\b1\xce3\vN\xa6\x01\xb5\xb5\xba\xdc\xc8\xda\xd2\apY\vu\x80\xa9\x14X\xcf!\xd3W\'\xb44#\xf6\x7fHS\xa6l\x17\x97\x80\xea\xc5+T\xe3\"\xda\x14\xfe,\xf3\\\xeb\x1cp\xd6\xc1\b\xec\xe1\x94\xdf\xdb\xa1\xf7=B\xb2\x94o\xd5{\xd2_\x93\xa1)\xdem\'H\\e\x8bu\xbcVw\xaeb\xa1b\xb1\xc1\f\x9f0\x93\x0f\x16,\xeb!Z\xa9\\\xf7B\xf8L\x05\xc7\xf7q\x9d_\xb4\xbb3i[t\xb6\xbc\x824\x7f\xd7\xb7 \xd4\x7fUE\xcb7\xe3\xb4\xb6\xa0\xd8\x1b\a8\xfe$\xa1\x12&\xb2\xfc\xfb\x12U\xb9u\xb4=\xa5\x9e\x1f`\x05q5\xee\xde\xdf\xba\xc4\xc5q\x8bk\xf1\x9c\xc3\xa4w\xf9!^#\x8c', 0x4)
ftruncate(r4, 0x200000)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x801, 0xfffffffc, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x4008040)
fsopen(0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)

5.139495645s ago: executing program 4 (id=362):
socket$alg(0x26, 0x5, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r0, &(0x7f0000000100)={0x1d, 0x0, 0x2, {0x0, 0xf0, 0x3}}, 0x18)

4.508913549s ago: executing program 2 (id=363):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xb, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
mount(0x0, 0x0, &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00'}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001e00010a030000000000009b2d"], 0x28}}, 0x0)

4.452013492s ago: executing program 1 (id=364):
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x13)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
syz_emit_ethernet(0x75, &(0x7f0000000300)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
r2 = socket(0x10, 0x5, 0x3ff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
sendmsg$SEG6_CMD_SET_TUNSRC(r2, 0x0, 0x240048d5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x169a82, 0x18c)
ioctl$PTP_SYS_OFFSET(0xffffffffffffffff, 0xc0403d08, 0xffffffffffffffff)
set_mempolicy(0x8006, 0x0, 0x5)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
syslog(0x2, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000300)={r4, 0x11, "a5e49c655b78596116de78f9bc1fb4a7c5"}, &(0x7f0000000340)=0x19)
write(r0, &(0x7f0000000000)="2e000300010000", 0x7)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0})

4.432950145s ago: executing program 3 (id=365):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x84, 0x8, 0x7fff7ffc}]})
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000000)={{0x80}, 'port0\x00', 0x72, 0x118fc, 0x402, 0x10000005, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
read(r0, 0x0, 0x1b)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, 0x0)

4.360339764s ago: executing program 4 (id=366):
socket$netlink(0x10, 0x3, 0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r0 = eventfd2(0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x2, 0x80805, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0)
syz_usb_connect(0x6, 0xffffffffffffff80, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x3f, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0xfffffffffffffffd, 0x0, 0x1, r0, 0x3})
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r7 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r7)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r8, &(0x7f00000000c0)=""/41, 0x29)
getdents64(r8, &(0x7f0000000f80)=""/4096, 0x1000)
syz_open_dev$tty20(0xc, 0x4, 0x0)

4.175137789s ago: executing program 3 (id=367):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x6, 0x0, 0x0, 0x0, 0x73, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x70)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_TX_TS(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r2, 0x1, 0x70ad2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=@bridge_dellink={0x24, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r7, 0x0, 0x20}, [@IFLA_AF_SPEC={0x4}]}, 0x24}}, 0x488c2)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r8 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r8, 0x40045010, &(0x7f0000000000))
read$dsp(r8, &(0x7f0000000000)=""/156, 0x9c)
r9 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r10 = dup(r9)
write$6lowpan_enable(r10, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r13, @ANYBLOB="040013000600b500c9020000060012000000fb8c0a000600ffffffffffff00001c0081"], 0x60}}, 0x0)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r10, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000f40)={0x480, r11, 0x8, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x8, 0x1d}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_FRAME={0x43a, 0x33, @data_frame={@msdu=@type10={{0x0, 0x2, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x40}, @from_mac=@device_b, @device_b, @broadcast, {0x6, 0xc}, "", @value={0x0, 0x1, 0x3, 0x0, 0x1}}, @a_msdu=[{@device_b, @device_a, 0xce, "30aee792837204ddadf6f5dbda508eeb7da40622dd1b0a91d8fee68fcec16411b88229413f05e10142c11e086d43cd91a426520c9b27fc5cdea38368581dd779bbde346df371beefd8c2e6760b491c605118e3936aad3b3e15e4856da726047a59d1c0931edba4ff9fc3b5fc6f67c5690bcb73e8bb3148db7ec2c472612a51471943ff8c8c7513bfb1cfe0ba04b1a528091c25bd4fdda676462e2c740ee462517a68a520cff2513ad5fd30c0df701ab47c9950c6db61ad0791daef75e18f0cc033623a1e5bc2f5aa23debb599e92"}, {@broadcast, @device_b, 0xe4, "a8319e27b7988d76304ee77df7f497cfa9b869264ceeed1e177890b0489b9dddfee266ecf08478c45c9d32446da1c1b37054be8a8b12dcf048403e3111e4b7d752f160b1f603c697ea3a16fcf7df16ce8668cbb4db95ed196e57d52bc1ea1af9e24c690b19bedf51f5bde4a5e90e95b23a89f2614f658ecae5a850d625bd8e649b74b9efca359e20ff0bb7bc0de20d8aaffebd26289b5fce2ae081a011f7390288cc4c989e50356cf00f3a9d3ca0ac67849269c95ac0bf36f58395c763bb3e066bb955eb174c2b4ebd1e42c1de812e77b771eed7c3b3528e66412f0a2bd7c4b03ec06e70"}, {@device_a, @device_a, 0xfe, "3919a73e06bb53315da5f394fc761ca2806e3a689a7c3c26c936331c511cfab14c4bb2608e63376d0ebb38894ad8d16aeaa7334db239cd3d562c8708cf3acf66b0f2462a09406a40ae8559ebec494aa816543e2ec0127e661b6da69414866838d198aac58d8bb630929eca4d099988c2ef1f5f2636731c23a1385813af83bf7749e2edb03c3d3e365ea280e4f38f8eba9a974911100ef738b272c59a3b86fd83272e301e06d3a520e70e78979cc02b7afb4f9aa33ab1e83068ca084ffe2682ee9deb45925894207a428ead4eda5f6f3dda33ddcb4262f3b902ab8ec5a8fe44278f125a0e8242f0acf9dd7745c4da33a259063aa312f665c2e165ac2deca7"}, {@device_a, @broadcast, 0x45, "a963fd9858cf19656d0f9d98f96da1de1149d22f3cec8eeecf13be3a8f04aac08282dd7bc8b23f4af3ce20fdb4b6fdf0db69ab89f4bceb62aed079044578cf0984c71adfee"}, {@broadcast, @device_b, 0xde, "cc6b9045200cfaa6a391301b0f32617cc638bf8aa661ff62224d9cc1de6351b7f242c2d66424a662e9705f6130c682e59710b810d69d571ace43c5db0a5ea4029da2d6efda92354bd91a3d19c58e71696c53eb57ccdbb7b3d1c1688c70fd51ac187646c366604102beabf81247bf6f9a635815b4114b9183507f6f99347fe4e5ec40f1457217067c738e03c6ab99c60cbab065fbbed9c6dad8142d43f50ddd2b36c929d0e0e980cc10a68c20b3cc417a62fb33ae11c348851f8114c09f8bd4c94b7663a1b82d57a19dff21241bb104be450a8809a83e1ab1f63ab3ce5558"}]}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x480}, 0x1, 0x0, 0x0, 0x4801}, 0x20000001)

3.845495403s ago: executing program 2 (id=368):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={0xffffffffffffffff}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
setsockopt$netrom_NETROM_T4(0xffffffffffffffff, 0x103, 0x6, &(0x7f0000000040)=0x3, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6(0xa, 0x3, 0xff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x25dfdbf9, {}, [{0x74, 0x1, [@m_gact={0x70, 0x3, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1da0, 0x2}}, @TCA_GACT_PARMS={0x18, 0x2, {0x0, 0xfb, 0x3, 0xffff, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8, 0xc018, 0x10000000, 0x6, 0x9}}]}, {0x6, 0x6, "4d94"}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x88}}, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000000000), 0x4)
setsockopt$inet6_int(r3, 0x29, 0x16, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
r7 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip6_tables_matches\x00')
preadv(r7, &(0x7f0000000180)=[{&(0x7f0000000400)=""/135, 0x87}], 0x1, 0x111, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7}, &(0x7f0000000280), &(0x7f0000000340)=r1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x1200, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x44}, 0x1, 0x0, 0x0, 0x200488c0}, 0x0)

3.62466199s ago: executing program 1 (id=369):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x80000000006, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x1, @pix={0x0, 0x0, 0x32314742}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
pwritev(r2, &(0x7f0000000380)=[{&(0x7f0000000140)="c021", 0x2}], 0x1, 0x1, 0x2)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x29, 0x0, 0x0, 0x1000004}]}, 0x8)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000400)=ANY=[], 0xa)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000580)=[@text64={0x40, &(0x7f0000000500)="c403614c6d077fb805000000b9003000000f01c1b96d0a0000b80e000000ba000000000f30460f009800000080dab4f8020000000fc75c35f0c462412f24fc460f183a0f35f30f09", 0x48}], 0x1, 0x4e, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r8, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0)
sendto$packet(r6, &(0x7f0000000480)="7eeb99b6f78c67515ea2f0d01d76", 0xac, 0x94, &(0x7f0000000140)={0x11, 0x86dd, r8, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})

2.493481614s ago: executing program 2 (id=370):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x20000000000001c9, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff})
syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x18}, 0x0, 0x20040000})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
unshare(0x6a040000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
sendto$inet6(r6, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r6, 0x604ab000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)

2.442357722s ago: executing program 3 (id=371):
r0 = ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000080)={0xffffffffffffffff, 0x1, 0x0, 0x4000})
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix_mp={0x8e0, 0xffff8000, 0x3136564e, 0x2, 0x3, [{0x2, 0x6}, {0xc00, 0x3ff}, {0x3, 0x5de3}, {0x14, 0xfff}, {0x9, 0x4000069a}, {0x7, 0x7f}, {0x81, 0x5}, {0x82, 0x17}], 0x7b, 0x2, 0x8, 0x2, 0x4}})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280), 0x0)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, &(0x7f00000000c0)=0x3ff, 0x80b, 0x2)
mbind(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x6, &(0x7f00000002c0)=0x5, 0x4, 0x5)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x20343059, 0x0, 0x400000, 0x0, 0x0, 0xfffffffc}})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYRES16=0x0], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r6}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000940)=@generic={0x0, r5}, 0x18)
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSNLIST(r7, 0x8010640b, &(0x7f0000000000)={0x2, &(0x7f00000004c0)=[{0x2000000, 0x0, 0x0, 0x9, 0x3}, {0xa000006, 0x0, 0x0, 0x8, 0xffff}]})
r8 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x11b000, 0x8)
fchown(r8, 0xffffffffffffffff, 0x0)

1.040870632s ago: executing program 0 (id=372):
timerfd_create(0x7, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
modify_ldt$write(0x1, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsopen(0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup(0x100012e4, &(0x7f00000001c0)={0x0, 0xdeae, 0x10, 0x3, 0x3d1})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0x3d}, 0x4e20, 0x3, 'dh\x00', 0x1, 0x800002, 0x6e}, 0x2c)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x100, 0x77}, {@private=0xa010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e20, 0x2, 0xc8, 0x80012d58, 0x12d5c}}, 0x44)

616.2µs ago: executing program 2 (id=373):
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
write$P9_RCREATE(r0, &(0x7f00000001c0)={0x18, 0x73, 0x2, {{0x80, 0x3, 0x1}, 0xf}}, 0x18)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$sock_int(r1, 0x1, 0x5, &(0x7f0000000140)=0x3, 0x4)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, 0x0, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r3, 0xc02c5638, &(0x7f0000000000))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x0, 0x5, 0x1}}, 0x20)
close_range(r5, r5, 0x0)
syz_open_dev$vim2m(&(0x7f00000003c0), 0xf, 0x2)
r6 = dup(r5)
read$FUSE(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000edffff1f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000002b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
r8 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, &(0x7f0000000200)={'pcl726\x00', [0x4f0, 0x20, 0x2, 0x6, 0x6, 0x1ff, 0x0, 0x9, 0xd7, 0x7, 0x3, 0x8, 0xfffffffe, 0xf408, 0x3, 0x0, 0xa, 0x5, 0x4, 0x8, 0x79b, 0x35, 0x9, 0xa7b1, 0x0, 0x9, 0x7, 0xf7f, 0x4d, 0x9, 0x7]})

0s ago: executing program 0 (id=374):
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000)=<r0=>0x0, &(0x7f0000000040)=0xfffffffffffffee0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a02fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407030000000000001d440000000000006b0a04fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'sit0\x00', r0, 0x20, 0x8, 0x95, 0x6, {{0xd, 0x4, 0x2, 0x6, 0x34, 0x64, 0x0, 0x4, 0x29, 0x0, @empty, @multicast1, {[@ssrr={0x89, 0x17, 0x80, [@dev={0xac, 0x14, 0x14, 0x22}, @remote, @empty, @local, @broadcast]}, @timestamp={0x44, 0x8, 0x7e, 0x0, 0x6, [0x2]}, @end]}}}}})
socket$can_bcm(0x1d, 0x2, 0x2)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
syz_io_uring_setup(0x49b, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x7, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x3416, 0x13100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x2def, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xcad, 0x400, 0xffffffff, 0x40000333}, &(0x7f0000000140)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r7, 0x847ba, 0x0, 0xe, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.63' (ED25519) to the list of known hosts.
