last executing test programs:

7m51.993063853s ago: executing program 3 (id=190):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000340)='scalable\x00', 0x9)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)=@newtaction={0x164, 0x30, 0x300, 0x0, 0x0, {0x9}, [{0x150, 0x1, [@m_sample={0x14c, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x120, 0x6, "a06e21ee2de933f5694d31cda4204336d7075528b2ffe3cbb7bd089af3167783d46096df5791a0fade0ffabfebc3a790edb9ef272fc2597c76f0aae879fd828c2b31f259c90d1c541800a9ed04c506b73b14703f78568480768d780237cfbd2ce76d07dab4a78ea14173a587a70860b9a5822e10524b03208996d476779c02580b53ab408cf485dbab0c05274af544dd670a1e3dde4a18008f44e29546c8b9ae491d00868bfdd5b8c1f40c81b643204fbbc01f56529c83e0a57f68a91854452d3cbbdef34e0f8309265e649fa17fbf6b5e78748dbf297d22fa6a998a99c2787050e730e1be8f4cfa053ad2b52dd744f9021a2152d591a35996fc2fccddebc559438b910a5b8041161a7961e7ac1d8afab17d7a000000000000000000"}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x164}}, 0x20008801)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)=ANY=[@ANYBLOB="3800000054000100010000000000000007000000", @ANYRES32=0x0, @ANYBLOB="0000000041fa80ea7b110bb21086bf7ef982a1add473661eeb534068cd116595d138b5090e518e35f6df7747cdd1897e6dd55655404d597bd6289161585998d915db5489886910d13452d9fe6020c767bec4985ff09286c1a41c6922d53a78d98b0bb97005a1335acbb9efc194e51ef7d7160f4ef8572f6b39723d86b54a9e3ccedf6c510631c25915973398adc90d9121f18fe0b2", @ANYRES32=0x0, @ANYBLOB="01000300ac1e000100000000000000000000000086dd0000"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x19)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r7, 0x4068aea3, &(0x7f0000000380)={0xd5, 0x0, 0x20})
mq_unlink(&(0x7f0000000000)='}j\xe5\xf9xFe\xa2^5\f\xaeyS\xc2Qj\xe7B^\xb1\x12@\x00\x00\x00\x1c\xe63\x92\xd0\x9d\x87\x0e\xf5\b^\xbb\xbf\x8epA\xb8\xdb\xf6\x17\xeb\xa9\x13\x11\xa4\x8e\xce\x98\xdf\xf6g\x1c\xb6\x1e\x8d\x9a\xde\x99C5$\xd3^\xa6X\x82\t}X\xfe^\xc3\x03\x04\xff\xd8\xbc\xfam\xa4\x04\xf2s\xba\xe4(\x10 \xd5s\xce&\x7fQ\xae{m\xcd\x7fJ\xee&\xf3JM\xf1\xe13>L\xa5\t\x82pH,\x8c\xc5\x8b\xf6\xae\x88K+\x1b=RE\xd6\x87\x89P6\xe6\a\x82<\xa1N\x16[\xa5a^\xe2\x02\x8b\xafE\xdd\x14\xe3\xfe\x93<P\x8a6\xdd>\xb9\x1e\xf5Y<\xb1\x0f\xd7=\xc1\xfd\x8c\x01\xdc\xa4(5(\xf4\x90_pg\xe8\xb7\\\xb38\x92\xe0\xf8\xbf\x15rt\xafr}\x86\x93\\\xa6\xe9\x0f\xfb\x9fl\xe72K\x8f\x82n\xcf\xaa\xe2oH\x0f\xa8\xc1\xbfe+Pr\x9czl\xf7?j\xa3~\xa1\x02\x1b\xca\x97 \xe0\xed\xda\x16G`\xe563b\xe4\"\xec\xbf=S|\xf2\\2{\xd3\xa0\xb1\xa4fwl8\x9a\x1d~\x92\xdf\xb3\xdf,\x0fx\x94\xa0\'~:\x91\xf0\xb1\xad\x85i\x92<x\x19\xd2\x10\x85w\xf1\xa39\xa3\xc0&\x94\x03,\x8et\x05\xcc<*\x97s\x05g\xb0\x04+T\x15\x9a\xd3OX_\x8c\xeb(%\xfanp\x06\xd2\xa0Z0\xc2\x99\xfa\a{\xc6\x01\xedo\xf8\xe4u\x00\aX#\x0f\x92\x93H\x03\xb3\xdfXn\x02S\x90\xd4\x94\xc9\xc3\xf5\xd9L\x1a\'\xf0\xc6\xc9\xd3\x06n\xf0nd\x118\xdc\n\x8c\xaf\x1a\xe9\xc3o\x91\xb9S\xdb\xb2F\xba9\x1b\x9d\x81\xff\xaf\xf4\x16\x95S\xa7\xa7\x1e\xb8\'?-\xa5h\x13\r\x14\xa5\xa1\x13\xfe\xf1\x15y\xbf\xae\x04\a\xbb\xcd\x00\xe7\x035(\xfa\xe0\xde\xde\x90\\\x02\x88\xa4\xad~0\xcd\x11<\x89\x83,.\xa4\x99\xfaR\xf3\fC\xfa\xe0\xb9V\x19\x83\x0f\xd4Y\xe4\xa41z\xd9\xf5\xdc\xb7\x88b\x9c\xfb\xdb\x00\x00\xeb\x1313\x15\xbe\xb7gn\xaa\xeff\xe7A\xc2}V9\xfa\xd0(\aH')

7m48.788983097s ago: executing program 3 (id=197):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/softnet_stat\x00')
read$FUSE(r0, &(0x7f0000002940)={0x2020}, 0x2020)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000280)={[0x6]}, 0x8)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100002000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0xc, @empty, 0xffffd793}}, 0x0, 0x7}, &(0x7f00000000c0)=0x90)
sendmsg$nl_route(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r6, @ANYBLOB="06001500070000000c00168008000100", @ANYRES16=r5], 0x38}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000006b3b5cddcd2262c9122e3e52742c000000131c2975fec0c28e930000000071181a0000000069e4070702a3a23f02fe5bdd25edba48359c6a1f88a505d0d4b30ec0dd60e4b273585a414c8c68b52013c93a5fe69ed6765ee482f62c2aa9d5f86bb8343146dfa8bbd37b9f25da65bcfc1acc18eed60b9c690f1cd9b5b4a595900fbba37c463c2ee9c28c0b9086ac1a6dd9c0d033092dc44c1b76af6d67d3d49131b2a63cfec961e848db98bd11259ca5eae54606a69a3fca5680f0123cd9e7f2f318bbd138738075b47deb1c93b039c859943ad99d26bece8da2711332ef87237a00db524bbe0ca4d1631ad6706113549b0ecebba1956a05bf99ced568830c85fbb0a68b59a7c8bf7fd39a4e2e7aa9bdacbee60458f189450cd0bb3c1f82f4b4c913b7221e8cca3b8ec5f2113e0c18c2e76f65c1d40b00f2c804b1477e84805e3530d2e4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r9 = dup3(r8, r7, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0xfcffffffffffffff, &(0x7f0000000140)="cc"})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000740)=[@dead_binder_done], 0x0, 0x0, 0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000005100080025bd7000ffdbdf2507000000", @ANYRES32=0x0, @ANYBLOB="100001800c00048008000200130000000c0001800800010024000200"], 0x34}, 0x1, 0x0, 0x0, 0x30008054}, 0x20000000)
ioctl$SIOCX25SSUBSCRIP(r2, 0x89e1, &(0x7f0000000240)={'dummy0\x00', 0x800, 0x8})

7m47.487434382s ago: executing program 3 (id=203):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, 0x0, 0x0, 0x4814)
recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1}, 0xffffff0d}], 0x2, 0x2001, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x2f, &(0x7f0000000080), 0x24)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r9 = syz_open_procfs(0x0, 0x0)
preadv(r9, 0x0, 0x0, 0x2, 0x3)
sendto$inet(r8, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r8, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)

7m45.785929114s ago: executing program 3 (id=207):
socket$netlink(0x10, 0x3, 0x10)
socket(0x27, 0x3, 0xe736)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRESOCT], 0x20)

7m43.90237109s ago: executing program 3 (id=212):
socket(0x400000000010, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x9, @empty, 0x2}, 0x1c)
listen(r0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
unshare(0x2040400)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0x9, 0x4, 0x2, 0x0, 0x2, 0x7}, 0x0, 0x0)

7m42.34498965s ago: executing program 3 (id=216):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f00000001c0)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000340)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000002240)=ANY=[], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040), 0x10}, 0x94)
r3 = getpgid(0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, r3, 0x7, r4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0x4, 0x0, &(0x7f0000000200)="49bbc86c", 0x0, 0xae5b, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x50)
r5 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c"})
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x0, 0x0, 0x3f00, 0x1f00, 0x0, 0x0})
r6 = syz_open_dev$vcsn(0x0, 0x80000001, 0x2000)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000240)={0x2})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_open_dev$media(&(0x7f00000004c0), 0x40, 0x8000)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r7, 0x80047c05, &(0x7f0000000180)=<r8=>0xffffffffffffffff)
ioctl$MEDIA_REQUEST_IOC_QUEUE(r8, 0x7c80, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000f80)={0x34, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xffb)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

7m26.857887429s ago: executing program 32 (id=216):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f00000001c0)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000340)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000002240)=ANY=[], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040), 0x10}, 0x94)
r3 = getpgid(0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, r3, 0x7, r4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0x4, 0x0, &(0x7f0000000200)="49bbc86c", 0x0, 0xae5b, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x50)
r5 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c"})
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x0, 0x0, 0x3f00, 0x1f00, 0x0, 0x0})
r6 = syz_open_dev$vcsn(0x0, 0x80000001, 0x2000)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000240)={0x2})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_open_dev$media(&(0x7f00000004c0), 0x40, 0x8000)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r7, 0x80047c05, &(0x7f0000000180)=<r8=>0xffffffffffffffff)
ioctl$MEDIA_REQUEST_IOC_QUEUE(r8, 0x7c80, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000f80)={0x34, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xffb)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

6m17.756214799s ago: executing program 2 (id=406):
r0 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x30, r0, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3800000000000000}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x30}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/disk', 0x21a02, 0x13a)
sendfile(r2, r3, 0x0, 0x101)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, './file0\x00'})
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000040)={0x3, r4, 0x2})

6m15.745226071s ago: executing program 2 (id=409):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
syz_clone3(&(0x7f0000000b80)={0x204200000, 0x0, 0x0, 0x0, {0x18}, 0x0, 0x0, 0x0, &(0x7f0000000a80)=[0x0], 0x1, {r0}}, 0x58)

6m15.19873729s ago: executing program 2 (id=412):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140))
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0)
r5 = dup(r4)
read$FUSE(r5, &(0x7f0000019300)={0x2020}, 0x2020)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000ad0dc404c7a7568dadd39e8d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r6}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000063f9ffff00000000000000008500000041000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085040000a5c90b000000000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'}) (fail_nth: 4)
write$sndseq(r7, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f0000000040)={0x32b, @time={0x5, 0xc0}, 0xff, {}, 0x0, 0x0, 0x4})
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6m12.065681714s ago: executing program 2 (id=418):
syz_open_dev$sndpcmc(0x0, 0x0, 0xa340658bc40d4f52)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x1b, 0x0, 0x0, 0x103}, 0x28)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0)
r4 = syz_io_uring_setup(0x1f87, 0x0, &(0x7f0000000400)=<r5=>0x0, &(0x7f0000000280))
r6 = syz_io_uring_setup(0x1de5, &(0x7f0000000340)={0x0, 0xfffffffe, 0x10100, 0x0, 0x245, 0x0, r4}, &(0x7f0000000140), &(0x7f0000000100)=<r7=>0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
listen(r8, 0x0)
syz_io_uring_submit(r5, r7, &(0x7f0000000800)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r8, 0x0})
io_uring_enter(r6, 0x19d8, 0xc74a, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)

6m10.377708082s ago: executing program 2 (id=420):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendto$l2tp(0xffffffffffffffff, &(0x7f0000000580)="74e4b542a2ad3177290efb27849ac6b27fc4111dc23317598a874080528f337e141ad1ebe2518aa45b8fe1abf868681643d3d170950d62003518ce16d3362fcfc3b5f4d429fbcba2244d428ec20236070ae801000000e3de0ca54ab0f5762fbdd9617e9c4066e73aa6f52f9705c809084767897a1135eceb8f8959d66acc11aa8d368c757055fdc0159c3cb88bc5af20d5b648f102aa124e27c0efdb9b3af8e1f418bbe98ef18fc60b2abaeea040bc0e1d964c22dbf733a82e21b0435a593ddbfb5028502b875c7fb2b38c6b76c4c12401426a", 0xd3, 0x800, &(0x7f0000000180)={0x2, 0x0, @broadcast, 0x2000002}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0), 0x20302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
prctl$PR_MCE_KILL(0x21, 0x0, 0x3)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
fsmount(r0, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000300da871363fe18eaadce172385560c90a10033f605007400400001802c0004001400010002acde00ac14140f00000000000000001400020002000000ffffffff000000"], 0x54}, 0x1, 0x0, 0x0, 0x40050}, 0x4)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fbdbdf2505000000200001800d0001007564703a73797a32"], 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r4 = socket$kcm(0x25, 0x4, 0x0)
recvmsg$kcm(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x160)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='squashfs\x00', 0x208000, 0x0)
io_uring_setup(0x563e, &(0x7f00000000c0)={0x0, 0x9a74, 0x10, 0x401, 0x20002bd})
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$int_in(r5, 0x5452, &(0x7f00000002c0)=0xfffffffffffffff3)
sendto$inet(r5, 0x0, 0x0, 0x4, &(0x7f0000001080)={0x2, 0x4e20, @empty}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r6, &(0x7f0000000080)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xf4ff7fba}, 0x0)

6m8.320112311s ago: executing program 2 (id=425):
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
remap_file_pages(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x4, 0x10000)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x3fffff)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
close(0xffffffffffffffff)

5m52.440529654s ago: executing program 33 (id=425):
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
remap_file_pages(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x4, 0x10000)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x3fffff)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
close(0xffffffffffffffff)

23.30670803s ago: executing program 4 (id=1330):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x3c, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@nested={0x10, 0x136, 0x0, 0x1, [@typed={0x9, 0x2, 0x0, 0x0, @binary="b27d9adc61"}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x8e\n'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x1bb)
getdents64(r4, &(0x7f0000000440)=""/98, 0x62)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r7, 0x40045402, &(0x7f0000000140))
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x101, 0x0, 0xe})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f0000000380)={0x6, 0x3ff, 0x103, 0x0, 0xe})
r8 = getpgid(0xffffffffffffffff)
sched_setscheduler(r8, 0x2, &(0x7f00000010c0)=0x6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0xb, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, &(0x7f0000001f00)=""/4096, &(0x7f0000000780), &(0x7f0000000b40), 0x4, r6}, 0x38)
socket$kcm(0xa, 0x2, 0x73)

21.448847533s ago: executing program 4 (id=1336):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310001001000000950074000000000031fb0d3a42319fa204399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b60ac5ea9fca11027d19e93adb603deb92de3141e8fd7ac5b87a2070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba5fc4a5a17d103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000002340)={'HL\x00'}, &(0x7f0000002380)=0x1e)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r4})
r5 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
pread64(r5, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r7, &(0x7f0000004a80)={0x0, 0x0, &(0x7f0000004a40)={&(0x7f00000049c0)={0x14, 0x3, 0x7, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x40005}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r8, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x400000, 0x5, "0100"})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team_slave_1\x00'})

17.769152717s ago: executing program 1 (id=1342):
socket(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d083911000000000000a1180015000600142603600e120900210000000401a80016000400144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
r7 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82403)
ioctl$CEC_S_MODE(r7, 0x40046109, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

14.718552438s ago: executing program 6 (id=1343):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r3 = syz_io_uring_setup(0x10d2, &(0x7f0000000540)={0x0, 0x7731, 0x80, 0x0, 0x34c}, &(0x7f0000000600)=<r4=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x4, 0x1cd83f7c25e05491, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x1, {0x3}})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)

13.526140815s ago: executing program 1 (id=1344):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000016d0cffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000003704000000ffffffdd4005000000000034000000016d00007b130000000000001d440100000000007a0a00fe00ffffffdb03000040000000b5000000000000009500000000000000023bc065b70300c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc20eec363e4a8f6456e5ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009df5daf87068a602a018628efc56c752af4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7c3abee0712f5f6b4ee5e459493113d8697502c7596566d674e425da5e87e59602a9f6590521d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7bea19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecfd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000999d09ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac494e0b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a42b46979f99f6a1527f004f1e37a3926937e84fb478199dc1ac486e2ea6020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2245e761f5a3bfdcdc18ac27db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b706bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b056c90dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a53a02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d6d4fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d0687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520542c1f725402404f37cda7868234eeefbd472c7b396c182f23e00bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472ec9af3327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834600d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc723e173d14b65bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3884123633e9af67a0972612b5874f2a4bb21772c35bf437c31afa5990a8bb584792aea1353f0e2739cea006984449fec118b5e8545c976a7bd829fdc88855c1641593f4f825e72b56be89c5900666a2edf"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

13.466413486s ago: executing program 4 (id=1346):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x3c, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@nested={0x10, 0x136, 0x0, 0x1, [@typed={0x9, 0x2, 0x0, 0x0, @binary="b27d9adc61"}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x8e\n'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x1bb)
getdents64(r4, &(0x7f0000000440)=""/98, 0x62)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r7, 0x40045402, &(0x7f0000000140))
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x101, 0x0, 0xe})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f0000000380)={0x6, 0x3ff, 0x103, 0x0, 0xe})
r8 = getpgid(0xffffffffffffffff)
sched_setscheduler(r8, 0x2, &(0x7f00000010c0)=0x6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0xb, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, &(0x7f0000001f00)=""/4096, &(0x7f0000000780), &(0x7f0000000b40), 0x4, r6}, 0x38)
socket$kcm(0xa, 0x2, 0x73)

12.581231516s ago: executing program 6 (id=1348):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendto$l2tp(0xffffffffffffffff, &(0x7f0000000580)="74e4b542a2ad3177290efb27849ac6b27fc4111dc23317598a874080528f337e141ad1ebe2518aa45b8fe1abf868681643d3d170950d62003518ce16d3362fcfc3b5f4d429fbcba2244d428ec20236070ae801000000e3de0ca54ab0f5762fbdd9617e9c4066e73aa6f52f9705c809084767897a1135eceb8f8959d66acc11aa8d368c757055fdc0159c3cb88bc5af20d5b648f102aa124e27c0efdb9b3af8e1f418bbe98ef18fc60b2abaeea040bc0e1d964c22dbf733a82e21b0435a593ddbfb5028502b875c7fb2b38c6b76c4c12401426a", 0xd3, 0x800, &(0x7f0000000180)={0x2, 0x0, @broadcast, 0x2000002}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0), 0x20302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
prctl$PR_MCE_KILL(0x21, 0x0, 0x3)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
fsmount(r0, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000300da871363fe18eaadce172385560c90a10033f605007400400001802c0004001400010002acde00ac14140f00000000000000001400020002000000ffffffff00"], 0x54}, 0x1, 0x0, 0x0, 0x40050}, 0x4)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fbdbdf2505000000200001800d0001007564703a73797a32"], 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r4 = socket$kcm(0x25, 0x4, 0x0)
recvmsg$kcm(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x160)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='squashfs\x00', 0x208000, 0x0)
io_uring_setup(0x563e, &(0x7f00000000c0)={0x0, 0x9a74, 0x10, 0x401, 0x20002bd})
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$int_in(r5, 0x5452, &(0x7f00000002c0)=0xfffffffffffffff3)
sendto$inet(r5, 0x0, 0x0, 0x4, &(0x7f0000001080)={0x2, 0x4e20, @empty}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r6, &(0x7f0000000080)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xf4ff7fba}, 0x0)

12.445396217s ago: executing program 1 (id=1349):
r0 = io_uring_setup(0x74f8, &(0x7f00000005c0))
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400000028", 0xf)
r3 = dup(r1)
r4 = accept4(r2, 0x0, 0x0, 0x0)
sendfile(r4, r3, 0x0, 0x8a002)
close_range(r0, 0xffffffffffffffff, 0x0)

11.692610038s ago: executing program 4 (id=1351):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents(r4, 0x0, 0x20)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e1100d6704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6ccb0e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f41c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111ff6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab43fa6104d5a99aa36b73ac3622ccae12252457cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd4132290b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc408a1258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a16d470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="50010000000000000000000000000000060000000000000002000000000000000600000000000000060000000000000005000000ffffffff090000000000000003000000000000000e010000000000000400000000000000000000000000000008000000000000000001000003000000040000000020000005000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0300000007000000000000000400000000000000000003000000"], 0x0, 0x0, 0x0})

9.293097605s ago: executing program 5 (id=1352):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
connect(r0, &(0x7f0000000040)=@ethernet={0x1, @random="ccf785e13649"}, 0x80)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000002100010000000000000000000a0000000000000000000000050019"], 0x24}}, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='.', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

9.183044516s ago: executing program 1 (id=1353):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
listen(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x145842, 0x0)
mount$nfs(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000280), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="7500130044c48257bf00ff"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[], [], 0x2f})
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\x00\xc2\x9aml\r\xcf\xaa\x13\x99\x85B\xc3\x06<\xc2\xa9\xc3\xdb\x88\xee\x85md\xc8\x85HX\xa9%\f\x8fe\xe0\x00\x00\xa8\xfdn\xbe \a\x0e\xa3\xb9\x1d\x9dO\xbdj\x00\x00\xfb\xff\x00c\xb2\xc9\ap\xd0\xa2\x82\x1e\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcb\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2\xa75\x9d\xcb\x1e\x80\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x00uNh\xc5(\xbc\xf3\xac{\x04D2\xf2\xcd\xc2{E\xae\x89\xddI\xc8\xc6\xe9\xef\x98\xf0\x8b\xac\xa7R\x10\x011\x9fi\x00\x00\x00\x00\x00\x00\x00\x00\x002?D\x86\x14\xa52<\x87n\xf4\x04R\x15\t\xb8\xbeT\xb8\xe7K)\x1fP\xb6\xce8\xcc\xabe\xcb\xd0\xf9\xc9\xfe_\v\xaa#\x8f\x8asu\xb2\xfe\xc4\xbe\x03\xd3\x93E\x1d\xaf}\x9b\xac\xc2\x9a\xe6W\x92sD\fn\x9e\xc2s\xc6_4\f\xc1\x8b\x9a\xa4_\xad\x9b\xb9 \v\x0f{>\xdf^.\xb8\x96\x1d\x99vY\xa8\xfa\xd7i\x94i^;\xaa\xe7XA\xd2\xc5\x02\x12I\xbe\xd0Ksq\x96 \xbf\xed\x1c\x91\xeeN\xda&\xddtG\xc2\xa8j\xae\xac)\xfdNu\x19\x91\xa7z\x1b\x0e\xab\xd2k\x16\x87#\xf6p#\x8d\xdd?\x9fXV\x12\xa9\xc7v\x02\x98g:4\xb6\xcaY\xc2~k\xcb\xef]h/\xa2\xaf\xc4\xec\xdc\xd4H\xed\x94qNY\x85\x87&\xf1\xbb\f\x02\x0fo\xae\xf4\x19|\xc4\xfcL\xdb\x00\xedrK\x13\xb5J?s\x93\xe6\xda\xf0\xf3B\x8d\xb4\xd8>\x12\xb0\x8e\x8d\xdaQ\xa2\xd0\xbc\x92d\x9e^\xbc\xd5\x8aNf\xefa\v*\xb08\xfc\xd2\xa4\x11`\xae\x98\xcc\xe1\xea\xc2\x1dKR\x0e\x1cK\x86\v\xba\xdfz\xa8\xdf\xb6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xe9\xb3@\xe8\a0\x1e\xb8L\x83\xc4\xa8\xb2\xc1\xf8\xae\x1d\x198\x0f\xfa\t\x88+\xdc\xe1\x01@\xbd\x8ba\"|\x14\x1bF\x9b\xd3\xff7\a\x1c:U\xba\xf4\t\xdc\xef\xe3\x11\xdb^\xee\x8c0\xee\xde6:\x80t\xfb\xbc^K\xb4\x8c9\xb0\xec\x82\x127!\x0e\xa3\xc9\xe0\xea\xfa\x0f\xbb\x0e \xc3\xef\xb2<S\xd8\x11\x8b\x9a0\xea1\xde_\xcfW\xfa', 0x3)
fsetxattr$security_ima(r4, 0x0, &(0x7f0000000280)=ANY=[], 0xfe49, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)

9.173456016s ago: executing program 4 (id=1354):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, 0x0, 0x80)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x2200}], 0x0, 0xa}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

9.09305229s ago: executing program 0 (id=1355):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={&(0x7f0000f4dff4), 0xc, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c0100002100010000000000000000f200000000000000000000ffffe0000001fe8000"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000c0111"], 0x15c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(r2, &(0x7f0000000440)=[{&(0x7f0000000040)="7e8c9c6557", 0x5}, {&(0x7f0000000880)="96e9c44b887660dd3d02b046f1954222a5e3697c8093593130210b55e0923d1f852d57ccdf9e404366f984e1c9a22ed9f45d227f16b209a5dc2c7c51899d537850ddec8399cdda7c95a609e0b1f6c92991e4c253228e03cabbea3bb15207852603adb2857604fc853d3a739e95e3621568204ef4ced3a5a8e6312f70ee4e7d4cb577397d169a33721ff483549be44493359dff5b843f0169af61bc2728f8d13c6f4f5e22567c3da241336871a110d5e7359cb732f64aa93e4a43ec7d856968bf5bee01e04740cdb2c4391d84f3a665474f8339b656b73807db823e1db80df9a6b7252291cb004cec9d7766574d3a3019237f3647f1b4ae2063f3d7f2d0159dbde60753133d0af0eb79075ee388fbd4b04f61d7b5310761a6b817be7c3b041350f92b1d442306851b3e108a7b5cbf8adfa06facc758136c78a590e0472a57594b20904c4c72c0cbfd40702e1aad02a6069b5d3c283c2b184263c4ea0681cd9fb94598027ced5f28949a68984352fcd6c800473d76af432173542ea30e661265efb03d2353d09e4228663a16bee6b92e35ab96aa7fd5e592167ce9b71941a5805ed5410072cbe57b771ffd98d2a0075aa12e8249891ccdbe321e6ebec3ef50c003f2a9c26d8f1325986a69c736a91c953e4c5a5ef07e5daa233a6baab0391e304f9db1763c35e2acd0eceabfcb4d39b428d12b2327747fac4912c21ef0be23401ad7ba6509eb746ca7907af92a4a9daa01f90d11fd839e2c579b3921c83004f94ab58c86a13b0819dc97e6383f2e5cef1a7d8bc1954a347464ec710e03d3f4e3705b52e62692c6eef3de687f8d944ec05fabee43d5932cc54a89ddd5854df35d3cf05fa9c59e9d095544140bdc9cc4f0459daf158210479058b6a6be78d5901c5cf657141d14ef86886cd9106db094ec594dd3bd3a06da441e54e28ca05c39327f139719434caf6228bc85c969100ace124397952300cfaf36625aafebd9262e5e4ee008c08d1953fb6c910c53a751652824419d904135bc0cca9ad9b58427684ab685d7748bb1cfca17bec046957db265ed9c0dfa7c374c5b32a911e8c41f7524772f4d79a3b122ee7c7b34c000940b76b78eec5b5494b2b6ea7cf77f93b25d06f0fbee593d5150f090b9be156e964b48ceef42dd58730ff55ed603f14d2702a73fa01c8d95962012db53c85c3d040e06ef9299d7db41e751e6b55a4fa2320ca766ff0180df83173f52e7c15e8121a3ad9ec715daccff43c26c039046e0af15ea70bbf339889662cf6841211a386070bdcba21f6c3181672c184c203bc50adf0cea9a202ffad2d7858e82fc39a30340cddc50bf566f64f2c5eda78b4b36afc414aa4514838228644a9efa9e02e7afef2ea58c56b703af8ca72a10a072660c41166647946e2e835d2247e159bf6fb25c14e06005ad5a1ec74bb4cfd701eb15dc88a7ee0ed8e0f8af6b59ca7cb2ef1ec0a4a7c1b9694762e3405c3a3e2310c097fe1f79fc7b6f7a2d1d20b2b2a09c28f1aa604eec6cb6e8748b5c3b69f8349ee6e8f9442c78c00544fcdf1ea1512b014fd4d262c7900d42df33d4f94387807e1fe6c1559c854c48e877cbe0e0a4ed4d3306b478fc851e0cdab37874b0f2627a6c5939246950e2e5dcdba8a542bfa3cfca927532513d6dfcfa4f417744f40f1bd0cb0fb1c9b2332075469497dab58a85698afa2d6fb35bc01d606364074a2d0140302c85155ef478ba37d9f983281027f562c3bfc824ca13811af05c737492030be586baa96ba78a37f9803b7e500752668fe923829b4873a1b104d381b6f9a1326fabfaa3515cbc4784d07d38e70cba2720203d110fa7902e11c608b555d91d7d0e84af8146839a5e50d1698de67576e9bb40bd093db12c86f8b8f96837c80573a72f38c3771e85b38b491c81ff76e704d385073fa9b00c6076a6f1066570a126c70420dc6b412f315caf08ba431b8bf4d675adb1f01afffed3f4c36073574b532401a2d13ad76ffc6b6c37891e88aec23a497c02c2c4f2da3ab1ac9690e7a5770a3391c0e7d48e0ed5a309d482f81e22c05da889a5f31a715cfbeee77de7962dd089fcad4f3773ff6f4824c2886bd1aedef84260e15d373a263b6a4063d82512661db7f850ba2de2ea5b1177abd402c1d788a526dbec0fb65046a076435be65e502909537d6d1ff93034010d24b9396e0ebf6b5113b64f82352b5cc96f97d0ced26634c193380cdacd0c650a9d05c84c239adb6785f60f42896171dcf4f2b68c4f03d42c38c00e4ecdd911b8d7ea2419540834e51e95e5d1675b211d6c14526facc194e020a15f78ba4122a3f6843045cd88bd8a23ce256f8d96ed2cca04b38a144f7129216b481d1e85a764fc9c48f5b373ed0f88224bfb59a6d62fbebd6f97bc7f75f5c2c709efba5952fdc291367a496cfa22cd29b4c2e3cfe69155001704e316f92ed6eddb923d3cdb93d4ca1b9ce1488682cc5b122678e3f8162503d82be803629342c73912e2cb7e2ae333a2b888986ef5664db47c2362a00687c7a5ced088515859fb61554be8205600c9c570597d99bdaf3d8a805c943c4b3b25f96a9b94d4c9458b70865c2eaf85da978c3292922e588ca6ba26ca297fd99da110aed3dd44460f0f2e08c3c4dfc2e34658457573867074ab62c053a15bc8b2781c93c44eac8641dadd6aa2e593082a263c738fe9d3a388b0cf713ec2f7787d14013fca7d09040dbd2c7640f724d3a140ed6ecad259afda4df140d518edde2c010ff024eb36642d0ed6d7447527d5a5a5c1421cc3be1ea5ce287f96ab60b76d64b8fe7e69496664fc5a1071ec892aace1f4ee7991c7ea48d5ecaf87019c4fea1f1e3f9d841ac0593c577d92af6d179fd4c512746505255735a274c38e620e1189aaaceb1a5956caf55c8a1f2d3622ffa5e9662c7912f64b746dbe513acf9e3d97f695fa562ae8f4223cfac98057c4b70cd4d863def4b6277dc697c2c66f125d00a9f2504a8b7f13b989a482dca12bae9f62e736780420331ec67e4f633b231ecaa5a86f7fc703dd93a492f455ae8081ebe72b5330a0bf3c915c1296ffaf03a0faf50ed9c3ab67dc948a9c7da3cd947d466124daa5e58ffa1dffb5d7b2d418c657cd3d729ffe9170e99cbf1ae7d1c4c8501a63f959d055fa13df3d32659394eaf8146e04b0a3dfbf0546e2c1b84f573b9ea985863bf36c348a6be8a65f18542e5f6b083eebbae95690f20b342e6599ec3315d1b38b93a2e3a537b02369df2bd40e6b8191e95ac8ed61245cce158c25a04803f419e63c267f7eb73f5a06bf8b2217aacc7d26a7e8e42707abfa2dcda4685833d8de80d8f7430748b4ddc1977dc78f38bcdbc671377d618fa86340f1534600b8318bbf3ff1ccc736ad0722e228f2536d337088d05d1b957412676fba3cede33bff26083c76406814002730a1eaa67b5583bf27f9e54aad17b8414584899a2c2d87a1071c370e96bb55c6fd7d6b368df434011eebf49e2826c279b775b85f1f9d43b0f80f723dd2a9ef6175af833de4e4dfb2a5df122fd77d8123c66ebdba276ca358d7542b8f8e7685a5b831cc6b3cdd7403903f012a6100ace0cb32ba951cce35db979a953648d0c823220c919bfb2439bde9efc0b1b97d7c264b3e85d0965187455008009615e0ba082ecdf9895846825e624ca122da8e282be3316b6c1705235d4510efbed0d68fac977cb8c48798d15cf94132339b85db644bd936518da2ac21e1ebc96d1fd55337c64e02dcf1aca34be41509e6285256db3d45e2cedbba99ac837f1cd28953c64c360df7d3e478355551f031987d62dd817ff558f67a53b961b4de20621045d97fb058e189431f7dd12c862ff1973b3d3167292b0b98752bad053f1f1365a77526b5da938204c80cc277fbed06e1659d4510f5316e250f370f52641ca38cea1481d2c90eb8b0364567033e31c01a2bf429734dae12cd61b719e81f3a1e2a16d85fb5e4f912625941d5d9290a7ed207eaaff4e7d5e2b65f1d928e3fead390f7b0e2badf297de5045638e92fc705ddf8a2735786099733deccbd52cf812b8ec33588443860cbd81f430e182e677fb1db0abd113168ecd9594b5cef9c24d86a4ca8444377ae45bc0e34967ca9d82a917ba468c3ebef4be0e5c689880b95879e68ac5d9ac967f978a837bf536c6343da344df319db765006bc57b62e483339e132409f19fdbde82f362f7fd3ec5b82f2b9a81a71039ee24275ab3c111e53f72745426014901b7f79cce6b37d635ab488770ee4e1f1c776bd03ee15ffee3c551ae28dcde6fa9badc4a8cf5f0938afcabb452b59055c633be537d74d833b4cc77b6ff1f2a6de843c070163d605dcbe6344ed908fd46d4318afa50a39e44c66dd28c269605f7725b9c69612c272a06ec251121b7650779a50ea895c2e8d15bf567c639d5aa424f24675a8e15cfd53f9e32b3aa300baffcd7c9a0efbdba9ae65af5079fe2dcaa3cc64101316354cb04dde55e772f483c94844974454849e7c40ee0b4c83d336bd754792624329d6292d6f16c794908e06367eff9c067cd0422b331969e0e570d2a0fee8d71950f8617ccfbebc968c78504e4a8adb57106a9c597a5845f16e6974e0908ee5c190521b047c497e2080a6f75ef73913786a329a36e3074ec344f2d8c4aceff3593f053186b9b8f8640dc23ef116007e09843d2a9bc00f95c5dbb1e7e6a75b630904d4b32ce403b9a1591bd1e91db232ae681524f0230aba14456968f048e0bc688235d2524842c507795690e64ac9fea565278e44fbac6593ee405f304a872ff0606dbed5d981708c11a85337bfa72cc1c97c387223f9049959e4b3112fd6dbe3d404b32d37b73b28f3149f8582c42da6a5743684ddd505c92cd3ad462d49ed7c3db466821ee6adc0db593f55a8255e2095f85854bc324c4fd8c8eed20f9e43ab1eab37c2dc0f2426f216d9be7a57333309ec1c39e71b6701da0326950b59be72d3ba43c7ebf6fcaeb55a58bfc175556f4a9be7a3a3e4f5dbbb4a0df1d7a071d3cbd695dd11175442dd206928ca6846aa8788396a67ebf8977d0a7f26204c30fddd7099ac8d79b8af36df50c9281d06a01a2228aa5429461ab6e9375062e999e62ccc70d9789b189ff53631dfae4cced1677071276d2ad093ed73f23dabf2995eaf9dd659ff40d7bf984aa49b15825e7d749bba865049726232f02c8f3ec00a03c7a63a9bb6108a936dc628ccc1d5e115c7216a9055fa209b886a39594c18d6f01846e3f9d6f0f17c19a46efe31b6a51b095274bcfe81840865ff4b85ca5106bb1ee9f13b80f6d64c09d8956b6d1d991f54cc10e712550e51f195e23ece8d6e697fba39fb8fce8e5b84a34b6b2d4fad431150fa31d2377acfe472cf9f5123b97e4673c956b96a78856ac1818cf073a6eea30e01c9f67af83ab3afc06711a28297a2e904082824828410cd59cab0fca4406879ca1404d26b2619aabfe0580edf96f23627a4f3d24ac6c0ae482e8a75610318c60354e0c75f5d91cdfaddcea2a50dd799f72bdf668fdd562c64083e29fc1d9cd93997689506b37080314cf6798b625127c79e8909ebcc7e04da4942716e7319ec975da57124cffdd6b770ac7d3e644b9973b2d31a0299f1185183234abe3c17a78adea63b83dfbd79d4b88560a70689c7274e3d6e0d95b0b8360a2df712d037565b143584902f31bde9c54249006e2308f9489e4e7e0166901b6503fc3413ddb63e17d19497bb2f32ea78b41acceaf877d218187ff7552924c878c5b0444f769fc8858905b9514d5894902b341ec499", 0x1000}, {&(0x7f0000000340)="d91ba1ea508d6e3bbe45d68b84bf22eb248f255d87366365236f6e78faab41b50a01812081716a8156ad7e2932d9d9ca88e8ae0511cd9f20cefb482cdaaea3146c35093d7dfbf6c546154c2d9610035e17d8fd0ce8d55384546e26d98e3586c61020443c93c1495a69fc19a6847ad11bc8cf23a2b6b5543d32db579a4089c50ff9bd1019062eb565bc7a4fa6d4bdc1e1dda3aef00ce456fc76bca96edaee008a1f7efb1c296114ea3be4de1ca1434e7897b0d14085dc4875cb37fada7772f11225bf18fef65a89aa9b245fc88f8e984e42bee9066c9fe9677edaed4c59c0", 0xde}, {&(0x7f0000000080)="c211b15f9d301b", 0x7}, {&(0x7f0000000100)="d53c6c33d0999c875d5575aa92c9cb6c623868da497c6052c329e3c401adc4537391aac2e333e86c928033cb3cc82cae5545bebbb1b9", 0x36}, {&(0x7f0000000580)="00d3a190b5d0b27fc8f5dd13ed85d165935111bba4102bc49cfb309234016e18c7925a909475eaec3bdc789a8e646fbded3e630768c8adef169a192c83995d0dda41a00480f9af8e5358498b997c475de752a1a16848930cdcac1ec4ee1396e450ffe4dfb293df706143dda5d7581ba2e7010c84076288263fcce9a1476c81041c70ec952572da45481385691f25316b9c5bae0a63c746304368e1d781837d50445f268ae639ab14c70e", 0xaa}, {&(0x7f0000000780)="498f15d4adca3628d988aa6203416c694557db1fbd230cb23c1605f4e49f56508ba1ce2a3456b57cd760bf9d64ba713fa73238158b7fd78adc9ca4b8947c10cd0c90848112a8064aae33777b8af26132b2e9d2229b99ce39fc408c0c84d58c46516d1adceb4c55ab81bbaaf79b0df593e4dbfa8a5bcad66ce960a2646581ba98ee52bc", 0x83}, {&(0x7f00000001c0)="85c4b23984c80cba51b5304fc04a5b79214d3e5431af39863dbba8f7e5443da7c373ef", 0x23}], 0x8)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0xe}, 0x10)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x0, 0x0}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x40, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