[   82.060721][ T5826] cgroup: Unknown subsys name 'net'
[   82.201559][ T5826] cgroup: Unknown subsys name 'cpuset'
[   82.210825][ T5826] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   83.837394][ T5826] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.372735][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.381351][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.389681][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.398111][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.406050][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.574061][ T5159] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   86.598659][ T5159] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   86.614679][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   86.623038][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.642060][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.688128][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.718562][ T5854] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.726993][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.742355][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   86.748646][ T5854] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   86.758576][ T5854] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   86.766196][ T5854] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   86.766501][ T5852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   86.781107][ T5854] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   86.781202][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   86.796678][ T5854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   86.798644][ T5852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   86.811968][ T5852] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   86.824588][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   86.849101][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   86.946243][ T5836] chnl_net:caif_netlink_parms(): no params data found
[   87.353342][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.361501][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.369668][ T5836] bridge_slave_0: entered allmulticast mode
[   87.377469][ T5836] bridge_slave_0: entered promiscuous mode
[   87.432051][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.439585][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.446719][ T5836] bridge_slave_1: entered allmulticast mode
[   87.454352][ T5836] bridge_slave_1: entered promiscuous mode
[   87.567624][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.625023][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.730435][ T5836] team0: Port device team_slave_0 added
[   87.767983][ T5836] team0: Port device team_slave_1 added
[   87.778571][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   87.861864][ T5844] chnl_net:caif_netlink_parms(): no params data found
[   87.922756][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.930531][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.956559][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.970314][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.977305][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.003414][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.014575][ T5841] chnl_net:caif_netlink_parms(): no params data found
[   88.161287][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   88.256238][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.263783][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.271080][ T5842] bridge_slave_0: entered allmulticast mode
[   88.278817][ T5842] bridge_slave_0: entered promiscuous mode
[   88.317093][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.324401][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.331841][ T5844] bridge_slave_0: entered allmulticast mode
[   88.339110][ T5844] bridge_slave_0: entered promiscuous mode
[   88.353550][ T5836] hsr_slave_0: entered promiscuous mode
[   88.359932][ T5836] hsr_slave_1: entered promiscuous mode
[   88.366805][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.374139][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.381547][ T5842] bridge_slave_1: entered allmulticast mode
[   88.389564][ T5842] bridge_slave_1: entered promiscuous mode
[   88.419564][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.426735][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.434042][ T5844] bridge_slave_1: entered allmulticast mode
[   88.442113][ T5844] bridge_slave_1: entered promiscuous mode
[   88.468480][ T5847] Bluetooth: hci0: command tx timeout
[   88.541892][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.554584][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.569646][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.594976][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.602568][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.609903][ T5841] bridge_slave_0: entered allmulticast mode
[   88.616980][ T5841] bridge_slave_0: entered promiscuous mode
[   88.635803][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.663351][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.670593][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.677891][ T5841] bridge_slave_1: entered allmulticast mode
[   88.686344][ T5841] bridge_slave_1: entered promiscuous mode
[   88.788069][ T5847] Bluetooth: hci2: command tx timeout
[   88.802628][ T5842] team0: Port device team_slave_0 added
[   88.812698][ T5842] team0: Port device team_slave_1 added
[   88.835607][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.858687][ T5844] team0: Port device team_slave_0 added
[   88.868349][   T51] Bluetooth: hci3: command tx timeout
[   88.874006][   T51] Bluetooth: hci4: command tx timeout
[   88.880013][ T5847] Bluetooth: hci1: command tx timeout
[   88.900131][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.908159][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.915329][ T5848] bridge_slave_0: entered allmulticast mode
[   88.923258][ T5848] bridge_slave_0: entered promiscuous mode
[   88.933003][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.963073][ T5844] team0: Port device team_slave_1 added
[   88.984997][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.992539][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.019148][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.033450][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.040760][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.066903][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.080933][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.088158][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.095293][ T5848] bridge_slave_1: entered allmulticast mode
[   89.103184][ T5848] bridge_slave_1: entered promiscuous mode
[   89.167440][ T5841] team0: Port device team_slave_0 added
[   89.182932][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.190216][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.217785][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.231105][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.238738][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.265600][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.303041][ T5841] team0: Port device team_slave_1 added
[   89.346787][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.382243][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.389880][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.416470][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.430386][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.437362][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.463614][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.486383][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.562718][ T5842] hsr_slave_0: entered promiscuous mode
[   89.569375][ T5842] hsr_slave_1: entered promiscuous mode
[   89.575384][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.583330][ T5842] Cannot create hsr debugfs directory
[   89.663216][ T5844] hsr_slave_0: entered promiscuous mode
[   89.669708][ T5844] hsr_slave_1: entered promiscuous mode
[   89.675801][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.683748][ T5844] Cannot create hsr debugfs directory
[   89.692812][ T5848] team0: Port device team_slave_0 added
[   89.754144][ T5848] team0: Port device team_slave_1 added
[   89.798802][ T5841] hsr_slave_0: entered promiscuous mode
[   89.805149][ T5841] hsr_slave_1: entered promiscuous mode
[   89.811729][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.820239][ T5841] Cannot create hsr debugfs directory
[   89.847371][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.854501][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.881580][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.925394][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.932550][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.959717][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.143739][ T5848] hsr_slave_0: entered promiscuous mode
[   90.151134][ T5848] hsr_slave_1: entered promiscuous mode
[   90.157235][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.165288][ T5848] Cannot create hsr debugfs directory
[   90.294539][ T5836] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   90.354356][ T5836] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   90.379723][ T5836] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   90.396158][ T5836] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   90.548292][ T5847] Bluetooth: hci0: command tx timeout
[   90.589968][ T5842] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   90.607392][ T5842] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   90.637235][ T5842] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   90.647327][ T5842] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   90.741467][ T5844] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   90.774003][ T5844] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   90.784813][ T5844] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   90.797607][ T5844] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   90.869706][ T5841] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   90.878559][ T5847] Bluetooth: hci2: command tx timeout
[   90.889791][ T5841] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.901346][ T5841] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.916085][ T5841] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.948564][   T51] Bluetooth: hci4: command tx timeout
[   90.954059][ T5852] Bluetooth: hci3: command tx timeout
[   90.960818][ T5847] Bluetooth: hci1: command tx timeout
[   91.054995][ T5848] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   91.091908][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.099276][ T5848] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   91.119308][ T5848] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   91.146987][ T5848] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   91.254257][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[   91.295998][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.310157][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.317336][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.339681][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.346835][ T2988] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.380866][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.415392][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   91.470730][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.477957][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.500405][ T2964] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.507622][ T2964] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.525243][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.541906][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[   91.585480][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.592687][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.606038][ T2964] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.613181][ T2964] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.643024][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   91.664962][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.672197][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.753373][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.785825][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.793069][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.913097][ T1224] cfg80211: failed to load regulatory.db
[   91.924549][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   92.000300][ T2988] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.007461][ T2988] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.046160][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.053415][ T2988] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.170733][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.627950][ T5847] Bluetooth: hci0: command tx timeout
[   92.653761][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.752919][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.931276][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.949834][ T5847] Bluetooth: hci2: command tx timeout
[   92.978378][ T5842] veth0_vlan: entered promiscuous mode
[   92.992874][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.013008][ T5844] veth0_vlan: entered promiscuous mode
[   93.029513][ T5847] Bluetooth: hci1: command tx timeout
[   93.034962][ T5847] Bluetooth: hci4: command tx timeout
[   93.037850][   T51] Bluetooth: hci3: command tx timeout
[   93.040853][ T5842] veth1_vlan: entered promiscuous mode
[   93.080241][ T5844] veth1_vlan: entered promiscuous mode
[   93.143234][ T5836] veth0_vlan: entered promiscuous mode
[   93.189438][ T5842] veth0_macvtap: entered promiscuous mode
[   93.196649][ T5836] veth1_vlan: entered promiscuous mode
[   93.229184][ T5844] veth0_macvtap: entered promiscuous mode
[   93.239033][ T5841] veth0_vlan: entered promiscuous mode
[   93.245609][ T5842] veth1_macvtap: entered promiscuous mode
[   93.261484][ T5844] veth1_macvtap: entered promiscuous mode
[   93.290097][ T5848] veth0_vlan: entered promiscuous mode
[   93.310289][ T5841] veth1_vlan: entered promiscuous mode
[   93.333433][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.357167][ T5848] veth1_vlan: entered promiscuous mode
[   93.379439][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.395634][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.420824][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.434708][ T5842] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.451412][ T5842] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.461067][ T5842] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.470012][ T5842] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.487534][ T5836] veth0_macvtap: entered promiscuous mode
[   93.495718][ T5844] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.508220][ T5844] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.516950][ T5844] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.526889][ T5844] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.559833][ T5841] veth0_macvtap: entered promiscuous mode
[   93.572406][ T5836] veth1_macvtap: entered promiscuous mode
[   93.585020][ T5841] veth1_macvtap: entered promiscuous mode
[   93.609521][ T5848] veth0_macvtap: entered promiscuous mode
[   93.651479][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.662328][ T5848] veth1_macvtap: entered promiscuous mode
[   93.685581][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.725570][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.747082][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.759908][ T5836] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.771635][ T5836] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.780977][ T5836] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.789793][ T5836] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.810445][ T5841] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.824525][ T5841] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.834447][ T5841] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.843917][ T5841] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.924877][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.935991][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.945804][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.993251][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.023702][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.036264][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.052364][ T5848] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.061746][ T5848] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.072452][ T5848] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.081338][ T5848] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.138662][ T3029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.146584][ T3029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.182518][ T2952] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.213837][ T2952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.274069][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   94.311274][ T3010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.320592][ T3010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.515830][ T3010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.549765][ T2952] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.566479][ T3010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.588032][ T2952] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.672073][ T5962] mmap: syz.3.4 (5962) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   94.709249][   T51] Bluetooth: hci0: command tx timeout
[   94.722063][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.730525][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.739377][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.748791][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.768029][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.858375][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.881137][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.967218][ T3010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.999313][ T3010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.029922][   T51] Bluetooth: hci2: command tx timeout
[   95.068821][ T5968] Zero length message leads to an empty skb
[   95.079539][ T5968] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.108701][   T51] Bluetooth: hci3: command tx timeout
[   95.109908][ T5847] Bluetooth: hci4: command tx timeout
[   95.114473][   T51] Bluetooth: hci1: command tx timeout
[   95.275447][ T5971] syz.3.8: attempt to access beyond end of device
[   95.275447][ T5971] nbd3: rw=0, sector=64, nr_sectors = 1 limit=0
[   95.379383][ T5974] netlink: 14 bytes leftover after parsing attributes in process `syz.3.8'.