9.085356493s ago: executing program 6 (id=1356):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310001001000000950074000000000031fb0d3a42319fa204399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b60ac5ea9fca11027d19e93adb603deb92de3141e8fd7ac5b87a2070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba5fc4a5a17d103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000002340)={'HL\x00'}, &(0x7f0000002380)=0x1e)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r4})
r5 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
pread64(r5, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r7, &(0x7f0000004a80)={0x0, 0x0, &(0x7f0000004a40)={&(0x7f00000049c0)={0x14, 0x3, 0x7, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x40005}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r8, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x400000, 0x5, "0100"})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team_slave_1\x00'})

6.891071475s ago: executing program 1 (id=1357):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
bind$can_j1939(r2, 0x0, 0x0)
r3 = epoll_create(0x2)
setfsgid(0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
pread64(r5, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080)={0x3000200a})
sendto$inet6(r1, &(0x7f00000004c0), 0x0, 0x408a1, 0x0, 0x0)
sendmsg$nl_xfrm(r2, 0x0, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
accept4$nfc_llcp(r2, &(0x7f0000000380), 0x0, 0x80000)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_writepages_result\x00', r6}, 0x10)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000180)={r7}, 0x5)
close(r8)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0xa8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)

6.297818103s ago: executing program 5 (id=1358):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000100)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="663484", 0x3}], 0x1, 0x0, 0x0, 0x40880}], 0x1, 0x4814)
recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1}, 0xffffff0d}], 0x2, 0x2001, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x2f, &(0x7f0000000080), 0x24)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r9 = syz_open_procfs(0x0, 0x0)
preadv(r9, 0x0, 0x0, 0x2, 0x3)
sendto$inet(r8, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r8, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)

6.297343013s ago: executing program 0 (id=1359):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000200)=[{&(0x7f0000001880)=""/4082, 0xff2}], 0x1, 0x21}}], 0x48}, 0x0) (fail_nth: 2)

5.639268745s ago: executing program 6 (id=1360):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0xa, 0x101800)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000040)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1})
pread64(r3, 0x0, 0x0, 0xce2)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_ALLOW_SUSPEND(r6, 0x5522)
getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000140)={'broute\x00', 0x0, 0x0, 0x0, [0x7, 0x90, 0x0, 0xf, 0xc00003, 0x7]}, 0x0)
ioctl$USBDEVFS_CONTROL(r6, 0xc0105500, 0x0)
bind$inet6(r2, &(0x7f00000001c0)={0xa, 0xe21, 0x9, @mcast2, 0x41de}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x5453, &(0x7f0000000100)=0x80000000)

5.441133531s ago: executing program 0 (id=1361):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
preadv(r0, &(0x7f0000000800)=[{&(0x7f0000000080)=""/107, 0x6b}, {0x0}], 0x2, 0x0, 0x0)

5.139425826s ago: executing program 5 (id=1362):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x45833af92e4b39ff, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x40000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffe, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x1602, &(0x7f0000000000)={0x0, 0x707b, 0x20000, 0x2, 0x13d}, 0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r2, 0x8971, &(0x7f0000000180)={'bond0\x00', @ifru_addrs=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x6}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)

5.120911847s ago: executing program 0 (id=1363):
r0 = io_uring_setup(0x74f8, &(0x7f00000005c0))
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400000028", 0xf)
r3 = dup(r1)
r4 = accept4(r2, 0x0, 0x0, 0x0)
sendfile(r4, r3, 0x0, 0x8a002)
close_range(r0, 0xffffffffffffffff, 0x0)

4.474236767s ago: executing program 6 (id=1364):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents(r4, 0x0, 0x20)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e1100d6704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6ccb0e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f41c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111ff6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab43fa6104d5a99aa36b73ac3622ccae12252457cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd4132290b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc408a1258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a16d470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="50010000000000000000000000000000060000000000000002000000000000000600000000000000060000000000000005000000ffffffff090000000000000003000000000000000e010000000000000400000000000000000000000000000008000000000000000001000003000000040000000020000005000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0300000007000000000000000400000000000000000003000000"], 0x0, 0x0, 0x0})

3.584153369s ago: executing program 0 (id=1365):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000100)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="663484", 0x3}], 0x1, 0x0, 0x0, 0x40880}], 0x1, 0x4814)
recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1}, 0xffffff0d}], 0x2, 0x2001, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x2f, &(0x7f0000000080), 0x24)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r9 = syz_open_procfs(0x0, 0x0)
preadv(r9, 0x0, 0x0, 0x2, 0x3)
sendto$inet(r8, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r8, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)

3.47319877s ago: executing program 5 (id=1366):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendto$l2tp(0xffffffffffffffff, &(0x7f0000000580)="74e4b542a2ad3177290efb27849ac6b27fc4111dc23317598a874080528f337e141ad1ebe2518aa45b8fe1abf868681643d3d170950d62003518ce16d3362fcfc3b5f4d429fbcba2244d428ec20236070ae801000000e3de0ca54ab0f5762fbdd9617e9c4066e73aa6f52f9705c809084767897a1135eceb8f8959d66acc11aa8d368c757055fdc0159c3cb88bc5af20d5b648f102aa124e27c0efdb9b3af8e1f418bbe98ef18fc60b2abaeea040bc0e1d964c22dbf733a82e21b0435a593ddbfb5028502b875c7fb2b38c6b76c4c12401426a", 0xd3, 0x800, &(0x7f0000000180)={0x2, 0x0, @broadcast, 0x2000002}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0), 0x20302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
prctl$PR_MCE_KILL(0x21, 0x0, 0x3)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
fsmount(r0, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000300da871363fe18eaadce172385560c90a10033f605007400400001802c0004001400010002acde00ac14140f00000000000000001400020002000000ffffffff0000"], 0x54}, 0x1, 0x0, 0x0, 0x40050}, 0x4)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fbdbdf2505000000200001800d0001007564703a73797a32"], 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r4 = socket$kcm(0x25, 0x4, 0x0)
recvmsg$kcm(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x160)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='squashfs\x00', 0x208000, 0x0)
io_uring_setup(0x563e, &(0x7f00000000c0)={0x0, 0x9a74, 0x10, 0x401, 0x20002bd})
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$int_in(r5, 0x5452, &(0x7f00000002c0)=0xfffffffffffffff3)
sendto$inet(r5, 0x0, 0x0, 0x4, &(0x7f0000001080)={0x2, 0x4e20, @empty}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r6, &(0x7f0000000080)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xf4ff7fba}, 0x0)

3.318263485s ago: executing program 4 (id=1367):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28031, 0xffffffffffffffff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
r4 = dup(r3)
syz_io_uring_setup(0x230, &(0x7f0000000080)={0x0, 0x20, 0x10100}, &(0x7f0000000040), &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300))
io_uring_enter(r4, 0x1c44, 0xfffffffe, 0x41, 0x0, 0xffffff27)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000044402, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x5, 0x25, 0x0, &(0x7f0000000000)="259a53f271a76d2608004c6588a80a38667d2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4)
ioctl$HIDIOCGRAWNAME(r4, 0x80404804, &(0x7f0000000340))
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000c00)=0xc, 0x6, 0x2)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000001340)={'ip_vti0\x00', &(0x7f0000001240)={'erspan0\x00', 0x0, 0x40, 0x41, 0x3, 0x9, {{0x5, 0x4, 0x0, 0x6, 0x14, 0x66, 0x0, 0xd, 0x29, 0x0, @loopback, @private=0xa010102}}}})

2.521350178s ago: executing program 0 (id=1368):
syz_open_dev$ttys(0xc, 0x2, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
dup3(r0, r1, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x14)

1.468988035s ago: executing program 1 (id=1369):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000800)={0x0, <r1=>0x0})
prlimit64(r1, 0xc, &(0x7f0000000880)={0x3ff, 0x5}, &(0x7f00000008c0))
r2 = syz_open_dev$dri(&(0x7f00000001c0), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f0000000100)={0x12})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r3, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="1073eeda8705da74bc83496ee251e51e6d155c558a4f6dbf7076341df55b7aecaad952f364f05d5e0f", 0x29}, {&(0x7f0000000580)="02a2f97a177137003d9b418698b97c81bf1bde789b66365fd7b1bbae5f5e00cb9b4432ed011564c758321c92aff549a18b82016d730fcdb5445c31a7d34e0b20bd90f8032e6aabfeac73e8c3c526528c0f25bd2cbe7523c99341983cd8011863d7a336c52f6322d92efa0d1f24e4491d933c065c74c6c30fd46cacd7c7781f0d7ce8f19f79392863f6fb743820810da45d4275e1da291ec2b418d02a6b9f3bf80fe52a98c6c255e3e7a726a50f5aad8d3dad827469fd4ce8798c88e70b2b7b79fe08dc2b16b589ad95430e9108ed886fd38e9f3a4c80f40af8e53e4f15a14512494dda427fb5c3397cbac87ca3fd515961cb5ffa109052c216336bad9825d0bf5d2e61c8049064aba1faee7ba3c2f47b5b6f272f77723a27b519aadd8fd49b4a24", 0x121}], 0x2}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000180)="2001987c5ccf58f5f75061ee", 0xc}, {&(0x7f00000003c0)="8b120728c90b0b4a530fab46abf402095b65870c2a0ac8f0847a8e8ab1d98f34cdd3a1c838f816c52ca57b8a7efbcea529afab803882b9f88c28cab3df58895ebffef931a275cc35f9fefa5bd7a1f580106f3c7defd09032cf42417504eefea81cfa7bfea5032e42cc0858cee1b8e74e133934cc54cd707c5c85d4e5008025c28b72b46d12248babbe0d3f7916a5610416ee255a331398dea59a1a406070cc13e81701447ded270b0c1bce36d2bf06db98dd9c1ed65668eb5c2f4cab0ee3", 0xbe}, {&(0x7f0000000940)="0154cb3eb8695dcc7f253cb0f84f99ca40dada3fa997c3cdeaf5fba62ba9dca2592b2e1f1a3b323346857c2dc8a7feb60cabba8b2bae17b6adbf986484866d0995da61fdd7468d7a890840c77e27f020ceeaac9105570794647e71a0180a96c66f23d8bb7da1bb5d4862d206", 0x6c}], 0x3}}], 0x2, 0x8810)
recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001f00)=""/4096, 0x1000}], 0x1}, 0x12060)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f00001b4000/0x4000)=nil)
r4 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r4, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c000700200000000200000008"], 0xc4}}, 0x4008800)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xe0, r4, 0x100, 0x14, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xb}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xdd2e}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'macvtap0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x14000}]}, 0xe0}, 0x1, 0x0, 0x0, 0x8050}, 0x800)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x46, 0x50, 0xd3, 0x10, 0xc45, 0x800a, 0xdb47, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xcd, 0xa6, 0x37}}]}}]}}, 0x0)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x200, 0x22, 0x8}, 0x18)
execveat(r7, &(0x7f0000000280)='./file0\x00', &(0x7f0000000700)={[&(0x7f00000002c0)='\x00', &(0x7f0000000480)='\x00', &(0x7f00000004c0)='\x00']}, &(0x7f00000007c0)={[&(0x7f0000000740)='skcipher\x00', &(0x7f0000000780)='ecb(serpent)\x00']}, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000ac0)={&(0x7f00000009c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0], &(0x7f0000000a40)=[0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0], 0x4, 0x9, 0x2, 0x3})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000c40)={&(0x7f0000000b00)=[0x0, 0x0, 0x0, <r9=>0x0, 0x0], &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000c00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x5, 0x5, 0x7})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000c80)={r8, r9, 0x2, 0x7, 0x3})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x50}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x90)
syz_usb_control_io$printer(r6, 0x0, &(0x7f0000000bc0)={0x34, &(0x7f0000000900)={0x0, 0x0, 0x1, 'C'}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

1.393075435s ago: executing program 6 (id=1370):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x26020480)
r3 = socket(0x10, 0x80002, 0x2)
bind$netlink(r3, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
r4 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r2, 0x5453, &(0x7f0000000040)={0x3, 0xb, 0xfffffffe, 0x7fffffff, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0xffffffff})
r5 = socket$inet6(0xa, 0x3, 0x7)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)}], 0x1)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0)
r6 = fsopen(&(0x7f0000000200)='ecryptfs\x00', 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.049702313s ago: executing program 5 (id=1371):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x3c, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@nested={0x10, 0x136, 0x0, 0x1, [@typed={0x9, 0x2, 0x0, 0x0, @binary="b27d9adc61"}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x8e\n'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x1bb)
getdents64(r4, &(0x7f0000000440)=""/98, 0x62)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x50)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r7, 0x40045402, &(0x7f0000000140))
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x101, 0x0, 0xe})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f0000000380)={0x6, 0x3ff, 0x103, 0x0, 0xe})
r8 = getpgid(0xffffffffffffffff)
sched_setscheduler(r8, 0x2, &(0x7f00000010c0)=0x6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0xb, r6}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, &(0x7f0000001f00)=""/4096, &(0x7f0000000780), &(0x7f0000000b40), 0x4, r6}, 0x38)
socket$kcm(0xa, 0x2, 0x73)

0s ago: executing program 5 (id=1372):
socket$kcm(0x21, 0x2, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x63, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = getpgid(0x0)
prctl$PR_SET_PTRACER(0x59616d61, r1)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="020000000500000000000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet(0x2, 0x1, 0x100)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a80)=@bpf_tracing={0x1a, 0x2b, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x280, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x7, 0x3, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x7}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe62}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @ldst={0x0, 0x3, 0x1, 0x0, 0x8, 0xffffffffffffffcc}, @generic={0x80, 0x2, 0x7, 0x25, 0x3}, @map_val={0x18, 0x5, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xef5}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @jmp={0x5, 0x0, 0x6, 0x8, 0x0, 0x30, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000140)='GPL\x00', 0x81, 0xf2, &(0x7f0000000980)=""/242, 0x0, 0x0, '\x00', 0x0, 0x1c, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x1, 0x1, 0x7, 0x185}, 0x10, 0x167e5, 0xffffffffffffffff, 0x4, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, r2, r2, r2, r2, r2], &(0x7f0000000600)=[{0x0, 0x2, 0x10, 0x4}, {0x3, 0x2, 0x1, 0x6}, {0x3, 0x3, 0x9, 0x2}, {0x4, 0x2, 0x2, 0x6}], 0x10, 0x1}, 0x94)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7820fcfaf65ac618ded89748", 0x1a, 0x11, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000500), 0x8, 0x0)
r8 = syz_io_uring_setup(0x2, &(0x7f0000000580)={0x0, 0x1276, 0x13500, 0xfffffffe, 0x304, 0x0, r7}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r8, 0x21, &(0x7f0000000440)=r7, 0x1)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007dd, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000040)=0x40)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x7)
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000100ffff00000000000100009500"/27], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_khugepaged_scan_pmd\x00', r9}, 0x18)

kernel console output (not intermixed with test programs):