[   95.402204][ T5971] syz.3.8: attempt to access beyond end of device
[   95.402204][ T5971] nbd3: rw=0, sector=256, nr_sectors = 1 limit=0
[   95.466261][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   95.723524][ T5971] syz.3.8: attempt to access beyond end of device
[   95.723524][ T5971] nbd3: rw=0, sector=512, nr_sectors = 1 limit=0
[   95.725006][ T5964] comedi comedi3: reset error (fatal)
[   95.737351][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   96.601776][ T5982] FAULT_INJECTION: forcing a failure.
[   96.601776][ T5982] name failslab, interval 1, probability 0, space 0, times 1
[   96.614540][ T5982] CPU: 1 UID: 0 PID: 5982 Comm: syz.2.3 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[   96.614566][ T5982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.614577][ T5982] Call Trace:
[   96.614585][ T5982]  <TASK>
[   96.614594][ T5982]  dump_stack_lvl+0x189/0x250
[   96.614620][ T5982]  ? __pfx____ratelimit+0x10/0x10
[   96.614649][ T5982]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.614669][ T5982]  ? __pfx__printk+0x10/0x10
[   96.614701][ T5982]  ? ref_tracker_alloc+0x318/0x460
[   96.614732][ T5982]  should_fail_ex+0x414/0x560
[   96.614763][ T5982]  should_failslab+0xa8/0x100
[   96.614792][ T5982]  kmem_cache_alloc_noprof+0x73/0x3c0
[   96.614817][ T5982]  ? skb_clone+0x212/0x3a0
[   96.614846][ T5982]  skb_clone+0x212/0x3a0
[   96.614874][ T5982]  __netlink_deliver_tap+0x404/0x850
[   96.614911][ T5982]  ? netlink_deliver_tap+0x2e/0x1b0
[   96.614934][ T5982]  netlink_deliver_tap+0x19c/0x1b0
[   96.614957][ T5982]  netlink_unicast+0x72f/0x8d0
[   96.614990][ T5982]  netlink_sendmsg+0x805/0xb30
[   96.615023][ T5982]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.615055][ T5982]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   96.615088][ T5982]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.615111][ T5982]  __sock_sendmsg+0x219/0x270
[   96.615143][ T5982]  ____sys_sendmsg+0x505/0x830
[   96.615173][ T5982]  ? __pfx_____sys_sendmsg+0x10/0x10
[   96.615207][ T5982]  ? import_iovec+0x74/0xa0
[   96.615233][ T5982]  ___sys_sendmsg+0x21f/0x2a0
[   96.615259][ T5982]  ? __pfx____sys_sendmsg+0x10/0x10
[   96.615326][ T5982]  ? __fget_files+0x2a/0x420
[   96.615342][ T5982]  ? __fget_files+0x3a0/0x420
[   96.615373][ T5982]  __x64_sys_sendmsg+0x19b/0x260
[   96.615399][ T5982]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   96.615434][ T5982]  ? __pfx_ksys_write+0x10/0x10
[   96.615456][ T5982]  ? rcu_is_watching+0x15/0xb0
[   96.615483][ T5982]  ? do_syscall_64+0xbe/0x3b0
[   96.615513][ T5982]  do_syscall_64+0xfa/0x3b0
[   96.615529][ T5982]  ? lockdep_hardirqs_on+0x9c/0x150
[   96.615555][ T5982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.615573][ T5982]  ? clear_bhb_loop+0x60/0xb0
[   96.615596][ T5982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.615614][ T5982] RIP: 0033:0x7fcc8358e929
[   96.615632][ T5982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.615648][ T5982] RSP: 002b:00007fcc813f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.615669][ T5982] RAX: ffffffffffffffda RBX: 00007fcc837b6080 RCX: 00007fcc8358e929
[   96.615682][ T5982] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000006
[   96.615694][ T5982] RBP: 00007fcc813f6090 R08: 0000000000000000 R09: 0000000000000000
[   96.615705][ T5982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.615715][ T5982] R13: 0000000000000000 R14: 00007fcc837b6080 R15: 00007ffe168c7508
[   96.615746][ T5982]  </TASK>
[   97.219190][ T5971] syz.3.8: attempt to access beyond end of device
[   97.219190][ T5971] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0
[   97.244217][ T5971] syz.3.8: attempt to access beyond end of device
[   97.244217][ T5971] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0
[   97.323435][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   97.350850][ T5971] syz.3.8: attempt to access beyond end of device
[   97.350850][ T5971] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0
[   97.365385][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   97.381523][ T5971] syz.3.8: attempt to access beyond end of device
[   97.381523][ T5971] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0
[   97.395141][ T5971] syz.3.8: attempt to access beyond end of device
[   97.395141][ T5971] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0
[   97.426784][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   97.538056][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.562564][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   97.788360][ T5971] syz.3.8: attempt to access beyond end of device
[   97.788360][ T5971] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0
[   98.027993][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   98.128342][ T5971] syz.3.8: attempt to access beyond end of device
[   98.128342][ T5971] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[   98.163413][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[   98.304606][ T5971] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[   98.356406][ T6001] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   98.487976][ T5971] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[   98.689335][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.733522][ T5990] syz.0.9 (5990) used greatest stack depth: 17944 bytes left
[   98.790449][ T5925] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   98.836334][ T5974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.861837][ T5974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.902958][ T6005] usb usb8: usbfs: process 6005 (syz.0.14) did not claim interface 0 before use
[   98.908176][ T5974] bond0 (unregistering): Released all slaves
[   99.090775][ T5925] usb 5-1: Using ep0 maxpacket: 8
[   99.103144][ T5925] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   99.115686][ T5925] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   99.158145][ T5925] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   99.172348][ T5925] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   99.239583][ T5925] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   99.274540][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.277291][ T6008] netlink: 200 bytes leftover after parsing attributes in process `syz.2.16'.
[   99.377495][ T6010] usb usb8: usbfs: process 6010 (syz.0.15) did not claim interface 0 before use
[   99.552636][ T5925] usb 5-1: GET_CAPABILITIES returned 0
[   99.580533][ T5925] usbtmc 5-1:16.0: can't read capabilities
[  101.666206][ T6039] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  101.761608][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  101.766927][ T6040] usb usb8: usbfs: process 6040 (syz.2.25) did not claim interface 0 before use
[  101.863742][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  101.864342][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  101.889903][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  102.226770][ T6039] bond0 (unregistering): Released all slaves
[  102.414302][   T10] usb 5-1: USB disconnect, device number 2
[  102.898253][ T6054] netlink: 28 bytes leftover after parsing attributes in process `syz.1.26'.
[  104.795474][ T6062] bridge0: entered promiscuous mode
[  104.803002][ T6062] batman_adv: batadv0: Adding interface: macsec1
[  104.809584][ T6062] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.836210][ T6062] batman_adv: batadv0: Interface activated: macsec1
[  106.380114][ T6075] FAULT_INJECTION: forcing a failure.
[  106.380114][ T6075] name failslab, interval 1, probability 0, space 0, times 0
[  106.423557][ T6075] CPU: 1 UID: 0 PID: 6075 Comm: syz.4.34 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  106.423585][ T6075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.423595][ T6075] Call Trace:
[  106.423603][ T6075]  <TASK>
[  106.423611][ T6075]  dump_stack_lvl+0x189/0x250
[  106.423639][ T6075]  ? __pfx____ratelimit+0x10/0x10
[  106.423666][ T6075]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.423687][ T6075]  ? __pfx__printk+0x10/0x10
[  106.423717][ T6075]  ? __pfx___might_resched+0x10/0x10
[  106.423737][ T6075]  ? fs_reclaim_acquire+0x7d/0x100
[  106.423761][ T6075]  should_fail_ex+0x414/0x560
[  106.423794][ T6075]  should_failslab+0xa8/0x100
[  106.423823][ T6075]  __kmalloc_node_noprof+0xd1/0x4e0
[  106.423848][ T6075]  ? alloc_slab_obj_exts+0x39/0xa0
[  106.423877][ T6075]  alloc_slab_obj_exts+0x39/0xa0
[  106.423901][ T6075]  __memcg_slab_post_alloc_hook+0x31e/0x7f0
[  106.423946][ T6075]  kmem_cache_alloc_noprof+0x2bf/0x3c0
[  106.423971][ T6075]  ? vm_area_dup+0x2b/0x680
[  106.423994][ T6075]  vm_area_dup+0x2b/0x680
[  106.424017][ T6075]  __split_vma+0x1a9/0xa00
[  106.424041][ T6075]  ? __switch_to+0xd74/0x1600
[  106.424074][ T6075]  ? __pfx___split_vma+0x10/0x10
[  106.424118][ T6075]  vms_gather_munmap_vmas+0x2de/0x12b0
[  106.424139][ T6075]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.424171][ T6075]  ? rcu_is_watching+0x15/0xb0
[  106.424192][ T6075]  ? trace_sched_exit_tp+0x38/0x120
[  106.424217][ T6075]  ? __schedule+0x16c0/0x4cb0
[  106.424243][ T6075]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  106.424262][ T6075]  ? mntput_no_expire+0x241/0x860
[  106.424290][ T6075]  ? __lock_acquire+0xab9/0xd20
[  106.424321][ T6075]  do_vmi_align_munmap+0x25d/0x420
[  106.424342][ T6075]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  106.424396][ T6075]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  106.424443][ T6075]  ? mas_find+0x962/0xc10
[  106.424478][ T6075]  do_vmi_munmap+0x253/0x2e0
[  106.424507][ T6075]  mremap_at+0x1e4/0xc50
[  106.424536][ T6075]  ? __pfx_mremap_at+0x10/0x10
[  106.424554][ T6075]  ? mtree_load+0x655/0x700
[  106.424580][ T6075]  ? mtree_load+0x100/0x700
[  106.424606][ T6075]  ? __pfx_mtree_load+0x10/0x10
[  106.424655][ T6075]  __se_sys_mremap+0x89b/0xc00
[  106.424699][ T6075]  ? __pfx___se_sys_mremap+0x10/0x10
[  106.424718][ T6075]  ? ksys_write+0x22a/0x250
[  106.424746][ T6075]  ? __pfx_ksys_write+0x10/0x10
[  106.424777][ T6075]  ? do_syscall_64+0xbe/0x3b0
[  106.424792][ T6075]  ? __x64_sys_mremap+0x20/0xc0
[  106.424816][ T6075]  do_syscall_64+0xfa/0x3b0
[  106.424831][ T6075]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.424856][ T6075]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.424875][ T6075]  ? clear_bhb_loop+0x60/0xb0
[  106.424897][ T6075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.424915][ T6075] RIP: 0033:0x7f662538e929
[  106.424932][ T6075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.424946][ T6075] RSP: 002b:00007f6626240038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  106.424966][ T6075] RAX: ffffffffffffffda RBX: 00007f66255b6160 RCX: 00007f662538e929
[  106.424979][ T6075] RDX: 0000000000001000 RSI: 0000000000c00000 RDI: 0000200000400000
[  106.424990][ T6075] RBP: 00007f6626240090 R08: 00002000008b5000 R09: 0000000000000000
[  106.425002][ T6075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.425012][ T6075] R13: 0000000000000001 R14: 00007f66255b6160 R15: 00007fff760b9f08
[  106.425043][ T6075]  </TASK>
[  107.777777][ T5916] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  108.143096][ T5916] usb 4-1: Using ep0 maxpacket: 8
[  108.328463][ T6085] bridge0: entered promiscuous mode
[  108.335012][ T6085] batman_adv: batadv0: Adding interface: macsec1
[  108.341407][ T6085] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.366762][ T6085] batman_adv: batadv0: Interface activated: macsec1
[  108.401442][ T5916] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.550822][ T5916] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  108.579658][   T24] libceph: connect (1)[c::]:6789 error -101
[  108.662482][ T6094] netlink: 28 bytes leftover after parsing attributes in process `syz.1.42'.