/0x130
[  391.218006][ T9168]  should_fail_ex+0x414/0x560
[  391.218031][ T9168]  _copy_from_user+0x2d/0xb0
[  391.218058][ T9168]  memdup_user+0x5e/0xd0
[  391.218082][ T9168]  strndup_user+0x68/0xd0
[  391.218107][ T9168]  __se_sys_mount+0xde/0x410
[  391.218129][ T9168]  ? ksys_write+0x22a/0x250
[  391.218149][ T9168]  ? __pfx___se_sys_mount+0x10/0x10
[  391.218167][ T9168]  ? rcu_is_watching+0x15/0xb0
[  391.218192][ T9168]  ? do_syscall_64+0xbe/0x3b0
[  391.218211][ T9168]  ? __x64_sys_mount+0x20/0xc0
[  391.218234][ T9168]  do_syscall_64+0xfa/0x3b0
[  391.218253][ T9168]  ? lockdep_hardirqs_on+0x9c/0x150
[  391.218272][ T9168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.218290][ T9168]  ? clear_bhb_loop+0x60/0xb0
[  391.218312][ T9168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.218330][ T9168] RIP: 0033:0x7f469258e9a9
[  391.218346][ T9168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.218363][ T9168] RSP: 002b:00007f469340e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  391.218382][ T9168] RAX: ffffffffffffffda RBX: 00007f46927b5fa0 RCX: 00007f469258e9a9
[  391.218397][ T9168] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000200000000140
[  391.218411][ T9168] RBP: 00007f469340e090 R08: 0000000000000000 R09: 0000000000000000
[  391.218424][ T9168] R10: 0000000000208000 R11: 0000000000000246 R12: 0000000000000001
[  391.218437][ T9168] R13: 0000000000000000 R14: 00007f46927b5fa0 R15: 00007ffe673a6608
[  391.218468][ T9168]  </TASK>
[  391.346587][ T9165] netlink: 8 bytes leftover after parsing attributes in process `syz.6.732'.
[  391.346615][ T9165] netlink: 12 bytes leftover after parsing attributes in process `syz.6.732'.
[  391.346642][ T9165] netlink: 'syz.6.732': attribute type 19 has an invalid length.
[  391.973909][ T9185] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  391.973952][ T9185] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  391.975896][ T9185] vhci_hcd vhci_hcd.0: Device attached
[  392.206673][    T9] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  392.227723][ T5971] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  392.249724][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.376586][ T5971] usb 5-1: Using ep0 maxpacket: 16
[  392.381432][ T5971] usb 5-1: config index 0 descriptor too short (expected 8192, got 36)
[  392.381451][ T5971] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  392.381462][ T5971] usb 5-1: config 0 has no interfaces?
[  392.381479][ T5971] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  392.381492][ T5971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.383329][ T5971] usb 5-1: config 0 descriptor??
[  392.659034][ T9185] netlink: 32 bytes leftover after parsing attributes in process `syz.4.738'.
[  392.791620][ T5971] usb 5-1: string descriptor 0 read error: -71
[  392.799661][ T9188] vhci_hcd: connection closed
[  392.801335][ T5971] usb 5-1: USB disconnect, device number 13
[  392.821915][ T1152] vhci_hcd: stop threads
[  392.821935][ T1152] vhci_hcd: release socket
[  392.823302][ T1152] vhci_hcd: disconnect device
[  392.917188][ T9214] siw: device registration error -23
[  393.417317][    T9] usb 41-1: device descriptor read/64, error -71
[  393.596134][    T9] vhci_hcd: vhci_device speed not set
[  396.381009][ T9268] netlink: 'syz.5.760': attribute type 33 has an invalid length.
[  396.388896][ T9268] netlink: 152 bytes leftover after parsing attributes in process `syz.5.760'.
[  397.621761][ T9292] tmpfs: Bad value for 'mpol'
[  398.860604][ T9297] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  399.370994][ T9309] netdevsim netdevsim1: Direct firmware load for ..� failed with error -2
[  399.379687][ T9309] netdevsim netdevsim1: Falling back to sysfs fallback for: ..�
[  399.841047][ T9323] FAULT_INJECTION: forcing a failure.
[  399.841047][ T9323] name failslab, interval 1, probability 0, space 0, times 0
[  400.427973][ T9323] CPU: 0 UID: 0 PID: 9323 Comm: syz.0.776 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  400.428003][ T9323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  400.428015][ T9323] Call Trace:
[  400.428023][ T9323]  <TASK>
[  400.428032][ T9323]  dump_stack_lvl+0x189/0x250
[  400.428059][ T9323]  ? __pfx____ratelimit+0x10/0x10
[  400.428080][ T9323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.428102][ T9323]  ? __pfx__printk+0x10/0x10
[  400.428133][ T9323]  ? __pfx___might_resched+0x10/0x10
[  400.428159][ T9323]  should_fail_ex+0x414/0x560
[  400.428185][ T9323]  should_failslab+0xa8/0x100
[  400.428209][ T9323]  __kmalloc_cache_noprof+0x70/0x3d0
[  400.428228][ T9323]  ? vmci_ctx_create+0xb8/0x650
[  400.428260][ T9323]  vmci_ctx_create+0xb8/0x650
[  400.428298][ T9323]  vmci_host_unlocked_ioctl+0x1a55/0x2650
[  400.428330][ T9323]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  400.428362][ T9323]  ? do_vfs_ioctl+0xf37/0x1990
[  400.428394][ T9323]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  400.428429][ T9323]  ? kasan_quarantine_put+0xdd/0x220
[  400.428468][ T9323]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  400.428491][ T9323]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  400.428511][ T9323]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  400.428530][ T9323]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  400.428550][ T9323]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  400.428588][ T9323]  ? __lock_acquire+0xab9/0xd20
[  400.428610][ T9323]  ? __asan_memset+0x22/0x50
[  400.428636][ T9323]  ? smack_file_ioctl+0x24a/0x340
[  400.428658][ T9323]  ? __pfx_smack_file_ioctl+0x10/0x10
[  400.428687][ T9323]  ? __fget_files+0x2a/0x420
[  400.428708][ T9323]  ? __fget_files+0x3a0/0x420
[  400.428727][ T9323]  ? __fget_files+0x2a/0x420
[  400.428752][ T9323]  ? bpf_lsm_file_ioctl+0x9/0x20
[  400.428775][ T9323]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  400.428805][ T9323]  __se_sys_ioctl+0xfc/0x170
[  400.428836][ T9323]  do_syscall_64+0xfa/0x3b0
[  400.428855][ T9323]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.428876][ T9323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.428895][ T9323]  ? clear_bhb_loop+0x60/0xb0
[  400.428918][ T9323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.428937][ T9323] RIP: 0033:0x7f814198e9a9
[  400.428954][ T9323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.428971][ T9323] RSP: 002b:00007f8142825038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  400.428995][ T9323] RAX: ffffffffffffffda RBX: 00007f8141bb5fa0 RCX: 00007f814198e9a9
[  400.429008][ T9323] RDX: 0000200000000140 RSI: 00000000000007a0 RDI: 0000000000000003
[  400.429021][ T9323] RBP: 00007f8142825090 R08: 0000000000000000 R09: 0000000000000000
[  400.429033][ T9323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.429044][ T9323] R13: 0000000000000000 R14: 00007f8141bb5fa0 R15: 00007ffe4b89fc78
[  400.429076][ T9323]  </TASK>
[  400.429102][ T9323] Failed to allocate memory for VMCI context
[  401.176949][   T30] audit: type=1326 audit(1753499924.083:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9342 comm="syz.6.783" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f07d978e9a9 code=0x0
[  404.578778][ T9405] netdevsim netdevsim6: Direct firmware load for ..� failed with error -2
[  404.587639][ T9405] netdevsim netdevsim6: Falling back to sysfs fallback for: ..�
[  404.803597][ T9413] FAULT_INJECTION: forcing a failure.
[  404.803597][ T9413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.858447][ T9413] CPU: 1 UID: 0 PID: 9413 Comm: syz.1.797 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  404.858476][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  404.858487][ T9413] Call Trace:
[  404.858495][ T9413]  <TASK>
[  404.858504][ T9413]  dump_stack_lvl+0x189/0x250
[  404.858529][ T9413]  ? __pfx____ratelimit+0x10/0x10
[  404.858551][ T9413]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.858573][ T9413]  ? __pfx__printk+0x10/0x10
[  404.858599][ T9413]  ? __might_fault+0xb0/0x130
[  404.858630][ T9413]  should_fail_ex+0x414/0x560
[  404.858656][ T9413]  _copy_from_user+0x2d/0xb0
[  404.858684][ T9413]  ____sys_sendmsg+0x2fe/0x830
[  404.858721][ T9413]  ? __pfx_____sys_sendmsg+0x10/0x10
[  404.858760][ T9413]  ? import_iovec+0x74/0xa0
[  404.858791][ T9413]  ___sys_sendmsg+0x21f/0x2a0
[  404.858823][ T9413]  ? __pfx____sys_sendmsg+0x10/0x10
[  404.858892][ T9413]  ? __fget_files+0x2a/0x420
[  404.858913][ T9413]  ? __fget_files+0x3a0/0x420
[  404.858946][ T9413]  __x64_sys_sendmsg+0x19b/0x260
[  404.858979][ T9413]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  404.859020][ T9413]  ? __pfx_ksys_write+0x10/0x10
[  404.859036][ T9413]  ? rcu_is_watching+0x15/0xb0
[  404.859064][ T9413]  ? do_syscall_64+0xbe/0x3b0
[  404.859090][ T9413]  do_syscall_64+0xfa/0x3b0
[  404.859110][ T9413]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.859130][ T9413]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.859150][ T9413]  ? clear_bhb_loop+0x60/0xb0
[  404.859174][ T9413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.859193][ T9413] RIP: 0033:0x7fb03038e9a9
[  404.859210][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.859228][ T9413] RSP: 002b:00007fb031234038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  404.859250][ T9413] RAX: ffffffffffffffda RBX: 00007fb0305b5fa0 RCX: 00007fb03038e9a9
[  404.859265][ T9413] RDX: 7e8166965e22236a RSI: 0000200000007940 RDI: 0000000000000003
[  404.859279][ T9413] RBP: 00007fb031234090 R08: 0000000000000000 R09: 0000000000000000
[  404.859292][ T9413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.859304][ T9413] R13: 0000000000000000 R14: 00007fb0305b5fa0 R15: 00007ffed9c88cb8
[  404.859336][ T9413]  </TASK>
[  405.685904][ T9426] FAULT_INJECTION: forcing a failure.
[  405.685904][ T9426] name failslab, interval 1, probability 0, space 0, times 0
[  405.734853][ T9426] CPU: 0 UID: 0 PID: 9426 Comm: syz.4.805 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  405.734882][ T9426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  405.734895][ T9426] Call Trace:
[  405.734903][ T9426]  <TASK>
[  405.734911][ T9426]  dump_stack_lvl+0x189/0x250
[  405.734938][ T9426]  ? __pfx____ratelimit+0x10/0x10
[  405.734960][ T9426]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.734982][ T9426]  ? __pfx__printk+0x10/0x10
[  405.735013][ T9426]  ? __pfx___might_resched+0x10/0x10
[  405.735039][ T9426]  should_fail_ex+0x414/0x560
[  405.735064][ T9426]  ? __se_sys_add_key+0x269/0x400
[  405.735082][ T9426]  should_failslab+0xa8/0x100
[  405.735105][ T9426]  __kvmalloc_node_noprof+0x161/0x5f0
[  405.735126][ T9426]  ? __se_sys_add_key+0x269/0x400
[  405.735144][ T9426]  ? memdup_user+0x99/0xd0
[  405.735172][ T9426]  __se_sys_add_key+0x269/0x400
[  405.735195][ T9426]  ? __pfx___se_sys_add_key+0x10/0x10
[  405.735224][ T9426]  ? do_syscall_64+0xbe/0x3b0
[  405.735244][ T9426]  ? __x64_sys_add_key+0x20/0xc0
[  405.735264][ T9426]  do_syscall_64+0xfa/0x3b0
[  405.735290][ T9426]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.735309][ T9426]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.735328][ T9426]  ? clear_bhb_loop+0x60/0xb0
[  405.735351][ T9426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.735370][ T9426] RIP: 0033:0x7fc78818e9a9
[  405.735386][ T9426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.735404][ T9426] RSP: 002b:00007fc789034038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  405.735425][ T9426] RAX: ffffffffffffffda RBX: 00007fc7883b5fa0 RCX: 00007fc78818e9a9
[  405.735443][ T9426] RDX: 0000200000000100 RSI: 0000200000000180 RDI: 0000200000000140
[  405.735457][ T9426] RBP: 00007fc789034090 R08: fffffffffffffffe R09: 0000000000000000
[  405.735471][ T9426] R10: 00000000000000ca R11: 0000000000000246 R12: 0000000000000001
[  405.735483][ T9426] R13: 0000000000000000 R14: 00007fc7883b5fa0 R15: 00007ffc950a9368
[  405.735514][ T9426]  </TASK>
[  407.393673][ T9400] Bluetooth: hci5: command 0x0406 tx timeout
[  410.958889][ T9450] netlink: 'syz.4.809': attribute type 33 has an invalid length.
[  410.966722][ T9450] netlink: 152 bytes leftover after parsing attributes in process `syz.4.809'.
[  411.357472][   T30] audit: type=1326 audit(1753499934.263:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.038708][ T9472] netdevsim netdevsim6: Direct firmware load for ..� failed with error -2
[  412.047408][ T9472] netdevsim netdevsim6: Falling back to sysfs fallback for: ..�
[  412.061048][   T30] audit: type=1326 audit(1753499934.283:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.115289][   T30] audit: type=1326 audit(1753499934.283:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.137654][   T30] audit: type=1326 audit(1753499934.283:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.276485][   T30] audit: type=1326 audit(1753499934.283:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.531191][   T30] audit: type=1326 audit(1753499934.283:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.653603][   T30] audit: type=1326 audit(1753499934.283:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.736235][   T30] audit: type=1326 audit(1753499934.293:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  412.780553][   T30] audit: type=1326 audit(1753499934.293:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9467 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  413.233823][ T9497] FAULT_INJECTION: forcing a failure.
[  413.233823][ T9497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.279526][ T9484] FAULT_INJECTION: forcing a failure.
[  413.279526][ T9484] name failslab, interval 1, probability 0, space 0, times 0
[  413.856241][ T9484] CPU: 1 UID: 0 PID: 9484 Comm: syz.1.815 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  413.856273][ T9484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  413.856286][ T9484] Call Trace:
[  413.856295][ T9484]  <TASK>
[  413.856305][ T9484]  dump_stack_lvl+0x189/0x250
[  413.856334][ T9484]  ? __pfx____ratelimit+0x10/0x10
[  413.856356][ T9484]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.856379][ T9484]  ? __pfx__printk+0x10/0x10
[  413.856413][ T9484]  ? __pfx___might_resched+0x10/0x10
[  413.856441][ T9484]  should_fail_ex+0x414/0x560
[  413.856469][ T9484]  should_failslab+0xa8/0x100
[  413.856492][ T9484]  kmem_cache_alloc_noprof+0x73/0x3c0
[  413.856511][ T9484]  ? mas_alloc_nodes+0x2e9/0x8e0
[  413.856538][ T9484]  mas_alloc_nodes+0x2e9/0x8e0
[  413.856569][ T9484]  mas_preallocate+0x3ad/0x6f0
[  413.856597][ T9484]  ? __pfx_mas_preallocate+0x10/0x10
[  413.856626][ T9484]  ? __asan_memset+0x22/0x50
[  413.856665][ T9484]  commit_merge+0x1fd/0x700
[  413.856703][ T9484]  ? __pfx_commit_merge+0x10/0x10
[  413.856744][ T9484]  ? dup_anon_vma+0x82/0x2c0
[  413.856774][ T9484]  vma_modify+0xfc1/0x1970
[  413.856821][ T9484]  vma_modify_policy+0x1e8/0x230
[  413.856852][ T9484]  ? __pfx_vma_modify_policy+0x10/0x10
[  413.856904][ T9484]  mbind_range+0x2bb/0x800
[  413.856927][ T9484]  ? mas_find+0x9e7/0xc10
[  413.856952][ T9484]  __se_sys_mbind+0x730/0xc30
[  413.856982][ T9484]  ? __pfx_vfs_write+0x10/0x10
[  413.857003][ T9484]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  413.857027][ T9484]  ? __pfx___se_sys_mbind+0x10/0x10
[  413.857079][ T9484]  ? rcu_is_watching+0x15/0xb0
[  413.857106][ T9484]  ? __x64_sys_mbind+0x21/0xf0
[  413.857138][ T9484]  do_syscall_64+0xfa/0x3b0
[  413.857159][ T9484]  ? lockdep_hardirqs_on+0x9c/0x150
[  413.857179][ T9484]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.857203][ T9484]  ? clear_bhb_loop+0x60/0xb0
[  413.857240][ T9484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.857260][ T9484] RIP: 0033:0x7fb03038e9a9
[  413.857277][ T9484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.857295][ T9484] RSP: 002b:00007fb031234038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  413.857316][ T9484] RAX: ffffffffffffffda RBX: 00007fb0305b5fa0 RCX: 00007fb03038e9a9
[  413.857331][ T9484] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000001000
[  413.857344][ T9484] RBP: 00007fb031234090 R08: 0000000000002000 R09: 0000000000000000
[  413.857362][ T9484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.857374][ T9484] R13: 0000000000000000 R14: 00007fb0305b5fa0 R15: 00007ffed9c88cb8
[  413.857405][ T9484]  </TASK>
[  414.235132][ T9497] CPU: 0 UID: 0 PID: 9497 Comm: syz.6.821 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  414.235150][ T9497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  414.235157][ T9497] Call Trace:
[  414.235162][ T9497]  <TASK>
[  414.235167][ T9497]  dump_stack_lvl+0x189/0x250
[  414.235184][ T9497]  ? __pfx____ratelimit+0x10/0x10
[  414.235196][ T9497]  ? __pfx_dump_stack_lvl+0x10/0x10
[  414.235206][ T9497]  ? __pfx__printk+0x10/0x10
[  414.235220][ T9497]  ? __might_fault+0xb0/0x130
[  414.235237][ T9497]  should_fail_ex+0x414/0x560
[  414.235253][ T9497]  _copy_from_iter+0x1db/0x16f0
[  414.235269][ T9497]  ? rcu_is_watching+0x15/0xb0
[  414.235282][ T9497]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  414.235293][ T9497]  ? __pfx__copy_from_iter+0x10/0x10
[  414.235307][ T9497]  ? __build_skb_around+0x257/0x3e0
[  414.235324][ T9497]  ? skb_put+0x11b/0x210
[  414.235340][ T9497]  pfkey_sendmsg+0x230/0x1090
[  414.235358][ T9497]  ? __lock_acquire+0xab9/0xd20
[  414.235367][ T9497]  ? smack_socket_sendmsg+0x1a7/0x520
[  414.235382][ T9497]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  414.235400][ T9497]  ? is_bpf_text_address+0x26/0x2b0
[  414.235413][ T9497]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  414.235433][ T9497]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  414.235443][ T9497]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  414.235455][ T9497]  __sock_sendmsg+0x219/0x270
[  414.235469][ T9497]  ____sys_sendmsg+0x505/0x830
[  414.235496][ T9497]  ? __pfx_____sys_sendmsg+0x10/0x10
[  414.235517][ T9497]  ? import_iovec+0x74/0xa0
[  414.235533][ T9497]  ___sys_sendmsg+0x21f/0x2a0
[  414.235549][ T9497]  ? __pfx____sys_sendmsg+0x10/0x10
[  414.235584][ T9497]  ? __fget_files+0x2a/0x420
[  414.235595][ T9497]  ? __fget_files+0x3a0/0x420
[  414.235612][ T9497]  __x64_sys_sendmsg+0x19b/0x260
[  414.235629][ T9497]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  414.235650][ T9497]  ? __pfx_ksys_write+0x10/0x10
[  414.235658][ T9497]  ? rcu_is_watching+0x15/0xb0
[  414.235672][ T9497]  ? do_syscall_64+0xbe/0x3b0
[  414.235685][ T9497]  do_syscall_64+0xfa/0x3b0
[  414.235696][ T9497]  ? lockdep_hardirqs_on+0x9c/0x150
[  414.235706][ T9497]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.235716][ T9497]  ? clear_bhb_loop+0x60/0xb0
[  414.235728][ T9497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.235738][ T9497] RIP: 0033:0x7f07d978e9a9
[  414.235747][ T9497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  414.235756][ T9497] RSP: 002b:00007f07da5bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  414.235768][ T9497] RAX: ffffffffffffffda RBX: 00007f07d99b5fa0 RCX: 00007f07d978e9a9
[  414.235776][ T9497] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  414.235782][ T9497] RBP: 00007f07da5bb090 R08: 0000000000000000 R09: 0000000000000000
[  414.235788][ T9497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  414.235794][ T9497] R13: 0000000000000000 R14: 00007f07d99b5fa0 R15: 00007ffcfb080038
[  414.235810][ T9497]  </TASK>
[  415.203643][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  415.215245][   T30] audit: type=1326 audit(1753499937.983:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9513 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  416.167492][ T9520] netdevsim netdevsim6: Direct firmware load for ..� failed with error -2
[  416.176775][ T9520] netdevsim netdevsim6: Falling back to sysfs fallback for: ..�
[  416.819943][    T9] usb 5-1: Using ep0 maxpacket: 16