[  109.342151][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  109.372796][ T5916] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  109.395635][ T5916] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  109.415489][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.456026][ T5916] usb 4-1: Product: 惄鉑峑᩵⥢䣃夓㡵秊ᢉ窰윢뫏繪퐚
[  109.476628][ T6087] ceph: No mds server is up or the cluster is laggy
[  109.539776][ T5916] usb 4-1: Manufacturer: Ё
[  109.547195][ T5916] usb 4-1: SerialNumber: 《
[  111.680823][ T6115] bond1 (unregistering): Released all slaves
[  111.956200][ T6114] loop6: detected capacity change from 0 to 63
[  112.022070][ T6114] Buffer I/O error on dev loop6, logical block 0, async page read
[  112.089924][ T6114] Buffer I/O error on dev loop6, logical block 1, async page read
[  112.111796][ T6114] Buffer I/O error on dev loop6, logical block 2, async page read
[  112.150775][ T6114] Buffer I/O error on dev loop6, logical block 3, async page read
[  112.197827][ T5997] Buffer I/O error on dev loop6, logical block 0, async page read
[  112.331144][ T5997] Buffer I/O error on dev loop6, logical block 1, async page read
[  112.332653][ T5916] cdc_ncm 4-1:1.0: bind() failure
[  112.363631][ T5916] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  112.390607][ T6120] overlayfs: failed to resolve './file0': -2
[  112.396839][ T5997] Buffer I/O error on dev loop6, logical block 2, async page read
[  112.417821][ T5916] cdc_ncm 4-1:1.1: bind() failure
[  112.431397][ T5997] Buffer I/O error on dev loop6, logical block 3, async page read
[  113.355852][ T5997] Buffer I/O error on dev loop6, logical block 0, async page read
[  113.382862][ T5916] usb 4-1: USB disconnect, device number 2
[  113.392350][ T5997] Buffer I/O error on dev loop6, logical block 1, async page read
[  113.621120][ T6125] netlink: 8 bytes leftover after parsing attributes in process `syz.3.50'.
[  114.038877][ T6133] netlink: 176 bytes leftover after parsing attributes in process `syz.1.53'.
[  114.164705][ T6141] netlink: 28 bytes leftover after parsing attributes in process `syz.2.54'.
[  114.268344][ T6133] netlink: 176 bytes leftover after parsing attributes in process `syz.1.53'.
[  114.335210][ T6139] netlink: 12 bytes leftover after parsing attributes in process `syz.3.56'.
[  115.410170][ T5909] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  116.684056][ T5909] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  116.737498][ T5909] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  116.766321][ T5909] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.777962][ T5909] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  116.787470][ T5909] usb 4-1: config 1 has no interface number 0
[  116.794146][ T5909] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  116.803869][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.165904][ T5909] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  117.902688][ T6168] netlink: 44 bytes leftover after parsing attributes in process `syz.0.62'.
[  117.949812][ T5909] snd_usb_pod 4-1:1.1: set_interface failed
[  117.970452][ T5909] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  118.108260][ T5909] snd_usb_pod 4-1:1.1: probe with driver snd_usb_pod failed with error -71
[  119.106996][ T5909] usb 4-1: USB disconnect, device number 3
[  119.341755][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.871098][ T6191] netlink: 28 bytes leftover after parsing attributes in process `syz.4.69'.
[  121.515337][ T6205] bond0 (unregistering): Released all slaves
[  121.711014][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  121.932162][   T10] usb 5-1: Using ep0 maxpacket: 8
[  121.962402][   T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.991098][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  122.022550][   T10] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  122.125034][   T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  122.194434][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.276582][   T10] usb 5-1: Product: syz
[  122.298218][   T10] usb 5-1: Manufacturer: syz
[  122.323488][   T10] usb 5-1: SerialNumber: syz
[  122.379710][   T10] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  122.471279][   T10] usbtest 5-1:1.0: Linux user mode ISO test driver
[  122.496337][   T10] usbtest 5-1:1.0: high-speed {control iso-in} tests (+alt)
[  122.786097][ T6210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.093026][ T6229] fuse: Unknown parameter 'fd0x0000000000000006'
[  124.117879][ T6210] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.437244][    T9] usb 5-1: USB disconnect, device number 3
[  125.014401][ T6247] genirq: Flags mismatch irq 9. 00200000 (pcmmio) vs. 00002080 (acpi)
[  126.134013][ T6253] netlink: 'syz.0.88': attribute type 11 has an invalid length.
[  126.184397][  T993] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.191641][  T993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.345526][ T6261] random: crng reseeded on system resumption
[  126.853917][ T6265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.88'.
[  126.998368][ T6268] netlink: 8 bytes leftover after parsing attributes in process `syz.0.88'.
[  127.912767][ T6274] netlink: 'syz.1.92': attribute type 11 has an invalid length.
[  128.043545][ T6276] netlink: 12 bytes leftover after parsing attributes in process `syz.2.93'.
[  128.135900][ T6276] i2c i2c-0: Invalid block write size 34
[  128.858358][ T6282] netlink: 'syz.0.94': attribute type 58 has an invalid length.
[  128.866120][ T6282] netlink: 12 bytes leftover after parsing attributes in process `syz.0.94'.
[  128.911380][ T6283] syz.0.94 uses obsolete (PF_INET,SOCK_PACKET)
[  131.303835][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  131.977760][   T10] usb 5-1: Using ep0 maxpacket: 16
[  131.984992][   T10] usb 5-1: config 0 has an invalid interface number: 126 but max is 0
[  131.994200][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  132.005513][   T10] usb 5-1: config 0 has no interface number 0
[  132.012277][   T10] usb 5-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  132.024362][   T10] usb 5-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  132.036198][   T10] usb 5-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  132.057783][   T10] usb 5-1: config 0 interface 126 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  132.068969][   T10] usb 5-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  132.084285][   T10] usb 5-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  132.093414][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.324278][   T10] usb 5-1: config 0 descriptor??
[  132.331177][ T6310] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  132.343696][   T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  133.102217][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  133.108955][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.513591][ T6346] FAULT_INJECTION: forcing a failure.
[  133.513591][ T6346] name failslab, interval 1, probability 0, space 0, times 0
[  133.583258][   T10] snd-usb-audio 5-1:0.126: probe with driver snd-usb-audio failed with error -2
[  133.586740][ T6346] CPU: 0 UID: 0 PID: 6346 Comm: syz.4.112 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  133.586769][ T6346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.586780][ T6346] Call Trace:
[  133.586788][ T6346]  <TASK>
[  133.586796][ T6346]  dump_stack_lvl+0x189/0x250
[  133.586824][ T6346]  ? __pfx____ratelimit+0x10/0x10
[  133.586852][ T6346]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.586873][ T6346]  ? __pfx__printk+0x10/0x10
[  133.586901][ T6346]  ? __pfx___might_resched+0x10/0x10
[  133.586922][ T6346]  ? fs_reclaim_acquire+0x7d/0x100
[  133.586953][ T6346]  should_fail_ex+0x414/0x560
[  133.586987][ T6346]  should_failslab+0xa8/0x100
[  133.587016][ T6346]  __kmalloc_noprof+0xcb/0x4f0
[  133.587040][ T6346]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  133.587073][ T6346]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  133.587108][ T6346]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  133.587144][ T6346]  genl_family_rcv_msg_doit+0xb8/0x300
[  133.587180][ T6346]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  133.587209][ T6346]  ? rcu_is_watching+0x15/0xb0
[  133.587231][ T6346]  ? cap_capable+0x11f/0x460
[  133.587258][ T6346]  ? safesetid_security_capable+0xa9/0x1a0
[  133.587286][ T6346]  ? bpf_lsm_capable+0x9/0x20
[  133.587304][ T6346]  ? security_capable+0x7e/0x2e0
[  133.587331][ T6346]  genl_rcv_msg+0x60e/0x790
[  133.587365][ T6346]  ? __pfx_genl_rcv_msg+0x10/0x10
[  133.587388][ T6346]  ? ref_tracker_free+0x63a/0x7d0
[  133.587412][ T6346]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  133.587436][ T6346]  ? __pfx_nl80211_deauthenticate+0x10/0x10
[  133.587453][ T6346]  ? __pfx_nl80211_post_doit+0x10/0x10
[  133.587479][ T6346]  ? __pfx_ref_tracker_free+0x10/0x10
[  133.587519][ T6346]  netlink_rcv_skb+0x205/0x470
[  133.587543][ T6346]  ? __pfx_genl_rcv_msg+0x10/0x10
[  133.587571][ T6346]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  133.587614][ T6346]  ? down_read+0x1ad/0x2e0
[  133.587635][ T6346]  genl_rcv+0x28/0x40
[  133.587657][ T6346]  netlink_unicast+0x758/0x8d0
[  133.587689][ T6346]  netlink_sendmsg+0x805/0xb30
[  133.587723][ T6346]  ? __pfx_netlink_sendmsg+0x10/0x10
[  133.587756][ T6346]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  133.587780][ T6346]  ? __pfx_netlink_sendmsg+0x10/0x10
[  133.587803][ T6346]  __sock_sendmsg+0x219/0x270
[  133.587835][ T6346]  ____sys_sendmsg+0x505/0x830
[  133.587867][ T6346]  ? __pfx_____sys_sendmsg+0x10/0x10
[  133.587901][ T6346]  ? import_iovec+0x74/0xa0
[  133.587928][ T6346]  ___sys_sendmsg+0x21f/0x2a0
[  133.587954][ T6346]  ? __pfx____sys_sendmsg+0x10/0x10
[  133.588022][ T6346]  ? __fget_files+0x2a/0x420
[  133.588040][ T6346]  ? __fget_files+0x3a0/0x420
[  133.588079][ T6346]  __x64_sys_sendmsg+0x19b/0x260
[  133.588106][ T6346]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  133.588141][ T6346]  ? __pfx_ksys_write+0x10/0x10
[  133.588164][ T6346]  ? rcu_is_watching+0x15/0xb0
[  133.588190][ T6346]  ? do_syscall_64+0xbe/0x3b0
[  133.588212][ T6346]  do_syscall_64+0xfa/0x3b0
[  133.588229][ T6346]  ? lockdep_hardirqs_on+0x9c/0x150
[  133.588254][ T6346]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.588272][ T6346]  ? clear_bhb_loop+0x60/0xb0
[  133.588295][ T6346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.588310][ T6346] RIP: 0033:0x7f662538e929
[  133.588327][ T6346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.588342][ T6346] RSP: 002b:00007f6626282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  133.588363][ T6346] RAX: ffffffffffffffda RBX: 00007f66255b5fa0 RCX: 00007f662538e929
[  133.588376][ T6346] RDX: 0000000000000080 RSI: 0000200000000300 RDI: 0000000000000003
[  133.588387][ T6346] RBP: 00007f6626282090 R08: 0000000000000000 R09: 0000000000000000
[  133.588398][ T6346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.588409][ T6346] R13: 0000000000000000 R14: 00007f66255b5fa0 R15: 00007fff760b9f08
[  133.588441][ T6346]  </TASK>
[  134.027966][   T10] usb 5-1: USB disconnect, device number 4
[  134.940082][ T6349] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  136.430793][ T6368] netlink: 96 bytes leftover after parsing attributes in process `syz.0.117'.
[  136.497767][ T6014] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  136.648048][ T6014] usb 5-1: Using ep0 maxpacket: 8
[  136.880658][ T6014] usb 5-1: unable to get BOS descriptor or descriptor too short
[  136.895147][ T6014] usb 5-1: config 4 has an invalid interface number: 147 but max is 0
[  136.924458][ T6014] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  136.960932][ T6014] usb 5-1: config 4 has no interface number 0
[  136.976322][ T6014] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  136.994398][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.216982][ T6014] usb 5-1: Product: syz
[  137.223814][ T6014] usb 5-1: Manufacturer: syz
[  137.237444][ T6014] usb 5-1: SerialNumber: syz
[  137.699415][ T6014] usb 5-1: Found UVC 0.02 device syz (04f2:b746)
[  137.714789][ T6014] usb 5-1: No valid video chain found.
[  137.749317][ T6014] usb 5-1: USB disconnect, device number 5
[  139.632998][ T6405] FAULT_INJECTION: forcing a failure.
[  139.632998][ T6405] name failslab, interval 1, probability 0, space 0, times 0
[  139.721207][ T6405] CPU: 1 UID: 0 PID: 6405 Comm: syz.2.126 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  139.721237][ T6405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.721248][ T6405] Call Trace:
[  139.721256][ T6405]  <TASK>
[  139.721265][ T6405]  dump_stack_lvl+0x189/0x250
[  139.721293][ T6405]  ? __pfx____ratelimit+0x10/0x10
[  139.721321][ T6405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.721342][ T6405]  ? __pfx__printk+0x10/0x10
[  139.721374][ T6405]  ? __pfx___might_resched+0x10/0x10
[  139.721395][ T6405]  ? fs_reclaim_acquire+0x7d/0x100
[  139.721420][ T6405]  should_fail_ex+0x414/0x560
[  139.721453][ T6405]  should_failslab+0xa8/0x100
[  139.721483][ T6405]  __kmalloc_cache_noprof+0x70/0x3d0
[  139.721509][ T6405]  ? inet_rtm_newaddr+0x530/0x18b0
[  139.721542][ T6405]  inet_rtm_newaddr+0x530/0x18b0
[  139.721580][ T6405]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  139.721629][ T6405]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  139.721655][ T6405]  rtnetlink_rcv_msg+0x7cc/0xb70
[  139.721680][ T6405]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  139.721697][ T6405]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  139.721714][ T6405]  ? ref_tracker_free+0x63a/0x7d0
[  139.721738][ T6405]  ? __copy_skb_header+0xa7/0x550
[  139.721764][ T6405]  ? __pfx_ref_tracker_free+0x10/0x10
[  139.721791][ T6405]  ? __skb_clone+0x63/0x7a0
[  139.721824][ T6405]  netlink_rcv_skb+0x205/0x470
[  139.721847][ T6405]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  139.721869][ T6405]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  139.721906][ T6405]  ? netlink_deliver_tap+0x2e/0x1b0
[  139.721937][ T6405]  ? netlink_deliver_tap+0x2e/0x1b0
[  139.721965][ T6405]  netlink_unicast+0x758/0x8d0
[  139.721998][ T6405]  netlink_sendmsg+0x805/0xb30
[  139.722032][ T6405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.722064][ T6405]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  139.722090][ T6405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.722113][ T6405]  __sock_sendmsg+0x219/0x270
[  139.722145][ T6405]  ____sys_sendmsg+0x505/0x830
[  139.722174][ T6405]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.722215][ T6405]  ? import_iovec+0x74/0xa0
[  139.722241][ T6405]  ___sys_sendmsg+0x21f/0x2a0
[  139.722268][ T6405]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.722335][ T6405]  ? __fget_files+0x2a/0x420
[  139.722353][ T6405]  ? __fget_files+0x3a0/0x420
[  139.722382][ T6405]  __x64_sys_sendmsg+0x19b/0x260
[  139.722410][ T6405]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  139.722445][ T6405]  ? __pfx_ksys_write+0x10/0x10
[  139.722467][ T6405]  ? rcu_is_watching+0x15/0xb0
[  139.722494][ T6405]  ? do_syscall_64+0xbe/0x3b0
[  139.722517][ T6405]  do_syscall_64+0xfa/0x3b0
[  139.722533][ T6405]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.722559][ T6405]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.722577][ T6405]  ? clear_bhb_loop+0x60/0xb0
[  139.722600][ T6405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.722618][ T6405] RIP: 0033:0x7fcc8358e929
[  139.722635][ T6405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.722651][ T6405] RSP: 002b:00007fcc8430e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.722672][ T6405] RAX: ffffffffffffffda RBX: 00007fcc837b5fa0 RCX: 00007fcc8358e929
[  139.722685][ T6405] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000007
[  139.722696][ T6405] RBP: 00007fcc8430e090 R08: 0000000000000000 R09: 0000000000000000
[  139.722707][ T6405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.722718][ T6405] R13: 0000000000000000 R14: 00007fcc837b5fa0 R15: 00007ffe168c7508
[  139.722751][ T6405]  </TASK>
[  140.207062][ T6408] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  141.459699][ T5845] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  141.890705][ T5845] usb 3-1: config 8 has an invalid interface number: 249 but max is 0
[  142.148166][ T5845] usb 3-1: config 8 has no interface number 0
[  142.187828][ T5845] usb 3-1: config 8 interface 249 has no altsetting 0
[  142.230733][ T5845] usb 3-1: New USB device found, idVendor=15a4, idProduct=9016, bcdDevice=87.c3
[  142.300328][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.523617][ T6014] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  142.580323][ T6412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.614525][ T6412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.748222][ T6014] usb 4-1: Using ep0 maxpacket: 32
[  142.754639][ T5845] usb 3-1: string descriptor 0 read error: -71
[  142.776450][ T6014] usb 4-1: config 0 has an invalid interface number: 114 but max is 0
[  142.814597][ T6014] usb 4-1: config 0 has no interface number 0
[  142.840513][ T5845] usb 3-1: USB disconnect, device number 2
[  142.851758][ T6014] usb 4-1: config 0 interface 114 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  142.884217][ T6014] usb 4-1: New USB device found, idVendor=05ac, idProduct=9218, bcdDevice=aa.8b
[  142.899970][ T6014] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.927159][ T6014] usb 4-1: Product: syz
[  142.942868][ T6014] usb 4-1: Manufacturer: syz
[  142.956023][ T6014] usb 4-1: SerialNumber: syz
[  142.972036][ T6014] usb 4-1: config 0 descriptor??
[  142.991086][ T6014] appledisplay 4-1:0.114: Could not find int-in endpoint
[  143.006350][ T6014] usbhid 4-1:0.114: couldn't find an input interrupt endpoint
[  143.200834][ T5845] usb 4-1: USB disconnect, device number 4
[  143.329382][   T30] audit: type=1326 audit(1752017222.847:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  143.492213][   T30] audit: type=1326 audit(1752017222.847:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  143.521077][   T30] audit: type=1326 audit(1752017222.847:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f662538d3df code=0x7ffc0000
[  144.469037][   T10] IPVS: starting estimator thread 0...
[  144.484884][   T30] audit: type=1326 audit(1752017222.847:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  144.509168][   T30] audit: type=1326 audit(1752017222.847:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  144.538430][   T30] audit: type=1326 audit(1752017222.857:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  144.573026][   T30] audit: type=1326 audit(1752017222.857:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  144.600360][ T6443] FAULT_INJECTION: forcing a failure.
[  144.600360][ T6443] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  144.613683][ T6443] CPU: 0 UID: 0 PID: 6443 Comm: syz.4.135 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  144.613708][ T6443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.613719][ T6443] Call Trace:
[  144.613727][ T6443]  <TASK>
[  144.613734][ T6443]  dump_stack_lvl+0x189/0x250
[  144.613755][ T6443]  ? __pfx____ratelimit+0x10/0x10
[  144.613788][ T6443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.613808][ T6443]  ? __pfx__printk+0x10/0x10
[  144.613845][ T6443]  should_fail_ex+0x414/0x560
[  144.613874][ T6443]  _copy_from_user+0x2d/0xb0
[  144.613894][ T6443]  sctp_setsockopt+0x19f/0x1200
[  144.613915][ T6443]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  144.613935][ T6443]  do_sock_setsockopt+0x25a/0x3e0
[  144.613960][ T6443]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  144.613986][ T6443]  ? __fget_files+0x2a/0x420
[  144.614013][ T6443]  __x64_sys_setsockopt+0x18b/0x220
[  144.614040][ T6443]  do_syscall_64+0xfa/0x3b0
[  144.614060][ T6443]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.614077][ T6443]  ? asm_sysvec_call_function_single+0x1a/0x20
[  144.614093][ T6443]  ? clear_bhb_loop+0x60/0xb0
[  144.614115][ T6443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.614132][ T6443] RIP: 0033:0x7f662538e929
[  144.614149][ T6443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.614163][ T6443] RSP: 002b:00007f6626261038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  144.614183][ T6443] RAX: ffffffffffffffda RBX: 00007f66255b6080 RCX: 00007f662538e929
[  144.614195][ T6443] RDX: 000000000000000d RSI: 0000000000000084 RDI: 0000000000000007
[  144.614205][ T6443] RBP: 00007f6626261090 R08: 0000000000000004 R09: 0000000000000000
[  144.614215][ T6443] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  144.614225][ T6443] R13: 0000000000000000 R14: 00007f66255b6080 R15: 00007fff760b9f08
[  144.614255][ T6443]  </TASK>
[  144.812095][ T6441] IPVS: using max 26 ests per chain, 62400 per kthread
[  145.016601][   T30] audit: type=1326 audit(1752017222.857:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  145.229085][   T30] audit: type=1326 audit(1752017222.857:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f662538d290 code=0x7ffc0000
[  145.278821][ T1224] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  145.327987][   T10] IPVS: starting estimator thread 0...
[  145.343006][   T30] audit: type=1326 audit(1752017222.887:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6434 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538e929 code=0x7ffc0000
[  145.590000][ T6445] IPVS: using max 25 ests per chain, 60000 per kthread
[  145.626844][ T6457] ptrace attach of "./syz-executor exec"[6460] was attempted by "./syz-executor exec"[6457]
[  153.407944][ T1224] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  153.738720][ T6014] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  154.307818][ T6014] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  154.385640][ T6014] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD6, changing to 0x86
[  154.449488][ T6014] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 223
[  154.627372][ T6014] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  154.639488][ T6014] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  154.647540][ T6014] usb 4-1: Manufacturer: syz
[  154.659821][ T6014] usb 4-1: config 0 descriptor??
[  154.665741][ T6493] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  154.815566][ T6511] netlink: 28 bytes leftover after parsing attributes in process `syz.2.153'.
[  155.348350][   T10] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  155.350606][ T6014] igorplugusb 4-1:0.0: endpoint incorrect
[  155.370380][ T6014] usb 4-1: USB disconnect, device number 5
[  159.442056][   T10] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  160.213021][ T6561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.166'.
[  160.660620][ T6568] netlink: 28 bytes leftover after parsing attributes in process `syz.2.168'.
[  161.216075][ T6572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.165'.
[  161.325442][ T6572] i2c i2c-0: Invalid block write size 34
[  163.555918][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  166.523566][ T6616] =======================================================
[  166.523566][ T6616] WARNING: The mand mount option has been deprecated and
[  166.523566][ T6616]          and is ignored by this kernel. Remove the mand
[  166.523566][ T6616]          option from the mount to silence this warning.
[  166.523566][ T6616] =======================================================
[  166.560787][ T6616] overlayfs: failed to resolve './file1': -2
[  167.548168][ T6620] netlink: 28 bytes leftover after parsing attributes in process `syz.1.180'.
[  168.583492][ T6629] FAULT_INJECTION: forcing a failure.
[  168.583492][ T6629] name failslab, interval 1, probability 0, space 0, times 0
[  168.713662][ T3010] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  168.728608][ T6629] CPU: 0 UID: 0 PID: 6629 Comm: syz.2.184 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  168.728637][ T6629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.728647][ T6629] Call Trace:
[  168.728656][ T6629]  <TASK>
[  168.728664][ T6629]  dump_stack_lvl+0x189/0x250
[  168.728701][ T6629]  ? __pfx____ratelimit+0x10/0x10
[  168.728729][ T6629]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.728750][ T6629]  ? __pfx__printk+0x10/0x10
[  168.728783][ T6629]  ? __pfx___might_resched+0x10/0x10
[  168.728804][ T6629]  ? fs_reclaim_acquire+0x7d/0x100
[  168.728829][ T6629]  should_fail_ex+0x414/0x560
[  168.728863][ T6629]  should_failslab+0xa8/0x100
[  168.728893][ T6629]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  168.728920][ T6629]  ? __alloc_skb+0x112/0x2d0
[  168.728948][ T6629]  __alloc_skb+0x112/0x2d0
[  168.728974][ T6629]  netlink_ack+0x146/0xa50
[  168.728993][ T6629]  ? __pfx___mutex_trylock_common+0x10/0x10
[  168.729022][ T6629]  ? rcu_is_watching+0x15/0xb0
[  168.729056][ T6629]  netlink_rcv_skb+0x28c/0x470
[  168.729080][ T6629]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  168.729106][ T6629]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  168.729148][ T6629]  ? netlink_deliver_tap+0x2e/0x1b0
[  168.729176][ T6629]  xfrm_netlink_rcv+0x79/0x90
[  168.729199][ T6629]  netlink_unicast+0x758/0x8d0
[  168.729234][ T6629]  netlink_sendmsg+0x805/0xb30
[  168.729254][ T6629]  ? bpf_trace_run4+0x19c/0x4a0
[  168.729290][ T6629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  168.729322][ T6629]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  168.729348][ T6629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  168.729372][ T6629]  __sock_sendmsg+0x219/0x270
[  168.729404][ T6629]  ____sys_sendmsg+0x505/0x830
[  168.729434][ T6629]  ? __pfx_____sys_sendmsg+0x10/0x10
[  168.729469][ T6629]  ? import_iovec+0x74/0xa0
[  168.729496][ T6629]  ___sys_sendmsg+0x21f/0x2a0
[  168.729522][ T6629]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.729596][ T6629]  ? __fget_files+0x2a/0x420
[  168.729614][ T6629]  ? __fget_files+0x3a0/0x420
[  168.729644][ T6629]  __x64_sys_sendmsg+0x19b/0x260
[  168.729672][ T6629]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  168.729735][ T6629]  do_syscall_64+0xfa/0x3b0
[  168.729755][ T6629]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.729773][ T6629]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  168.729791][ T6629]  ? clear_bhb_loop+0x60/0xb0
[  168.729815][ T6629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.729833][ T6629] RIP: 0033:0x7fcc8358e929
[  168.729850][ T6629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.729865][ T6629] RSP: 002b:00007fcc8430e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.729886][ T6629] RAX: ffffffffffffffda RBX: 00007fcc837b5fa0 RCX: 00007fcc8358e929
[  168.729897][ T6629] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  168.729909][ T6629] RBP: 00007fcc8430e090 R08: 0000000000000000 R09: 0000000000000000
[  168.729919][ T6629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.729930][ T6629] R13: 0000000000000000 R14: 00007fcc837b5fa0 R15: 00007ffe168c7508
[  168.729963][ T6629]  </TASK>
[  169.624442][ T6630] netlink: 200 bytes leftover after parsing attributes in process `syz.0.182'.