[  416.896688][    T9] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  416.966630][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.041293][    T9] usb 5-1: Product: syz
[  417.045841][    T9] usb 5-1: Manufacturer: syz
[  417.097773][    T9] usb 5-1: SerialNumber: syz
[  417.135556][    T9] usb 5-1: config 0 descriptor??
[  417.143907][ T9532] trusted_key: encrypted_key: insufficient parameters specified
[  417.405431][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  417.405447][   T30] audit: type=1326 audit(1753499940.303:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  417.532618][ T9545] netlink: 'syz.0.830': attribute type 33 has an invalid length.
[  417.540502][ T9545] netlink: 152 bytes leftover after parsing attributes in process `syz.0.830'.
[  418.023410][    T9] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  418.039701][   T30] audit: type=1326 audit(1753499940.353:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.063611][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  418.071320][    T9] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  418.071398][    T9] usb 5-1: media controller created
[  418.114041][   T30] audit: type=1326 audit(1753499940.353:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114092][   T30] audit: type=1326 audit(1753499940.363:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114138][   T30] audit: type=1326 audit(1753499940.363:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114180][   T30] audit: type=1326 audit(1753499940.363:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114223][   T30] audit: type=1326 audit(1753499940.363:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114265][   T30] audit: type=1326 audit(1753499940.483:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114308][   T30] audit: type=1326 audit(1753499940.483:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.114351][   T30] audit: type=1326 audit(1753499940.503:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.6.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  418.180737][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  418.369873][    T9] zl10353_read_register: readreg error (reg=127, ret==0)
[  418.369935][    T9] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  418.369963][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  418.381425][    T9] usb 5-1: USB disconnect, device number 14
[  418.507331][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  421.446744][ T9593] netlink: 'syz.5.847': attribute type 33 has an invalid length.
[  421.454577][ T9593] netlink: 152 bytes leftover after parsing attributes in process `syz.5.847'.
[  423.523917][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  423.523934][   T30] audit: type=1326 audit(1753499946.423:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  423.599527][   T30] audit: type=1326 audit(1753499946.453:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  423.626867][ T9617] xt_TPROXY: Can be used only with -p tcp or -p udp
[  423.655203][ T9618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.854'.
[  423.673462][   T30] audit: type=1326 audit(1753499946.453:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  423.721746][   T30] audit: type=1326 audit(1753499946.453:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  423.768427][   T30] audit: type=1326 audit(1753499946.453:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  423.827806][   T30] audit: type=1326 audit(1753499946.453:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  423.880598][   T30] audit: type=1326 audit(1753499946.453:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9609 comm="syz.6.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  424.211959][ T9632] netlink: 4068 bytes leftover after parsing attributes in process `syz.6.860'.
[  425.409724][   T30] audit: type=1326 audit(1753499948.293:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9645 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  426.026853][   T30] audit: type=1326 audit(1753499948.313:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9645 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  426.099055][   T30] audit: type=1326 audit(1753499948.313:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9645 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  426.140620][ T9650] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.867'.
[  426.220986][ T9650] netlink: zone id is out of range
[  426.235245][ T9650] netlink: zone id is out of range
[  426.240724][ T9650] netlink: zone id is out of range
[  426.246052][ T9650] netlink: zone id is out of range
[  426.251851][ T9650] netlink: get zone limit has 8 unknown bytes
[  426.289616][ T9652] binder: 9648:9652 ioctl c0306201 200000000240 returned -14
[  426.312774][ T9654] FAULT_INJECTION: forcing a failure.
[  426.312774][ T9654] name failslab, interval 1, probability 0, space 0, times 0
[  426.325465][ T9654] CPU: 1 UID: 0 PID: 9654 Comm: syz.1.869 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  426.325492][ T9654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  426.325504][ T9654] Call Trace:
[  426.325511][ T9654]  <TASK>
[  426.325520][ T9654]  dump_stack_lvl+0x189/0x250
[  426.325546][ T9654]  ? __pfx____ratelimit+0x10/0x10
[  426.325568][ T9654]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.325590][ T9654]  ? __pfx__printk+0x10/0x10
[  426.325618][ T9654]  ? __rt6_find_exception_rcu+0x127/0x4c0
[  426.325648][ T9654]  should_fail_ex+0x414/0x560
[  426.325675][ T9654]  should_failslab+0xa8/0x100
[  426.325695][ T9654]  ? __pfx_ip6_dst_gc+0x10/0x10
[  426.325716][ T9654]  kmem_cache_alloc_noprof+0x73/0x3c0
[  426.325735][ T9654]  ? dst_alloc+0x105/0x170
[  426.325755][ T9654]  ? __pfx_ip6_dst_gc+0x10/0x10
[  426.325778][ T9654]  dst_alloc+0x105/0x170
[  426.325802][ T9654]  ip6_pol_route+0xa21/0x1180
[  426.325826][ T9654]  ? ip6_pol_route+0x162/0x1180
[  426.325854][ T9654]  ? __pfx_ip6_pol_route+0x10/0x10
[  426.325878][ T9654]  ? __lock_acquire+0xab9/0xd20
[  426.325903][ T9654]  ? inet6_ehashfn+0xb3/0x570
[  426.325927][ T9654]  ? ip6t_do_table+0x1376/0x1550
[  426.325958][ T9654]  fib6_rule_lookup+0x52f/0x6f0
[  426.325981][ T9654]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  426.326003][ T9654]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  426.326032][ T9654]  ? __inet6_lookup_established+0xb95/0xc30
[  426.326072][ T9654]  ip6_route_input+0x6ce/0xa50
[  426.326100][ T9654]  ? __pfx_ip6_route_input+0x10/0x10
[  426.326148][ T9654]  ? ip6_rcv_finish_core+0x222/0x420
[  426.326176][ T9654]  ip6_rcv_finish+0x141/0x2d0
[  426.326205][ T9654]  NF_HOOK+0x30c/0x3a0
[  426.326232][ T9654]  ? skb_orphan+0x4f/0xd0
[  426.326251][ T9654]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  426.326278][ T9654]  ? NF_HOOK+0x9a/0x3a0
[  426.326304][ T9654]  ? __pfx_NF_HOOK+0x10/0x10
[  426.326334][ T9654]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  426.326375][ T9654]  __netif_receive_skb+0xd3/0x380
[  426.326405][ T9654]  ? netif_receive_skb+0x115/0x790
[  426.326426][ T9654]  netif_receive_skb+0x1cb/0x790
[  426.326447][ T9654]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  426.326469][ T9654]  ? __pfx_netif_receive_skb+0x10/0x10
[  426.326498][ T9654]  ? tun_rx_batched+0x160/0x730
[  426.326525][ T9654]  tun_rx_batched+0x1b9/0x730
[  426.326549][ T9654]  ? __lock_acquire+0xab9/0xd20
[  426.326572][ T9654]  ? __pfx_tun_rx_batched+0x10/0x10
[  426.326600][ T9654]  ? tun_get_user+0x2549/0x3ce0
[  426.326638][ T9654]  tun_get_user+0x298e/0x3ce0
[  426.326663][ T9654]  ? tun_get_user+0x693/0x3ce0
[  426.326685][ T9654]  ? tun_get_user+0x2549/0x3ce0
[  426.326725][ T9654]  ? __pfx_tun_get_user+0x10/0x10
[  426.326759][ T9654]  ? __lock_acquire+0xab9/0xd20
[  426.326783][ T9654]  ? ref_tracker_alloc+0x318/0x460
[  426.326803][ T9654]  ? __lock_acquire+0xab9/0xd20
[  426.326823][ T9654]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  426.326851][ T9654]  ? tun_get+0x1c/0x2f0
[  426.326881][ T9654]  ? tun_get+0x1c/0x2f0
[  426.326904][ T9654]  ? tun_get+0x1c/0x2f0
[  426.326933][ T9654]  tun_chr_write_iter+0x113/0x200
[  426.326961][ T9654]  vfs_write+0x54b/0xa90
[  426.326986][ T9654]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  426.327011][ T9654]  ? __pfx_vfs_write+0x10/0x10
[  426.327047][ T9654]  ? __fget_files+0x2a/0x420
[  426.327080][ T9654]  ksys_write+0x145/0x250
[  426.327102][ T9654]  ? __pfx_ksys_write+0x10/0x10
[  426.327126][ T9654]  ? do_syscall_64+0xbe/0x3b0
[  426.327153][ T9654]  do_syscall_64+0xfa/0x3b0
[  426.327176][ T9654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.327193][ T9654]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  426.327212][ T9654]  ? clear_bhb_loop+0x60/0xb0
[  426.327236][ T9654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.327255][ T9654] RIP: 0033:0x7fb03038d45f
[  426.327272][ T9654] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  426.327289][ T9654] RSP: 002b:00007fb031234000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  426.327310][ T9654] RAX: ffffffffffffffda RBX: 00007fb0305b5fa0 RCX: 00007fb03038d45f
[  426.327324][ T9654] RDX: 000000000000004a RSI: 0000200000000140 RDI: 00000000000000c8
[  426.327337][ T9654] RBP: 00007fb031234090 R08: 0000000000000000 R09: 0000000000000000
[  426.327350][ T9654] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  426.327361][ T9654] R13: 0000000000000000 R14: 00007fb0305b5fa0 R15: 00007ffed9c88cb8
[  426.327394][ T9654]  </TASK>
[  426.835457][ T9644] netlink: 'syz.0.865': attribute type 33 has an invalid length.
[  426.843789][ T9644] netlink: 152 bytes leftover after parsing attributes in process `syz.0.865'.
[  427.924489][ T9674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.873'.
[  429.025776][ T9680] netlink: set zone limit has 4 unknown bytes
[  429.075571][ T9688] netlink: 44 bytes leftover after parsing attributes in process `syz.6.875'.
[  429.476626][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  429.476672][   T30] audit: type=1326 audit(1753499952.333:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.176112][   T30] audit: type=1326 audit(1753499952.333:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.203359][   T30] audit: type=1326 audit(1753499952.333:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.225819][   T30] audit: type=1326 audit(1753499952.333:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.338669][   T30] audit: type=1326 audit(1753499952.333:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.415821][   T30] audit: type=1326 audit(1753499952.333:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.489820][   T30] audit: type=1326 audit(1753499952.333:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9693 comm="syz.0.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  430.533247][ T9702] veth1: entered promiscuous mode
[  430.703128][ T9700] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'.
[  432.034913][ T9722] netlink: 8 bytes leftover after parsing attributes in process `syz.5.886'.
[  432.205151][ T9723] netlink: 'syz.1.887': attribute type 33 has an invalid length.
[  432.213024][ T9723] netlink: 152 bytes leftover after parsing attributes in process `syz.1.887'.
[  433.213869][ T9732] siw: device registration error -23
[  434.090245][   T30] audit: type=1326 audit(1753499956.993:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  434.247749][   T30] audit: type=1326 audit(1753499956.993:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  434.272348][   T30] audit: type=1326 audit(1753499956.993:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  434.909628][   T30] audit: type=1326 audit(1753499956.993:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  434.979699][   T30] audit: type=1326 audit(1753499956.993:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  435.157181][   T30] audit: type=1326 audit(1753499956.993:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  435.226287][   T30] audit: type=1326 audit(1753499956.993:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9735 comm="syz.5.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  435.249713][ T9743] netlink: 28 bytes leftover after parsing attributes in process `syz.4.893'.
[  435.270261][ T9743] omfs: Unknown parameter '@'
[  435.290039][ T9748] FAULT_INJECTION: forcing a failure.
[  435.290039][ T9748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.306240][ T9748] CPU: 0 UID: 0 PID: 9748 Comm: syz.5.895 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  435.306263][ T9748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  435.306273][ T9748] Call Trace:
[  435.306279][ T9748]  <TASK>
[  435.306285][ T9748]  dump_stack_lvl+0x189/0x250
[  435.306303][ T9748]  ? __pfx____ratelimit+0x10/0x10
[  435.306314][ T9748]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.306326][ T9748]  ? __pfx__printk+0x10/0x10
[  435.306339][ T9748]  ? __might_fault+0xb0/0x130
[  435.306356][ T9748]  should_fail_ex+0x414/0x560
[  435.306370][ T9748]  _copy_from_user+0x2d/0xb0
[  435.306385][ T9748]  dma_buf_ioctl+0x1b9/0x880
[  435.306398][ T9748]  ? __pfx_dma_buf_ioctl+0x10/0x10
[  435.306413][ T9748]  ? __fget_files+0x2a/0x420
[  435.306425][ T9748]  ? __fget_files+0x3a0/0x420
[  435.306437][ T9748]  ? __fget_files+0x2a/0x420
[  435.306449][ T9748]  ? bpf_lsm_file_ioctl+0x9/0x20
[  435.306462][ T9748]  ? __pfx_dma_buf_ioctl+0x10/0x10
[  435.306472][ T9748]  __se_sys_ioctl+0xfc/0x170
[  435.306489][ T9748]  do_syscall_64+0xfa/0x3b0
[  435.306500][ T9748]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.306511][ T9748]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.306521][ T9748]  ? clear_bhb_loop+0x60/0xb0
[  435.306533][ T9748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.306543][ T9748] RIP: 0033:0x7f469258e9a9
[  435.306553][ T9748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.306562][ T9748] RSP: 002b:00007f469340e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  435.306573][ T9748] RAX: ffffffffffffffda RBX: 00007f46927b5fa0 RCX: 00007f469258e9a9
[  435.306581][ T9748] RDX: 0000200000000300 RSI: 0000000040086203 RDI: 0000000000000005
[  435.306587][ T9748] RBP: 00007f469340e090 R08: 0000000000000000 R09: 0000000000000000
[  435.306594][ T9748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.306600][ T9748] R13: 0000000000000000 R14: 00007f46927b5fa0 R15: 00007ffe673a6608
[  435.306615][ T9748]  </TASK>
[  435.527357][ T9750] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.896'.
[  435.536689][ T9750] netlink: zone id is out of range
[  435.541791][ T9750] netlink: zone id is out of range
[  435.546929][ T9750] netlink: zone id is out of range
[  435.552022][ T9750] netlink: zone id is out of range
[  435.557170][ T9750] netlink: get zone limit has 8 unknown bytes
[  435.646463][ T9750] binder: 9747:9750 ioctl c0306201 200000000240 returned -14
[  435.646632][ T9755] netlink: 8 bytes leftover after parsing attributes in process `syz.6.898'.
[  435.988023][ T9761] xt_nfacct: accounting object `syz1' does not exists
[  437.321078][   T30] audit: type=1326 audit(1753499960.223:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.5.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  437.658444][   T30] audit: type=1326 audit(1753499960.523:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.5.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  437.829944][   T30] audit: type=1326 audit(1753499960.523:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.5.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  438.072670][   T30] audit: type=1326 audit(1753499960.523:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.5.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  438.702432][   T30] audit: type=1326 audit(1753499960.523:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.5.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  438.929220][   T30] audit: type=1326 audit(1753499960.523:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.5.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  439.289095][ T9792] netlink: 8 bytes leftover after parsing attributes in process `syz.1.910'.
[  439.867736][ T9798] netlink: 28 bytes leftover after parsing attributes in process `syz.1.913'.
[  439.880566][ T9798] bridge0: port 3(netdevsim0) entered disabled state
[  439.887433][ T9798] bridge0: port 2(bridge_slave_1) entered disabled state
[  439.894631][ T9798] bridge0: port 1(bridge_slave_0) entered disabled state
[  439.907343][ T9798] omfs: Unknown parameter '@'
[  440.096176][ T9801] xt_nfacct: accounting object `syz1' does not exists
[  440.105151][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.111573][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  444.001178][ T9832] netlink: 'syz.0.918': attribute type 33 has an invalid length.
[  444.009100][ T9832] netlink: 152 bytes leftover after parsing attributes in process `syz.0.918'.
[  445.171598][ T9841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.923'.
[  445.722150][ T9850] xt_nfacct: accounting object `syz1' does not exists
[  446.181137][ T6465] wlan1: Trigger new scan to find an IBSS to join
[  446.714780][ T9863] xt_nfacct: accounting object `syz1' does not exists
[  447.796663][   T10] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  448.114941][   T10] usb 1-1: device descriptor read/64, error -71
[  448.875835][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  449.386544][   T10] usb 1-1: device descriptor read/64, error -71
[  450.147341][ T9885] netlink: 8 bytes leftover after parsing attributes in process `syz.6.935'.
[  450.166693][   T10] usb usb1-port1: attempt power cycle
[  450.667810][ T9890] netlink: 28 bytes leftover after parsing attributes in process `syz.5.938'.
[  450.678139][ T9890] omfs: Unknown parameter '@'
[  450.876228][ T6472] wlan1: Trigger new scan to find an IBSS to join
[  451.059660][ T9902] netlink: 'syz.4.941': attribute type 2 has an invalid length.
[  451.861943][ T9906] Bluetooth: Invalid byte 00 after esc byte
[  453.384136][ T9909] netdevsim netdevsim0: Direct firmware load for ..� failed with error -2
[  453.396037][ T9909] netdevsim netdevsim0: Falling back to sysfs fallback for: ..�
[  453.896242][ T5844] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  454.280231][ T2946] wlan1: Creating new IBSS network, BSSID 56:63:d8:c2:fc:61
[  454.505311][   T36] Bluetooth: Error in BCSP hdr checksum
[  454.759305][   T36] Bluetooth: Error in BCSP hdr checksum
[  455.238404][ T1152] Bluetooth: Error in BCSP hdr checksum
[  455.380572][ T9938] netlink: 'syz.5.949': attribute type 1 has an invalid length.
[  455.551606][ T9946] netlink: 8 bytes leftover after parsing attributes in process `syz.0.950'.
[  456.616933][ T5904] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  457.266652][ T5904] usb 5-1: Using ep0 maxpacket: 32
[  457.402805][ T5904] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  457.518248][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  457.793104][ T5904] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  457.889810][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  457.889829][   T30] audit: type=1326 audit(1753499980.753:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  458.159117][   T30] audit: type=1326 audit(1753499980.753:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  458.413959][   T30] audit: type=1326 audit(1753499980.753:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  458.576444][ T5904] usb 5-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  458.584680][ T5904] usb 5-1: Product: syz
[  458.588918][ T5904] usb 5-1: Manufacturer: syz
[  458.593528][ T5904] usb 5-1: SerialNumber: syz
[  458.626256][   T30] audit: type=1326 audit(1753499980.753:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  458.664949][ T5904] usb 5-1: config 0 descriptor??
[  458.734464][ T9990] FAULT_INJECTION: forcing a failure.
[  458.734464][ T9990] name failslab, interval 1, probability 0, space 0, times 0
[  458.747775][ T9990] CPU: 1 UID: 0 PID: 9990 Comm: syz.6.961 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  458.747802][ T9990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  458.747814][ T9990] Call Trace:
[  458.747823][ T9990]  <TASK>
[  458.747831][ T9990]  dump_stack_lvl+0x189/0x250
[  458.747858][ T9990]  ? __pfx____ratelimit+0x10/0x10
[  458.747879][ T9990]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.747901][ T9990]  ? __pfx__printk+0x10/0x10
[  458.747927][ T9990]  ? __pfx___might_resched+0x10/0x10
[  458.747949][ T9990]  ? fs_reclaim_acquire+0x7d/0x100
[  458.747976][ T9990]  should_fail_ex+0x414/0x560
[  458.748003][ T9990]  should_failslab+0xa8/0x100
[  458.748026][ T9990]  __kmalloc_noprof+0xcb/0x4f0
[  458.748043][ T9990]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  458.748063][ T9990]  ? sock_kmalloc+0xd6/0x160
[  458.748086][ T9990]  sock_kmalloc+0xd6/0x160
[  458.748109][ T9990]  hash_recvmsg+0x1d4/0x840
[  458.748144][ T9990]  ? __pfx_hash_recvmsg+0x10/0x10
[  458.748165][ T9990]  sock_recvmsg_nosec+0x186/0x1c0
[  458.748194][ T9990]  ____sys_recvmsg+0x3aa/0x460
[  458.748223][ T9990]  ? __pfx_____sys_recvmsg+0x10/0x10
[  458.748259][ T9990]  ? import_iovec+0x74/0xa0
[  458.748290][ T9990]  ___sys_recvmsg+0x1b5/0x510
[  458.748315][ T9990]  ? __pfx____sys_recvmsg+0x10/0x10
[  458.748369][ T9990]  ? __might_fault+0xb0/0x130
[  458.748393][ T9990]  do_recvmmsg+0x307/0x770
[  458.748422][ T9990]  ? __pfx_do_recvmmsg+0x10/0x10
[  458.748454][ T9990]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  458.748497][ T9990]  __x64_sys_recvmmsg+0x190/0x240
[  458.748520][ T9990]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  458.748536][ T9990]  ? rcu_is_watching+0x15/0xb0
[  458.748561][ T9990]  ? do_syscall_64+0xbe/0x3b0
[  458.748586][ T9990]  do_syscall_64+0xfa/0x3b0
[  458.748603][ T9990]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.748622][ T9990]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.748641][ T9990]  ? clear_bhb_loop+0x60/0xb0
[  458.748664][ T9990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.748682][ T9990] RIP: 0033:0x7f07d978e9a9
[  458.748699][ T9990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.748716][ T9990] RSP: 002b:00007f07da59a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  458.748737][ T9990] RAX: ffffffffffffffda RBX: 00007f07d99b6080 RCX: 00007f07d978e9a9
[  458.748751][ T9990] RDX: 0000000000000600 RSI: 0000200000003700 RDI: 0000000000000008
[  458.748763][ T9990] RBP: 00007f07da59a090 R08: 0000000000000000 R09: 0000000000000000
[  458.748775][ T9990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.748786][ T9990] R13: 0000000000000000 R14: 00007f07d99b6080 R15: 00007ffcfb080038
[  458.748819][ T9990]  </TASK>
[  459.343131][   T30] audit: type=1326 audit(1753499980.753:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  459.517214][ T5904] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  459.536044][   T30] audit: type=1326 audit(1753499980.753:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  459.552630][ T9994] afs: Unknown parameter ''
[  459.673607][ T6460] usb 5-1: Failed to submit usb control message: -71
[  459.698614][ T5904] usb 5-1: USB disconnect, device number 15
[  459.714886][ T6460] usb 5-1: unable to send the bmi data to the device: -71
[  459.775428][ T6460] usb 5-1: unable to get target info from device
[  459.784724][   T30] audit: type=1326 audit(1753499980.753:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  459.806020][ T6460] usb 5-1: could not get target info (-71)
[  459.822403][ T6460] usb 5-1: could not probe fw (-71)
[  459.947659][T10001] FAULT_INJECTION: forcing a failure.
[  459.947659][T10001] name failslab, interval 1, probability 0, space 0, times 0
[  459.960614][   T30] audit: type=1326 audit(1753499980.763:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  460.068787][T10001] CPU: 1 UID: 0 PID: 10001 Comm: syz.4.966 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  460.068817][T10001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  460.068829][T10001] Call Trace:
[  460.068838][T10001]  <TASK>
[  460.068846][T10001]  dump_stack_lvl+0x189/0x250
[  460.068873][T10001]  ? __pfx____ratelimit+0x10/0x10
[  460.068894][T10001]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.068915][T10001]  ? __pfx__printk+0x10/0x10
[  460.068946][T10001]  ? __pfx___might_resched+0x10/0x10
[  460.068973][T10001]  ? fs_reclaim_acquire+0x7d/0x100
[  460.069002][T10001]  should_fail_ex+0x414/0x560
[  460.069025][T10001]  ? __pfx_sock_alloc_inode+0x10/0x10
[  460.069046][T10001]  should_failslab+0xa8/0x100
[  460.069069][T10001]  ? __pfx_sock_alloc_inode+0x10/0x10
[  460.069088][T10001]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  460.069107][T10001]  ? sock_alloc_inode+0x28/0xc0
[  460.069132][T10001]  ? __pfx_sock_alloc_inode+0x10/0x10
[  460.069153][T10001]  sock_alloc_inode+0x28/0xc0
[  460.069174][T10001]  alloc_inode+0x67/0x1b0
[  460.069197][T10001]  __sock_create+0x12d/0x9f0
[  460.069231][T10001]  __sys_socket+0xd7/0x1b0
[  460.069258][T10001]  __x64_sys_socket+0x7a/0x90
[  460.069283][T10001]  do_syscall_64+0xfa/0x3b0
[  460.069303][T10001]  ? lockdep_hardirqs_on+0x9c/0x150
[  460.069323][T10001]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.069342][T10001]  ? clear_bhb_loop+0x60/0xb0
[  460.069365][T10001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.069383][T10001] RIP: 0033:0x7fc78818e9a9
[  460.069400][T10001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.069417][T10001] RSP: 002b:00007fc789034038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  460.069438][T10001] RAX: ffffffffffffffda RBX: 00007fc7883b5fa0 RCX: 00007fc78818e9a9
[  460.069453][T10001] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000022
[  460.069465][T10001] RBP: 00007fc789034090 R08: 0000000000000000 R09: 0000000000000000
[  460.069477][T10001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.069489][T10001] R13: 0000000000000001 R14: 00007fc7883b5fa0 R15: 00007ffc950a9368
[  460.069519][T10001]  </TASK>
[  460.069529][T10001] socket: no more sockets
[  460.116132][   T30] audit: type=1326 audit(1753499980.763:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  460.341075][   T30] audit: type=1326 audit(1753499980.763:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9974 comm="syz.1.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  460.343561][T10003] netlink: 8 bytes leftover after parsing attributes in process `syz.6.967'.
[  460.440028][T10007] netlink: 20 bytes leftover after parsing attributes in process `syz.0.965'.
[  462.833623][T10031] netlink: 'syz.1.975': attribute type 1 has an invalid length.
[  462.841843][T10031] netlink: 28 bytes leftover after parsing attributes in process `syz.1.975'.
[  463.439409][T10031] nbd: illegal input index 65544
[  465.296215][T10037] netlink: 32 bytes leftover after parsing attributes in process `syz.0.976'.
[  466.723792][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.981'.
[  471.760553][T10095] netlink: 4068 bytes leftover after parsing attributes in process `syz.6.994'.
[  472.252040][T10105] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.997'.
[  472.748719][T10099] netlink: 8 bytes leftover after parsing attributes in process `syz.4.995'.
[  472.781380][T10096] delete_channel: no stack
[  474.439636][T10117] xt_nfacct: accounting object `syz1' does not exists
[  475.051531][T10122] FAULT_INJECTION: forcing a failure.
[  475.051531][T10122] name fail_iommufd, interval 1, probability 0, space 0, times 0
[  476.086281][T10122] CPU: 1 UID: 0 PID: 10122 Comm: syz.5.1002 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  476.086312][T10122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  476.086324][T10122] Call Trace:
[  476.086332][T10122]  <TASK>
[  476.086342][T10122]  dump_stack_lvl+0x189/0x250
[  476.086370][T10122]  ? __pfx____ratelimit+0x10/0x10
[  476.086401][T10122]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.086422][T10122]  ? __pfx__printk+0x10/0x10
[  476.086447][T10122]  ? do_vfs_ioctl+0xf37/0x1990
[  476.086479][T10122]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  476.086512][T10122]  should_fail_ex+0x414/0x560
[  476.086538][T10122]  iommufd_get_object+0x78/0x4b0
[  476.086565][T10122]  ? __pfx_iommufd_get_object+0x10/0x10
[  476.086588][T10122]  ? __lock_acquire+0xab9/0xd20
[  476.086608][T10122]  ? iommufd_test_syz_conv_iova_id+0x60/0x230
[  476.086641][T10122]  iommufd_ioas_copy+0x322/0x720
[  476.086674][T10122]  ? __pfx_iommufd_ioas_copy+0x10/0x10
[  476.086711][T10122]  iommufd_fops_ioctl+0x446/0x520
[  476.086739][T10122]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  476.086776][T10122]  ? __fget_files+0x3a0/0x420
[  476.086797][T10122]  ? __fget_files+0x2a/0x420
[  476.086819][T10122]  ? bpf_lsm_file_ioctl+0x9/0x20
[  476.086841][T10122]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  476.086866][T10122]  __se_sys_ioctl+0xfc/0x170
[  476.086896][T10122]  do_syscall_64+0xfa/0x3b0
[  476.086916][T10122]  ? lockdep_hardirqs_on+0x9c/0x150
[  476.086937][T10122]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.086955][T10122]  ? clear_bhb_loop+0x60/0xb0
[  476.086979][T10122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.086998][T10122] RIP: 0033:0x7f469258e9a9
[  476.087015][T10122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.087031][T10122] RSP: 002b:00007f469340e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  476.087051][T10122] RAX: ffffffffffffffda RBX: 00007f46927b5fa0 RCX: 00007f469258e9a9
[  476.087065][T10122] RDX: 0000200000000040 RSI: 0000000000003b83 RDI: 0000000000000003
[  476.087078][T10122] RBP: 00007f469340e090 R08: 0000000000000000 R09: 0000000000000000
[  476.087090][T10122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.087102][T10122] R13: 0000000000000000 R14: 00007f46927b5fa0 R15: 00007ffe673a6608
[  476.087131][T10122]  </TASK>
[  476.687036][T10130] netlink: 'syz.0.1005': attribute type 8 has an invalid length.
[  476.749262][T10133] netlink: 'syz.4.1006': attribute type 8 has an invalid length.
[  477.344076][T10140] netlink: 4068 bytes leftover after parsing attributes in process `syz.5.1007'.
[  479.143013][T10153] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1010'.
[  479.737582][T10155] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1011'.
[  482.834967][T10178] netdevsim netdevsim1: Direct firmware load for ..� failed with error -2
[  482.843837][T10178] netdevsim netdevsim1: Falling back to sysfs fallback for: ..�
[  484.311533][ T1152] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  484.411372][T10185] netlink: 4068 bytes leftover after parsing attributes in process `syz.4.1019'.
[  485.529783][T10194] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1020'.
[  485.567941][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  485.567960][   T30] audit: type=1326 audit(1753500008.463:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  485.696488][T10194] omfs: Unknown parameter '@'
[  485.859783][   T30] audit: type=1326 audit(1753500008.463:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  486.362096][T10203] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1026'.
[  486.483443][   T30] audit: type=1326 audit(1753500008.463:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  486.505214][    C0] vkms_vblank_simulate: vblank timer overrun
[  486.556165][   T30] audit: type=1326 audit(1753500008.463:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  486.633458][T10211] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1025'.
[  487.358370][   T30] audit: type=1326 audit(1753500008.463:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  487.874419][   T30] audit: type=1326 audit(1753500008.503:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  488.181156][   T30] audit: type=1326 audit(1753500008.503:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10195 comm="syz.4.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  489.246071][ T5971] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  490.026143][ T5971] usb 1-1: device descriptor read/64, error -71
[  490.276300][ T5971] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  490.437967][T10237] netlink: 'syz.1.1035': attribute type 10 has an invalid length.
[  490.486067][ T5971] usb 1-1: device descriptor read/64, error -71
[  490.599425][ T5971] usb usb1-port1: attempt power cycle
[  490.614911][T10237] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  490.684541][   T30] audit: type=1326 audit(1753500013.583:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  490.706191][    C0] vkms_vblank_simulate: vblank timer overrun
[  490.793115][   T30] audit: type=1326 audit(1753500013.583:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  490.861262][   T30] audit: type=1326 audit(1753500013.583:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  490.883865][T10247] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1037'.
[  490.883914][T10247] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1037'.
[  490.913002][   T30] audit: type=1326 audit(1753500013.583:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  491.146759][ T5971] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  491.186097][ T5971] usb 1-1: device descriptor read/8, error -71
[  491.219143][T10255] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1038'.
[  491.554542][   T30] audit: type=1326 audit(1753500013.643:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  491.576145][    C0] vkms_vblank_simulate: vblank timer overrun
[  491.688206][   T30] audit: type=1326 audit(1753500013.643:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  491.943899][   T30] audit: type=1326 audit(1753500013.653:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  492.637196][   T30] audit: type=1326 audit(1753500013.653:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  492.658772][    C0] vkms_vblank_simulate: vblank timer overrun
[  492.673504][   T30] audit: type=1326 audit(1753500013.653:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10243 comm="syz.6.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07d978e9a9 code=0x7ffc0000
[  495.637479][   T30] audit: type=1326 audit(1753500018.543:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  495.677574][T10296] netlink: 'syz.1.1047': attribute type 10 has an invalid length.
[  495.766103][   T30] audit: type=1326 audit(1753500018.563:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  495.879422][   T30] audit: type=1326 audit(1753500018.563:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  495.912479][T10301] netlink: 4068 bytes leftover after parsing attributes in process `syz.4.1050'.
[  496.469005][T10307] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1053'.
[  496.980818][   T30] audit: type=1326 audit(1753500018.573:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  497.004723][   T59] wlan1: Trigger new scan to find an IBSS to join
[  497.121723][   T30] audit: type=1326 audit(1753500018.573:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  497.146066][   T30] audit: type=1326 audit(1753500018.573:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  497.167786][   T30] audit: type=1326 audit(1753500018.573:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10281 comm="syz.0.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814198e9a9 code=0x7ffc0000
[  497.652971][T10315] =======================================================
[  497.652971][T10315] WARNING: The mand mount option has been deprecated and
[  497.652971][T10315]          and is ignored by this kernel. Remove the mand
[  497.652971][T10315]          option from the mount to silence this warning.
[  497.652971][T10315] =======================================================
[  497.687902][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.966259][T10324] netlink: 'syz.4.1057': attribute type 8 has an invalid length.
[  499.002583][T10315] fuse: Unknown parameter ''
[  499.320233][T10322] xt_nfacct: accounting object `syz1' does not exists
[  500.201266][T10338] netlink: 'syz.6.1059': attribute type 8 has an invalid length.
[  501.248880][ T6200] wlan1: Creating new IBSS network, BSSID a6:4a:ec:25:bd:3e
[  501.505554][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.512200][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  502.056663][T10355] xt_nfacct: accounting object `syz1' does not exists
[  506.617189][T10404] netlink: 'syz.5.1074': attribute type 8 has an invalid length.
[  506.712186][T10407] xt_nfacct: accounting object `syz1' does not exists
[  507.663978][ T1312] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  507.963398][ T1312] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.017622][ T1312] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  508.094548][ T1312] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  508.137321][ T1312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.145380][ T1312] usb 5-1: Product: syz
[  508.173527][ T1312] usb 5-1: Manufacturer: syz
[  508.238408][ T1312] usb 5-1: SerialNumber: syz
[  510.755680][ T1312] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[  510.762336][ T1312] cdc_ncm 5-1:1.0: bind() failure
[  510.786210][ T1312] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  510.793066][ T1312] cdc_ncm 5-1:1.1: bind() failure
[  510.807731][ T1312] usb 5-1: USB disconnect, device number 16
[  511.548624][T10446] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  511.548624][T10446]    program syz.6.1082 not setting count and/or reply_len properly
[  511.965117][   T30] audit: type=1326 audit(1753500034.783:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  512.429576][   T30] audit: type=1326 audit(1753500034.783:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  512.504896][T10460] process 'syz.1.1084' launched './file2' with NULL argv: empty string added
[  512.706152][   T30] audit: type=1326 audit(1753500034.783:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  513.036098][   T30] audit: type=1326 audit(1753500034.783:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  513.057730][T10463] netlink: 'syz.5.1088': attribute type 8 has an invalid length.
[  513.237727][   T30] audit: type=1326 audit(1753500034.783:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  513.315722][   T30] audit: type=1326 audit(1753500034.783:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  513.412254][   T30] audit: type=1326 audit(1753500034.783:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10447 comm="syz.5.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  513.526673][T10474] netlink: 'syz.0.1091': attribute type 8 has an invalid length.
[  514.587129][T10488] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1095'.
[  516.313722][   T30] audit: type=1326 audit(1753500039.213:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10500 comm="syz.4.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  516.436065][   T30] audit: type=1326 audit(1753500039.243:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10500 comm="syz.4.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  516.514298][   T30] audit: type=1326 audit(1753500039.243:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10500 comm="syz.4.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78818e9a9 code=0x7ffc0000
[  516.666063][ T5972] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  516.866119][ T5972] usb 2-1: Using ep0 maxpacket: 8
[  516.896707][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.980529][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  517.180119][T10523] netlink: 'syz.4.1103': attribute type 2 has an invalid length.