[  169.679124][ T6630] netlink: 44 bytes leftover after parsing attributes in process `syz.0.182'.
[  169.715259][ T6634] netlink: 28 bytes leftover after parsing attributes in process `syz.1.183'.
[  170.033206][ T6630] netlink: 'syz.0.182': attribute type 1 has an invalid length.
[  170.095288][ T6630] netlink: 224 bytes leftover after parsing attributes in process `syz.0.182'.
[  171.385189][ T6641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.187'.
[  171.618005][    T9] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  172.360264][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.538596][ T6014] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  173.943002][    T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  173.957038][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[  173.968405][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64
[  173.980397][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  173.991725][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 213, setting to 64
[  174.002777][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  174.043574][    T9] usb 1-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  174.058102][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.067348][    T9] usb 1-1: Product: syz
[  174.076087][    T9] usb 1-1: Manufacturer: syz
[  174.081385][    T9] usb 1-1: SerialNumber: syz
[  174.108368][    T9] usb 1-1: config 0 descriptor??
[  174.115311][ T6648] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  174.125486][ T6648] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  174.389693][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  174.546236][ T6660] netlink: 256 bytes leftover after parsing attributes in process `syz.4.194'.
[  174.842885][ T6665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.193'.
[  174.987693][ T5944] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  175.552959][   T56] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  175.747751][ T5944] usb 5-1: Using ep0 maxpacket: 8
[  175.773952][ T5944] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  175.782236][ T5944] usb 5-1: config 0 has no interface number 0
[  175.853706][ T5944] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  175.915675][    T9] rc_core: IR keymap rc-snapstream-firefly not found
[  175.928835][ T1224] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  176.015186][ T5944] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  176.026595][    T9] Registered IR keymap rc-empty
[  176.609367][    T9] rc rc0: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  176.663680][ T1224] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  176.673415][ T5944] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  176.699519][    T9] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input5
[  176.714506][ T5944] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  176.734174][ T5944] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.749881][    T9] input: syz syz mouse as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6
[  176.836747][ T5944] usb 5-1: config 0 descriptor??
[  176.849490][ T5944] ldusb 5-1:0.55: Interrupt in endpoint not found
[  177.117102][    T9] usb 1-1: USB disconnect, device number 2
[  177.123050][    C0] ati_remote 1-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19
[  178.454876][    T9] usb 5-1: USB disconnect, device number 6
[  178.661487][ T6688] FAULT_INJECTION: forcing a failure.
[  178.661487][ T6688] name failslab, interval 1, probability 0, space 0, times 0
[  178.739846][ T6688] CPU: 1 UID: 0 PID: 6688 Comm: syz.3.201 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  178.739875][ T6688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  178.739885][ T6688] Call Trace:
[  178.739893][ T6688]  <TASK>
[  178.739901][ T6688]  dump_stack_lvl+0x189/0x250
[  178.739928][ T6688]  ? __pfx____ratelimit+0x10/0x10
[  178.739956][ T6688]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.739977][ T6688]  ? __pfx__printk+0x10/0x10
[  178.740004][ T6688]  ? __pfx___might_resched+0x10/0x10
[  178.740024][ T6688]  ? fs_reclaim_acquire+0x7d/0x100
[  178.740049][ T6688]  should_fail_ex+0x414/0x560
[  178.740081][ T6688]  should_failslab+0xa8/0x100
[  178.740111][ T6688]  __kmalloc_noprof+0xcb/0x4f0
[  178.740135][ T6688]  ? tomoyo_encode+0x28b/0x550
[  178.740160][ T6688]  tomoyo_encode+0x28b/0x550
[  178.740186][ T6688]  tomoyo_realpath_from_path+0x58d/0x5d0
[  178.740219][ T6688]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  178.740246][ T6688]  tomoyo_path_number_perm+0x1e8/0x5a0
[  178.740276][ T6688]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  178.740322][ T6688]  ? __lock_acquire+0xab9/0xd20
[  178.740365][ T6688]  ? __fget_files+0x2a/0x420
[  178.740387][ T6688]  ? __fget_files+0x2a/0x420
[  178.740402][ T6688]  ? __fget_files+0x3a0/0x420
[  178.740417][ T6688]  ? __fget_files+0x2a/0x420
[  178.740440][ T6688]  security_file_ioctl+0xcb/0x2d0
[  178.740470][ T6688]  __se_sys_ioctl+0x47/0x170
[  178.740498][ T6688]  do_syscall_64+0xfa/0x3b0
[  178.740514][ T6688]  ? lockdep_hardirqs_on+0x9c/0x150
[  178.740550][ T6688]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.740569][ T6688]  ? clear_bhb_loop+0x60/0xb0
[  178.740592][ T6688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.740610][ T6688] RIP: 0033:0x7f8b6ab8e929
[  178.740627][ T6688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.740642][ T6688] RSP: 002b:00007f8b6ba59038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  178.740662][ T6688] RAX: ffffffffffffffda RBX: 00007f8b6adb5fa0 RCX: 00007f8b6ab8e929
[  178.740675][ T6688] RDX: 0000200000000380 RSI: 00000000c0d05605 RDI: 0000000000000009
[  178.740687][ T6688] RBP: 00007f8b6ba59090 R08: 0000000000000000 R09: 0000000000000000
[  178.740697][ T6688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.740708][ T6688] R13: 0000000000000000 R14: 00007f8b6adb5fa0 R15: 00007ffd051f87b8
[  178.740741][ T6688]  </TASK>
[  178.740764][ T6688] ERROR: Out of memory at tomoyo_realpath_from_path.
[  179.828506][ T6704] netlink: 28 bytes leftover after parsing attributes in process `syz.0.205'.
[  180.092724][ T6706] netlink: 80 bytes leftover after parsing attributes in process `syz.3.206'.
[  180.445974][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  180.914052][ T3029] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  181.631697][ T6721] netlink: 8 bytes leftover after parsing attributes in process `syz.1.211'.
[  182.079019][ T6725] usb usb8: usbfs: process 6725 (syz.1.214) did not claim interface 0 before use
[  182.191927][ T6728] usb usb8: usbfs: process 6728 (syz.3.213) did not claim interface 0 before use
[  182.906823][ T6733] netlink: 40 bytes leftover after parsing attributes in process `syz.1.216'.
[  183.196703][ T6738] bridge0: entered promiscuous mode
[  183.213317][ T6738] batman_adv: batadv0: Adding interface: macsec1
[  183.240528][ T6738] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.275424][ T6738] batman_adv: batadv0: Interface activated: macsec1
[  184.536590][ T6744] : entered promiscuous mode
[  184.672879][ T6754] netlink: 'syz.4.222': attribute type 4 has an invalid length.
[  184.734322][ T6754] FAULT_INJECTION: forcing a failure.
[  184.734322][ T6754] name failslab, interval 1, probability 0, space 0, times 0
[  184.757183][ T6754] CPU: 0 UID: 0 PID: 6754 Comm: syz.4.222 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  184.757226][ T6754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  184.757237][ T6754] Call Trace:
[  184.757245][ T6754]  <TASK>
[  184.757253][ T6754]  dump_stack_lvl+0x189/0x250
[  184.757282][ T6754]  ? __pfx____ratelimit+0x10/0x10
[  184.757311][ T6754]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.757332][ T6754]  ? __pfx__printk+0x10/0x10
[  184.757371][ T6754]  should_fail_ex+0x414/0x560
[  184.757405][ T6754]  should_failslab+0xa8/0x100
[  184.757434][ T6754]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  184.757462][ T6754]  ? __alloc_skb+0x112/0x2d0
[  184.757480][ T6754]  ? __pfx_br_get_link_af_size_filtered+0x10/0x10
[  184.757514][ T6754]  __alloc_skb+0x112/0x2d0
[  184.757538][ T6754]  br_info_notify+0x105/0x260
[  184.757568][ T6754]  br_setlink+0x33e/0x800
[  184.757607][ T6754]  ? __pfx_br_setlink+0x10/0x10
[  184.757628][ T6754]  ? do_raw_spin_lock+0x121/0x290
[  184.757693][ T6754]  ? __mutex_lock+0x51b/0xe80
[  184.757718][ T6754]  ? mutex_is_locked+0x17/0x50
[  184.757741][ T6754]  rtnl_bridge_setlink+0x5b5/0x7d0
[  184.757771][ T6754]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[  184.757801][ T6754]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[  184.757820][ T6754]  rtnetlink_rcv_msg+0x77c/0xb70
[  184.757843][ T6754]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  184.757860][ T6754]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.757876][ T6754]  ? ref_tracker_free+0x63a/0x7d0
[  184.757900][ T6754]  ? __copy_skb_header+0xa7/0x550
[  184.757926][ T6754]  ? __pfx_ref_tracker_free+0x10/0x10
[  184.757951][ T6754]  ? __skb_clone+0x63/0x7a0
[  184.757979][ T6754]  netlink_rcv_skb+0x205/0x470
[  184.758002][ T6754]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.758023][ T6754]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  184.758061][ T6754]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.758080][ T6754]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.758108][ T6754]  netlink_unicast+0x758/0x8d0
[  184.758141][ T6754]  netlink_sendmsg+0x805/0xb30
[  184.758174][ T6754]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.758206][ T6754]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  184.758240][ T6754]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.758263][ T6754]  __sock_sendmsg+0x219/0x270
[  184.758294][ T6754]  ____sys_sendmsg+0x505/0x830
[  184.758324][ T6754]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.758356][ T6754]  ? import_iovec+0x74/0xa0
[  184.758379][ T6754]  ___sys_sendmsg+0x21f/0x2a0
[  184.758396][ T6754]  ? __pfx____sys_sendmsg+0x10/0x10
[  184.758432][ T6754]  ? __fget_files+0x2a/0x420
[  184.758442][ T6754]  ? __fget_files+0x3a0/0x420
[  184.758459][ T6754]  __x64_sys_sendmsg+0x19b/0x260
[  184.758477][ T6754]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  184.758497][ T6754]  ? __pfx_ksys_write+0x10/0x10
[  184.758510][ T6754]  ? rcu_is_watching+0x15/0xb0
[  184.758526][ T6754]  ? do_syscall_64+0xbe/0x3b0
[  184.758538][ T6754]  do_syscall_64+0xfa/0x3b0
[  184.758549][ T6754]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.758559][ T6754]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  184.758569][ T6754]  ? clear_bhb_loop+0x60/0xb0
[  184.758582][ T6754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.758592][ T6754] RIP: 0033:0x7f662538e929
[  184.758605][ T6754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.758614][ T6754] RSP: 002b:00007f6626282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.758628][ T6754] RAX: ffffffffffffffda RBX: 00007f66255b5fa0 RCX: 00007f662538e929
[  184.758635][ T6754] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003
[  184.758642][ T6754] RBP: 00007f6626282090 R08: 0000000000000000 R09: 0000000000000000
[  184.758649][ T6754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.758655][ T6754] R13: 0000000000000000 R14: 00007f66255b5fa0 R15: 00007fff760b9f08
[  184.758673][ T6754]  </TASK>
[  186.174665][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  187.550215][ T3029] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  188.092872][ T6778] loop6: detected capacity change from 0 to 63
[  188.152142][ T6129] buffer_io_error: 486 callbacks suppressed
[  188.152160][ T6129] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.284778][ T6778] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.298981][ T6782] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.359937][ T6777] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.399228][ T6777] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.413782][ T6014] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  188.450948][ T6778] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.490358][ T6129] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.528065][ T6777] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.591989][ T6778] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.614337][ T6014] usb 4-1: Using ep0 maxpacket: 8
[  188.632202][ T6014] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  188.649202][ T6777] Buffer I/O error on dev loop6, logical block 0, async page read
[  188.687024][ T6014] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  188.747710][ T6014] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  188.846932][ T6014] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  188.958480][ T6014] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  188.967585][ T6014] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.353469][ T6780] nbd: must specify a device to reconfigure
[  189.498128][ T6014] usb 4-1: usb_control_msg returned -32
[  189.504608][ T6014] usbtmc 4-1:16.0: can't read capabilities
[  190.206937][ T6795] FAULT_INJECTION: forcing a failure.
[  190.206937][ T6795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.285563][ T6795] CPU: 1 UID: 0 PID: 6795 Comm: syz.2.234 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  190.285589][ T6795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.285598][ T6795] Call Trace:
[  190.285606][ T6795]  <TASK>
[  190.285614][ T6795]  dump_stack_lvl+0x189/0x250
[  190.285641][ T6795]  ? __pfx____ratelimit+0x10/0x10
[  190.285667][ T6795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.285687][ T6795]  ? __pfx__printk+0x10/0x10
[  190.285726][ T6795]  should_fail_ex+0x414/0x560
[  190.285757][ T6795]  _copy_to_user+0x31/0xb0
[  190.285781][ T6795]  simple_read_from_buffer+0xe1/0x170
[  190.285813][ T6795]  proc_fail_nth_read+0x1df/0x250
[  190.285836][ T6795]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.285859][ T6795]  ? rw_verify_area+0x258/0x650
[  190.285882][ T6795]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.285902][ T6795]  vfs_read+0x1fd/0x980
[  190.285931][ T6795]  ? __pfx___mutex_lock+0x10/0x10
[  190.285948][ T6795]  ? __pfx_vfs_read+0x10/0x10
[  190.285981][ T6795]  ? __fget_files+0x2a/0x420
[  190.286004][ T6795]  ? __fget_files+0x3a0/0x420
[  190.286019][ T6795]  ? __fget_files+0x2a/0x420
[  190.286047][ T6795]  ksys_read+0x145/0x250
[  190.286069][ T6795]  ? __fget_files+0x3a0/0x420
[  190.286087][ T6795]  ? __pfx_ksys_read+0x10/0x10
[  190.286118][ T6795]  ? do_syscall_64+0xbe/0x3b0
[  190.286139][ T6795]  do_syscall_64+0xfa/0x3b0
[  190.286163][ T6795]  ? lockdep_hardirqs_on+0x9c/0x150
[  190.286189][ T6795]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.286206][ T6795]  ? clear_bhb_loop+0x60/0xb0
[  190.286229][ T6795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.286246][ T6795] RIP: 0033:0x7fcc8358d33c
[  190.286263][ T6795] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  190.286278][ T6795] RSP: 002b:00007fcc8430e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  190.286300][ T6795] RAX: ffffffffffffffda RBX: 00007fcc837b5fa0 RCX: 00007fcc8358d33c
[  190.286313][ T6795] RDX: 000000000000000f RSI: 00007fcc8430e0a0 RDI: 0000000000000004
[  190.286323][ T6795] RBP: 00007fcc8430e090 R08: 0000000000000000 R09: 0000000000000000
[  190.286334][ T6795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.286344][ T6795] R13: 0000000000000000 R14: 00007fcc837b5fa0 R15: 00007ffe168c7508
[  190.286375][ T6795]  </TASK>
[  190.821506][ T6801] netlink: 12 bytes leftover after parsing attributes in process `syz.1.236'.
[  190.837151][ T6801] i2c i2c-0: Invalid block write size 34
[  191.415067][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  191.668878][ T5944] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  192.521876][ T1224] usb 4-1: USB disconnect, device number 6
[  192.784478][ T5944] usb 3-1: Using ep0 maxpacket: 8
[  192.977418][ T5944] usb 3-1: unable to get BOS descriptor or descriptor too short
[  192.988069][ T5944] usb 3-1: config 4 has an invalid interface number: 147 but max is 0
[  192.996293][ T5944] usb 3-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  193.041997][ T6490] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  193.138166][ T5944] usb 3-1: config 4 has no interface number 0
[  193.181929][ T5944] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  193.218434][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.258896][ T5944] usb 3-1: Product: syz
[  193.322721][ T5944] usb 3-1: Manufacturer: syz
[  193.352664][ T5944] usb 3-1: SerialNumber: syz
[  193.661142][ T6834] netlink: 200 bytes leftover after parsing attributes in process `syz.0.241'.
[  193.672569][ T6834] netlink: 44 bytes leftover after parsing attributes in process `syz.0.241'.
[  193.863628][ T6805] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  194.040276][ T6802] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  194.324955][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  194.799839][ T5944] usb 3-1: Found UVC 0.02 device syz (04f2:b746)
[  194.806320][ T5944] usb 3-1: No valid video chain found.
[  194.819884][ T6834] netlink: 'syz.0.241': attribute type 1 has an invalid length.
[  194.845594][ T5944] usb 3-1: USB disconnect, device number 3
[  194.867946][ T6834] netlink: 224 bytes leftover after parsing attributes in process `syz.0.241'.
[  194.938294][ T6842] netlink: 12 bytes leftover after parsing attributes in process `syz.1.243'.
[  194.964990][ T6842] i2c i2c-0: Invalid block write size 34
[  197.217368][ T2964] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  198.421989][ T6871] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.430608][ T6871] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.583667][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  198.583689][   T30] audit: type=1326 audit(1752017278.067:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6874 comm="syz.0.250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc17278e929 code=0x0
[  198.806546][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  201.427861][ T5916] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  202.433481][ T5916] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  202.547168][ T5916] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.557125][ T5916] usb 1-1: config 0 interface 0 has no altsetting 0
[  202.564808][ T5916] usb 1-1: New USB device found, idVendor=056a, idProduct=00cc, bcdDevice= 0.00
[  202.574004][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.599960][ T5916] usb 1-1: config 0 descriptor??
[  202.628886][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  204.760706][ T6932] ptrace attach of "./syz-executor exec"[5844] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  204.767742][ T6932] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  205.457051][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  205.835729][ T6938] netlink: 8 bytes leftover after parsing attributes in process `syz.4.265'.
[  207.464461][ T5944] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  207.719052][ T6953] netlink: 28 bytes leftover after parsing attributes in process `syz.3.268'.
[  207.741419][ T5916] usbhid 1-1:0.0: can't add hid device: -32
[  207.769912][ T5916] usbhid 1-1:0.0: probe with driver usbhid failed with error -32
[  207.811576][ T6490] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  208.104528][ T5944] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  208.117815][ T5944] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  208.129643][   T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  208.191817][ T5944] usb 3-1: Product: syz
[  208.196045][ T5944] usb 3-1: SerialNumber: syz
[  208.236828][ T5944] usb 3-1: config 0 descriptor??
[  208.328505][   T24] usb 5-1: Using ep0 maxpacket: 32
[  208.369620][   T24] usb 5-1: config 0 has an invalid interface number: 196 but max is 0
[  208.381136][   T24] usb 5-1: config 0 has no interface number 0
[  208.387385][   T24] usb 5-1: config 0 interface 196 has no altsetting 0
[  208.428674][   T24] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  208.441716][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.466369][   T24] usb 5-1: Product: syz
[  208.468871][ T5944] hso 3-1:0.0: Failed to find BULK IN ep
[  208.487691][   T24] usb 5-1: Manufacturer: syz
[  208.492350][   T24] usb 5-1: SerialNumber: syz
[  208.562460][ T5916] hid (null): invalid report_size 717855579
[  208.570309][ T5916] hid (null): unknown global tag 0xd
[  208.575665][ T5916] hid (null): unknown global tag 0xc
[  208.582950][   T24] usb 5-1: config 0 descriptor??
[  208.618928][ T5916] hid (null): invalid report_count 49575
[  208.639668][ T5916] hid (null): unknown global tag 0x76
[  208.713721][ T6945] netlink: 'syz.2.267': attribute type 3 has an invalid length.
[  208.805792][ T5916] hid-generic 0101:0006:0006.0002: unknown main item tag 0x2
[  208.875797][ T6950] gfs2: gfs2 mount does not exist
[  208.884402][ T5845] usb 3-1: USB disconnect, device number 4
[  208.920472][ T5916] hid-generic 0101:0006:0006.0002: invalid report_size 717855579
[  209.031813][ T6950] afs: Unknown parameter 'dynkaller'
[  209.067093][ T5916] hid-generic 0101:0006:0006.0002: item 0 4 1 7 parsing failed
[  209.231213][ T5916] hid-generic 0101:0006:0006.0002: probe with driver hid-generic failed with error -22
[  209.361127][   T24] ipheth 5-1:0.196: Unable to find endpoints
[  209.655640][ T5916] usb 1-1: USB disconnect, device number 3
[  209.824751][   T24] usb 5-1: USB disconnect, device number 7
[  210.060410][ T6977] netlink: 12 bytes leftover after parsing attributes in process `syz.4.276'.
[  210.998292][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  211.004553][ T6977] i2c i2c-0: Invalid block write size 34
[  211.166883][ T5944] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  211.717724][ T5944] usb 3-1: Using ep0 maxpacket: 8
[  211.726223][ T5944] usb 3-1: config 1 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  211.742625][ T5944] usb 3-1: config 1 interface 0 altsetting 2 bulk endpoint 0x3 has invalid maxpacket 8
[  211.758614][ T5159] Bluetooth: hci0: command 0x0406 tx timeout
[  211.765000][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[  211.771523][ T5850] Bluetooth: hci1: command 0x0406 tx timeout
[  211.777772][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[  211.777839][ T5159] Bluetooth: hci2: command 0x0406 tx timeout
[  211.822357][ T5944] usb 3-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  211.867255][ T5944] usb 3-1: config 1 interface 0 has no altsetting 0
[  211.886180][ T5944] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  211.897663][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.929349][ T5944] usb 3-1: Product: syz
[  211.944902][ T5944] usb 3-1: Manufacturer: syz
[  211.973363][ T5944] usb 3-1: SerialNumber: syz
[  212.053025][ T6975] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  212.078003][ T6975] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  212.311677][   T30] audit: type=1326 audit(1752017291.827:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6973 comm="syz.2.275" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcc8358e929 code=0x0
[  212.579332][ T6995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.603485][ T6995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.509206][ T2931] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  215.298647][ T5944] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  215.412450][ T5944] usb 3-1: USB disconnect, device number 5
[  215.477179][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  216.715845][ T3029] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  217.104323][    T9] libceph: connect (1)[c::]:6789 error -22
[  217.127436][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  217.540137][    T9] libceph: connect (1)[c::]:6789 error -22
[  217.611278][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  217.988158][ T7035] ceph: No mds server is up or the cluster is laggy
[  218.545311][    T9] libceph: connect (1)[c::]:6789 error -22
[  218.571848][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  220.176312][ T6490] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  221.673205][ T7088] vlan1: entered allmulticast mode
[  221.678509][ T7088] veth0_vlan: entered allmulticast mode
[  222.470381][  T993] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  223.494703][ T7096] erofs (device nullb0): cannot find valid erofs superblock
[  226.446644][ T2952] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  226.641428][ T7116] FAULT_INJECTION: forcing a failure.
[  226.641428][ T7116] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.702903][ T7116] CPU: 1 UID: 0 PID: 7116 Comm: syz.2.310 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  226.702931][ T7116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.702941][ T7116] Call Trace:
[  226.702949][ T7116]  <TASK>
[  226.702957][ T7116]  dump_stack_lvl+0x189/0x250
[  226.702983][ T7116]  ? __pfx____ratelimit+0x10/0x10
[  226.703011][ T7116]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.703031][ T7116]  ? __pfx__printk+0x10/0x10
[  226.703069][ T7116]  should_fail_ex+0x414/0x560
[  226.703101][ T7116]  _copy_to_user+0x31/0xb0
[  226.703126][ T7116]  simple_read_from_buffer+0xe1/0x170
[  226.703157][ T7116]  proc_fail_nth_read+0x1df/0x250
[  226.703181][ T7116]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.703203][ T7116]  ? rw_verify_area+0x258/0x650
[  226.703227][ T7116]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.703248][ T7116]  vfs_read+0x1fd/0x980
[  226.703279][ T7116]  ? __pfx___mutex_lock+0x10/0x10
[  226.703298][ T7116]  ? __pfx_vfs_read+0x10/0x10
[  226.703324][ T7116]  ? __fget_files+0x2a/0x420
[  226.703347][ T7116]  ? __fget_files+0x3a0/0x420
[  226.703363][ T7116]  ? __fget_files+0x2a/0x420
[  226.703391][ T7116]  ksys_read+0x145/0x250
[  226.703418][ T7116]  ? __pfx_ksys_read+0x10/0x10
[  226.703462][ T7116]  ? rcu_is_watching+0x15/0xb0
[  226.703490][ T7116]  ? do_syscall_64+0xbe/0x3b0
[  226.703512][ T7116]  do_syscall_64+0xfa/0x3b0
[  226.703527][ T7116]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.703553][ T7116]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.703571][ T7116]  ? clear_bhb_loop+0x60/0xb0
[  226.703602][ T7116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.703620][ T7116] RIP: 0033:0x7fcc8358d33c
[  226.703638][ T7116] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  226.703653][ T7116] RSP: 002b:00007fcc8430e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  226.703674][ T7116] RAX: ffffffffffffffda RBX: 00007fcc837b5fa0 RCX: 00007fcc8358d33c
[  226.703688][ T7116] RDX: 000000000000000f RSI: 00007fcc8430e0a0 RDI: 0000000000000006
[  226.703699][ T7116] RBP: 00007fcc8430e090 R08: 0000000000000000 R09: 0000000000000000
[  226.703710][ T7116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.703721][ T7116] R13: 0000000000000000 R14: 00007fcc837b5fa0 R15: 00007ffe168c7508
[  226.703751][ T7116]  </TASK>
[  226.957326][ T7120] 9pnet_fd: Insufficient options for proto=fd
[  228.239445][ T6490] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  228.302219][ T7132] usb usb8: usbfs: process 7132 (syz.2.315) did not claim interface 0 before use
[  229.626220][ T7152] netlink: 16 bytes leftover after parsing attributes in process `syz.3.320'.
[  230.166790][ T5944] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  230.265408][ T7154] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  230.277362][ T7154] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  230.288543][ T7154] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  232.299749][   T56] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  233.653547][ T2931] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  235.695038][ T7197] netlink: 12 bytes leftover after parsing attributes in process `syz.2.330'.
[  235.805313][ T7197] i2c i2c-0: Invalid block write size 34
[  238.930465][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  239.127140][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  240.895058][ T7241] FAULT_INJECTION: forcing a failure.
[  240.895058][ T7241] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.908268][ T7241] CPU: 1 UID: 0 PID: 7241 Comm: syz.4.340 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  240.908293][ T7241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.908304][ T7241] Call Trace:
[  240.908312][ T7241]  <TASK>
[  240.908320][ T7241]  dump_stack_lvl+0x189/0x250
[  240.908347][ T7241]  ? __pfx____ratelimit+0x10/0x10
[  240.908386][ T7241]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.908407][ T7241]  ? __pfx__printk+0x10/0x10
[  240.908447][ T7241]  should_fail_ex+0x414/0x560
[  240.908481][ T7241]  _copy_to_user+0x31/0xb0
[  240.908506][ T7241]  simple_read_from_buffer+0xe1/0x170
[  240.908539][ T7241]  proc_fail_nth_read+0x1df/0x250
[  240.908563][ T7241]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  240.908586][ T7241]  ? rw_verify_area+0x258/0x650
[  240.908609][ T7241]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  240.908630][ T7241]  vfs_read+0x1fd/0x980
[  240.908661][ T7241]  ? __pfx___mutex_lock+0x10/0x10
[  240.908680][ T7241]  ? __pfx_vfs_read+0x10/0x10
[  240.908706][ T7241]  ? __fget_files+0x2a/0x420
[  240.908730][ T7241]  ? __fget_files+0x3a0/0x420
[  240.908746][ T7241]  ? __fget_files+0x2a/0x420
[  240.908774][ T7241]  ksys_read+0x145/0x250
[  240.908802][ T7241]  ? __pfx_ksys_read+0x10/0x10
[  240.908833][ T7241]  ? do_syscall_64+0xbe/0x3b0
[  240.908856][ T7241]  do_syscall_64+0xfa/0x3b0
[  240.908872][ T7241]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.908897][ T7241]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.908916][ T7241]  ? clear_bhb_loop+0x60/0xb0
[  240.908939][ T7241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.908957][ T7241] RIP: 0033:0x7f662538d33c
[  240.908975][ T7241] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  240.908989][ T7241] RSP: 002b:00007f6626240030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  240.909010][ T7241] RAX: ffffffffffffffda RBX: 00007f66255b6160 RCX: 00007f662538d33c
[  240.909023][ T7241] RDX: 000000000000000f RSI: 00007f66262400a0 RDI: 0000000000000008
[  240.909035][ T7241] RBP: 00007f6626240090 R08: 0000000000000000 R09: 0000000000000000
[  240.909046][ T7241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.909057][ T7241] R13: 0000000000000000 R14: 00007f66255b6160 R15: 00007fff760b9f08
[  240.909089][ T7241]  </TASK>
[  244.262316][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  244.364617][ T7267] Invalid source name
[  244.371924][ T7267] UBIFS error (pid: 7267): cannot open "./file0", error -22
[  244.500001][ T7270] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  246.440791][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  246.518234][ T7278] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  246.576361][ T7278] CIFS mount error: No usable UNC path provided in device string!
[  246.576361][ T7278] 
[  246.628184][ T7278] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  250.046322][ T3010] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  250.684341][ T7300] bond0 (unregistering): Released all slaves
[  251.109196][ T7328] Bluetooth: MGMT ver 1.23
[  251.915450][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  255.760268][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  255.767679][ T7361] ------------[ cut here ]------------
[  255.774171][ T7361] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl726.c:331:46
[  255.796878][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  255.867641][ T7361] shift exponent 32 is too large for 32-bit type 'int'
[  255.933008][ T7361] CPU: 1 UID: 0 PID: 7361 Comm: syz.2.373 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  255.933039][ T7361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  255.933049][ T7361] Call Trace:
[  255.933057][ T7361]  <TASK>
[  255.933066][ T7361]  dump_stack_lvl+0x189/0x250
[  255.933098][ T7361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.933121][ T7361]  ? __pfx__printk+0x10/0x10
[  255.933164][ T7361]  ubsan_epilogue+0xa/0x40
[  255.933198][ T7361]  __ubsan_handle_shift_out_of_bounds+0x386/0x410
[  255.933232][ T7361]  ? __kmalloc_noprof+0x29b/0x4f0
[  255.933269][ T7361]  pcl726_attach+0xac4/0xd50
[  255.933313][ T7361]  comedi_device_attach+0x520/0x670
[  255.933342][ T7361]  comedi_unlocked_ioctl+0x686/0xf40
[  255.933380][ T7361]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  255.933425][ T7361]  ? __pfx_smack_log+0x10/0x10
[  255.933448][ T7361]  ? smk_access+0x14c/0x4e0
[  255.933478][ T7361]  ? smk_tskacc+0x2fc/0x370
[  255.933507][ T7361]  ? smack_file_ioctl+0x24a/0x340
[  255.933536][ T7361]  ? __pfx_smack_file_ioctl+0x10/0x10
[  255.933573][ T7361]  ? __fget_files+0x2a/0x420
[  255.933591][ T7361]  ? __fget_files+0x3a0/0x420
[  255.933607][ T7361]  ? __fget_files+0x2a/0x420
[  255.933629][ T7361]  ? bpf_lsm_file_ioctl+0x9/0x20
[  255.933647][ T7361]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  255.933670][ T7361]  __se_sys_ioctl+0xf9/0x170
[  255.933695][ T7361]  do_syscall_64+0xfa/0x3b0
[  255.933713][ T7361]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.933740][ T7361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.933759][ T7361]  ? clear_bhb_loop+0x60/0xb0
[  255.933783][ T7361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.933807][ T7361] RIP: 0033:0x7fcc8358e929
[  255.933825][ T7361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.933841][ T7361] RSP: 002b:00007fcc8430e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  255.933861][ T7361] RAX: ffffffffffffffda RBX: 00007fcc837b5fa0 RCX: 00007fcc8358e929
[  255.933875][ T7361] RDX: 0000200000000200 RSI: 0000000040946400 RDI: 000000000000000a
[  255.933887][ T7361] RBP: 00007fcc83610b39 R08: 0000000000000000 R09: 0000000000000000
[  255.933898][ T7361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.933908][ T7361] R13: 0000000000000000 R14: 00007fcc837b5fa0 R15: 00007ffe168c7508
[  255.933943][ T7361]  </TASK>
[  255.997723][ T7361] ---[ end trace ]---
[  256.215873][ T7361] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  256.223200][ T7361] CPU: 1 UID: 0 PID: 7361 Comm: syz.2.373 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) 
[  256.235195][ T7361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  256.245252][ T7361] Call Trace:
[  256.248535][ T7361]  <TASK>
[  256.251463][ T7361]  dump_stack_lvl+0x99/0x250
[  256.256083][ T7361]  ? __asan_memcpy+0x40/0x70
[  256.260672][ T7361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.265866][ T7361]  ? __pfx__printk+0x10/0x10
[  256.270466][ T7361]  panic+0x2db/0x790
[  256.274362][ T7361]  ? __pfx_panic+0x10/0x10
[  256.278770][ T7361]  ? _printk+0xcf/0x120
[  256.282944][ T7361]  ? __pfx__printk+0x10/0x10
[  256.287575][ T7361]  check_panic_on_warn+0x89/0xb0
[  256.292516][ T7361]  __ubsan_handle_shift_out_of_bounds+0x386/0x410
[  256.298931][ T7361]  ? __kmalloc_noprof+0x29b/0x4f0
[  256.303959][ T7361]  pcl726_attach+0xac4/0xd50
[  256.308574][ T7361]  comedi_device_attach+0x520/0x670
[  256.313864][ T7361]  comedi_unlocked_ioctl+0x686/0xf40
[  256.319161][ T7361]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  256.324981][ T7361]  ? __pfx_smack_log+0x10/0x10
[  256.329746][ T7361]  ? smk_access+0x14c/0x4e0
[  256.334271][ T7361]  ? smk_tskacc+0x2fc/0x370
[  256.338778][ T7361]  ? smack_file_ioctl+0x24a/0x340
[  256.343809][ T7361]  ? __pfx_smack_file_ioctl+0x10/0x10
[  256.349186][ T7361]  ? __fget_files+0x2a/0x420
[  256.353770][ T7361]  ? __fget_files+0x3a0/0x420
[  256.358440][ T7361]  ? __fget_files+0x2a/0x420
[  256.363026][ T7361]  ? bpf_lsm_file_ioctl+0x9/0x20
[  256.367966][ T7361]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  256.373770][ T7361]  __se_sys_ioctl+0xf9/0x170
[  256.378362][ T7361]  do_syscall_64+0xfa/0x3b0
[  256.382863][ T7361]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.388094][ T7361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.394157][ T7361]  ? clear_bhb_loop+0x60/0xb0
[  256.399218][ T7361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.405101][ T7361] RIP: 0033:0x7fcc8358e929
[  256.409512][ T7361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.429287][ T7361] RSP: 002b:00007fcc8430e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.437699][ T7361] RAX: ffffffffffffffda RBX: 00007fcc837b5fa0 RCX: 00007fcc8358e929
[  256.445671][ T7361] RDX: 0000200000000200 RSI: 0000000040946400 RDI: 000000000000000a
[  256.453737][ T7361] RBP: 00007fcc83610b39 R08: 0000000000000000 R09: 0000000000000000
[  256.461703][ T7361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.469667][ T7361] R13: 0000000000000000 R14: 00007fcc837b5fa0 R15: 00007ffe168c7508
[  256.477645][ T7361]  </TASK>
[  256.480963][ T7361] Kernel Offset: disabled
[  256.485323][ T7361] Rebooting in 86400 seconds..