[  517.375346][T10525] xt_nfacct: accounting object `syz1' does not exists
[  517.461438][ T5972] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  517.718640][ T5972] usb 2-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  517.813120][ T5972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.877623][ T5972] usb 2-1: config 0 descriptor??
[  517.974471][T10535] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1109'.
[  518.045703][T10538] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  519.000578][ T5972] usbhid 2-1:0.0: can't add hid device: -71
[  519.010526][ T5972] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  519.066465][ T5972] usb 2-1: USB disconnect, device number 16
[  519.218406][T10561] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  519.218406][T10561]    program syz.4.1110 not setting count and/or reply_len properly
[  519.346054][    T9] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  520.733779][T10562] loop4: detected capacity change from 0 to 63
[  520.771439][ T9476] Buffer I/O error on dev loop4, logical block 0, async page read
[  520.835422][ T9476] Buffer I/O error on dev loop4, logical block 0, async page read
[  520.847770][    T9] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  520.872125][    T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  520.900532][ T9476] Buffer I/O error on dev loop4, logical block 0, async page read
[  520.910041][    T9] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  520.919722][ T9476] Buffer I/O error on dev loop4, logical block 0, async page read
[  520.933988][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  520.943897][ T9476] Buffer I/O error on dev loop4, logical block 0, async page read
[  520.992371][    T9] usb 7-1: SerialNumber: syz
[  521.034355][    T9] usb 7-1: 0:2 : does not exist
[  521.804216][    T9] usb 7-1: USB disconnect, device number 4
[  523.528745][T10598] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1122'.
[  524.886085][   T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  525.716033][   T24] usb 1-1: Using ep0 maxpacket: 32
[  525.728881][   T24] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  525.855429][   T24] usb 1-1: config 0 has no interface number 0
[  525.866344][   T24] usb 1-1: config 0 interface 184 has no altsetting 0
[  525.875645][   T24] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  525.885715][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.911311][   T24] usb 1-1: Product: syz
[  525.979065][   T24] usb 1-1: Manufacturer: syz
[  525.985325][   T24] usb 1-1: SerialNumber: syz
[  526.053936][T10629] siw: device registration error -23
[  526.754853][   T24] usb 1-1: config 0 descriptor??
[  526.807968][   T24] smsc75xx v1.0.0
[  529.560854][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  529.648374][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  529.710197][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  529.759015][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  529.807303][T10642] netlink: 'syz.6.1132': attribute type 8 has an invalid length.
[  530.052697][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  530.057807][T10644] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  530.213649][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  530.411185][T10649] FAULT_INJECTION: forcing a failure.
[  530.411185][T10649] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  530.424787][T10649] CPU: 1 UID: 0 PID: 10649 Comm: syz.4.1134 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  530.424811][T10649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  530.424822][T10649] Call Trace:
[  530.424830][T10649]  <TASK>
[  530.424840][T10649]  dump_stack_lvl+0x189/0x250
[  530.424864][T10649]  ? __pfx____ratelimit+0x10/0x10
[  530.424883][T10649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  530.424908][T10649]  ? __pfx__printk+0x10/0x10
[  530.424929][T10649]  ? __might_fault+0xb0/0x130
[  530.424957][T10649]  should_fail_ex+0x414/0x560
[  530.424980][T10649]  _copy_from_iter+0x1db/0x16f0
[  530.425012][T10649]  ? __pfx__copy_from_iter+0x10/0x10
[  530.425032][T10649]  ? __pfx_woken_wake_function+0x10/0x10
[  530.425063][T10649]  ? file_tty_write+0x2e8/0x990
[  530.425085][T10649]  ? rcu_is_watching+0x15/0xb0
[  530.425104][T10649]  ? kfree+0x4d/0x440
[  530.425133][T10649]  file_tty_write+0x486/0x990
[  530.425164][T10649]  vfs_write+0x54b/0xa90
[  530.425184][T10649]  ? __pfx_tty_write+0x10/0x10
[  530.425206][T10649]  ? __pfx_vfs_write+0x10/0x10
[  530.425232][T10649]  ? __fget_files+0x2a/0x420
[  530.425259][T10649]  ksys_write+0x145/0x250
[  530.425278][T10649]  ? __pfx_ksys_write+0x10/0x10
[  530.425291][T10649]  ? rcu_is_watching+0x15/0xb0
[  530.425313][T10649]  ? do_syscall_64+0xbe/0x3b0
[  530.425335][T10649]  do_syscall_64+0xfa/0x3b0
[  530.425352][T10649]  ? lockdep_hardirqs_on+0x9c/0x150
[  530.425370][T10649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.425386][T10649]  ? clear_bhb_loop+0x60/0xb0
[  530.425407][T10649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.425423][T10649] RIP: 0033:0x7fc78818e9a9
[  530.425439][T10649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.425453][T10649] RSP: 002b:00007fc789013038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  530.425472][T10649] RAX: ffffffffffffffda RBX: 00007fc7883b6080 RCX: 00007fc78818e9a9
[  530.425485][T10649] RDX: 000000000000ff2e RSI: 00002000000001c0 RDI: 0000000000000003
[  530.425496][T10649] RBP: 00007fc789013090 R08: 0000000000000000 R09: 0000000000000000
[  530.425506][T10649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.425517][T10649] R13: 0000000000000000 R14: 00007fc7883b6080 R15: 00007ffc950a9368
[  530.425544][T10649]  </TASK>
[  530.689935][   T24] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  530.704214][   T24] usb 1-1: USB disconnect, device number 21
[  531.187960][T10655] fuse: Bad value for 'fd'
[  531.345667][ T6460] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  532.757152][T10672] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.1140'.
[  533.375125][    T9] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  534.830047][T10679] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1143'.
[  534.856784][T10679] omfs: Unknown parameter '@'
[  534.911077][T10689] fuse: Bad value for 'fd'
[  535.987103][T10699] geneve2: entered promiscuous mode
[  536.396872][T10705] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.1152'.
[  538.202637][T10715] netlink: 4068 bytes leftover after parsing attributes in process `syz.4.1157'.
[  539.743485][T10711] netlink: 'syz.5.1155': attribute type 2 has an invalid length.
[  540.126133][ T5923] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  540.180706][T10734] FAULT_INJECTION: forcing a failure.
[  540.180706][T10734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  540.194361][T10734] CPU: 1 UID: 0 PID: 10734 Comm: syz.1.1163 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  540.194387][T10734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.194399][T10734] Call Trace:
[  540.194406][T10734]  <TASK>
[  540.194414][T10734]  dump_stack_lvl+0x189/0x250
[  540.194440][T10734]  ? __pfx____ratelimit+0x10/0x10
[  540.194462][T10734]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.194484][T10734]  ? __pfx__printk+0x10/0x10
[  540.194521][T10734]  should_fail_ex+0x414/0x560
[  540.194548][T10734]  _copy_to_user+0x31/0xb0
[  540.194576][T10734]  simple_read_from_buffer+0xe1/0x170
[  540.194602][T10734]  proc_fail_nth_read+0x1df/0x250
[  540.194630][T10734]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  540.194656][T10734]  ? rw_verify_area+0x258/0x650
[  540.194683][T10734]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  540.194706][T10734]  vfs_read+0x200/0x980
[  540.194738][T10734]  ? __pfx___mutex_lock+0x10/0x10
[  540.194758][T10734]  ? __pfx_vfs_read+0x10/0x10
[  540.194786][T10734]  ? __fget_files+0x2a/0x420
[  540.194811][T10734]  ? __fget_files+0x3a0/0x420
[  540.194830][T10734]  ? __fget_files+0x2a/0x420
[  540.194857][T10734]  ksys_read+0x145/0x250
[  540.194894][T10734]  ? __pfx_ksys_read+0x10/0x10
[  540.194925][T10734]  ? do_syscall_64+0xbe/0x3b0
[  540.194950][T10734]  do_syscall_64+0xfa/0x3b0
[  540.194969][T10734]  ? lockdep_hardirqs_on+0x9c/0x150
[  540.194988][T10734]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.195007][T10734]  ? clear_bhb_loop+0x60/0xb0
[  540.195027][T10734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.195043][T10734] RIP: 0033:0x7fb03038d3bc
[  540.195060][T10734] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  540.195077][T10734] RSP: 002b:00007fb0311f2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  540.195096][T10734] RAX: ffffffffffffffda RBX: 00007fb0305b6160 RCX: 00007fb03038d3bc
[  540.195116][T10734] RDX: 000000000000000f RSI: 00007fb0311f20a0 RDI: 0000000000000007
[  540.195128][T10734] RBP: 00007fb0311f2090 R08: 0000000000000000 R09: 0000000000000000
[  540.195141][T10734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.195151][T10734] R13: 0000000000000000 R14: 00007fb0305b6160 R15: 00007ffed9c88cb8
[  540.195180][T10734]  </TASK>
[  540.515782][ T5923] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  540.572020][ T5923] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  540.655556][ T5923] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  540.787189][T10740] random: crng reseeded on system resumption
[  540.793623][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  540.833989][ T5923] usb 1-1: Product: syz
[  540.844327][ T5923] usb 1-1: Manufacturer: syz
[  540.853542][ T5923] usb 1-1: SerialNumber: syz
[  540.933337][T10745] fuse: Bad value for 'fd'
[  541.509891][ T5923] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  541.593138][ T5923] usb 1-1: USB disconnect, device number 23
[  541.607556][ T5923] usblp0: removed
[  542.904321][T10763] input: syz0 as /devices/virtual/input/input22
[  546.366220][T10794] netlink: 'syz.6.1177': attribute type 8 has an invalid length.
[  547.273316][T10805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1181'.
[  547.440121][T10809] netlink: 'syz.4.1174': attribute type 2 has an invalid length.
[  547.701127][T10817] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1181'.
[  548.686224][ T5923] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  548.735002][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  548.735332][   T30] audit: type=1326 audit(1753500071.633:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  548.833114][   T30] audit: type=1326 audit(1753500071.633:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  548.860679][ T5923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1022, setting to 64
[  548.930166][ T5923] usb 2-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  548.932880][   T30] audit: type=1326 audit(1753500071.633:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  548.987427][ T5923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.081047][ T5923] usb 2-1: config 0 descriptor??
[  549.083649][   T30] audit: type=1326 audit(1753500071.633:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  549.090706][T10801] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1179'.
[  549.147725][T10821] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  549.452413][   T30] audit: type=1326 audit(1753500071.633:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  549.482700][   T30] audit: type=1326 audit(1753500071.683:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  549.504130][    C0] vkms_vblank_simulate: vblank timer overrun
[  549.569433][   T30] audit: type=1326 audit(1753500071.683:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  549.634825][   T30] audit: type=1326 audit(1753500071.683:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  549.675093][   T30] audit: type=1326 audit(1753500071.683:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  549.727128][   T30] audit: type=1326 audit(1753500071.683:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10824 comm="syz.5.1184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  550.264738][ T5923] uclogic 0003:5543:0003.0002: hidraw0: USB HID v4.01 Device [HID 5543:0003] on usb-dummy_hcd.1-1/input0
[  550.512572][T10846] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1189'.
[  550.815333][T10853] netlink: 'syz.6.1192': attribute type 8 has an invalid length.
[  551.762532][T10863] xt_nfacct: accounting object `syz1' does not exists
[  551.859579][ T5972] usb 2-1: USB disconnect, device number 17
[  554.853186][T10902] netlink: 'syz.1.1206': attribute type 8 has an invalid length.
[  555.903513][T10913] xt_nfacct: accounting object `syz1' does not exists
[  556.378334][T10912] netlink: 268 bytes leftover after parsing attributes in process `syz.6.1208'.
[  557.265302][T10933] FAULT_INJECTION: forcing a failure.
[  557.265302][T10933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.278706][T10933] CPU: 1 UID: 0 PID: 10933 Comm: syz.4.1213 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  557.278732][T10933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.278744][T10933] Call Trace:
[  557.278752][T10933]  <TASK>
[  557.278760][T10933]  dump_stack_lvl+0x189/0x250
[  557.278787][T10933]  ? __pfx____ratelimit+0x10/0x10
[  557.278809][T10933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  557.278833][T10933]  ? __pfx__printk+0x10/0x10
[  557.278857][T10933]  ? __might_fault+0xb0/0x130
[  557.278888][T10933]  should_fail_ex+0x414/0x560
[  557.278913][T10933]  _copy_from_iter+0x1db/0x16f0
[  557.278941][T10933]  ? rcu_is_watching+0x15/0xb0
[  557.278964][T10933]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  557.278986][T10933]  ? __pfx__copy_from_iter+0x10/0x10
[  557.279012][T10933]  ? __build_skb_around+0x257/0x3e0
[  557.279042][T10933]  ? netlink_sendmsg+0x642/0xb30
[  557.279067][T10933]  ? skb_put+0x11b/0x210
[  557.279098][T10933]  netlink_sendmsg+0x6b2/0xb30
[  557.279122][T10933]  ? rcu_is_watching+0x15/0xb0
[  557.279151][T10933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  557.279185][T10933]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  557.279210][T10933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  557.279237][T10933]  __sock_sendmsg+0x219/0x270
[  557.279264][T10933]  ____sys_sendmsg+0x505/0x830
[  557.279298][T10933]  ? __pfx_____sys_sendmsg+0x10/0x10
[  557.279337][T10933]  ? import_iovec+0x74/0xa0
[  557.279366][T10933]  ___sys_sendmsg+0x21f/0x2a0
[  557.279398][T10933]  ? __pfx____sys_sendmsg+0x10/0x10
[  557.279433][T10933]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  557.279488][T10933]  ? __fget_files+0x2a/0x420
[  557.279508][T10933]  ? __fget_files+0x3a0/0x420
[  557.279540][T10933]  __x64_sys_sendmsg+0x19b/0x260
[  557.279572][T10933]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  557.279598][T10933]  ? irqentry_exit+0x74/0x90
[  557.279637][T10933]  ? do_syscall_64+0xbe/0x3b0
[  557.279662][T10933]  do_syscall_64+0xfa/0x3b0
[  557.279685][T10933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.279703][T10933]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  557.279721][T10933]  ? clear_bhb_loop+0x60/0xb0
[  557.279745][T10933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.279764][T10933] RIP: 0033:0x7fc78818e9a9
[  557.279781][T10933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.279798][T10933] RSP: 002b:00007fc788ff2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  557.279818][T10933] RAX: ffffffffffffffda RBX: 00007fc7883b6160 RCX: 00007fc78818e9a9
[  557.279832][T10933] RDX: 0000000000000800 RSI: 00002000000007c0 RDI: 0000000000000005
[  557.279845][T10933] RBP: 00007fc788ff2090 R08: 0000000000000000 R09: 0000000000000000
[  557.279857][T10933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.279869][T10933] R13: 0000000000000000 R14: 00007fc7883b6160 R15: 00007ffc950a9368
[  557.279900][T10933]  </TASK>
[  559.996787][T10948] lo speed is unknown, defaulting to 1000
[  560.167411][T10957] netlink: 'syz.4.1222': attribute type 10 has an invalid length.
[  560.176275][T10957] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1222'.
[  560.281074][T10957] dummy0: entered promiscuous mode
[  560.296274][T10957] bridge0: port 3(dummy0) entered blocking state
[  560.316424][T10957] bridge0: port 3(dummy0) entered disabled state
[  560.323537][T10959] xt_nfacct: accounting object `syz1' does not exists
[  560.334405][T10957] dummy0: entered allmulticast mode
[  560.349337][T10955] netlink: 'syz.5.1219': attribute type 8 has an invalid length.
[  561.392746][ T5857] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  561.682296][ T5857] usb 2-1: Using ep0 maxpacket: 8
[  561.779269][ T5857] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  561.878887][ T5857] usb 2-1: config 0 has no interface number 0
[  561.883659][ T5972] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  561.960804][ T5857] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  562.120820][ T5857] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  562.233983][ T5857] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  562.341601][ T5857] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  562.365916][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.399061][ T5857] usb 2-1: config 0 descriptor??
[  562.407919][ T5857] ldusb 2-1:0.55: Interrupt in endpoint not found
[  562.600701][ T5972] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  562.801445][ T5972] usb 6-1: config 0 has no interface number 0
[  562.873953][ T5972] usb 6-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  562.897789][ T5972] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  562.909421][ T5972] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  563.352917][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  563.359342][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  563.375629][ T5972] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.04
[  563.546208][ T5972] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  563.554401][ T5972] usb 6-1: Product: syz
[  563.561064][ T5972] usb 6-1: SerialNumber: syz
[  563.571903][ T5972] usb 6-1: config 0 descriptor??
[  563.659907][T10987] omfs: Unknown parameter '@'
[  563.666909][ T5972] cm109 6-1:0.8: invalid payload size 0, expected 4
[  563.698793][ T5972] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input23
[  563.796771][T10994] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  563.796771][T10994]    program syz.0.1233 not setting count and/or reply_len properly
[  565.334646][ T3485] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  565.546068][ T5904] usb 2-1: USB disconnect, device number 18
[  565.565965][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  565.575108][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  565.584336][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  565.588129][ T5857] usb 6-1: USB disconnect, device number 2
[  565.591330][    C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  566.211546][ T5857] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  566.278629][T11007] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  566.381391][T11007] vlan2: entered promiscuous mode
[  566.393086][T11007] bond0: entered promiscuous mode
[  566.471376][T11007] bond_slave_0: entered promiscuous mode
[  566.724578][T11012] xt_nfacct: accounting object `syz1' does not exists
[  566.844041][T11007] bond_slave_1: entered promiscuous mode
[  566.850422][T11007] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  568.677793][T11032] FAULT_INJECTION: forcing a failure.
[  568.677793][T11032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  568.692189][T11032] CPU: 0 UID: 0 PID: 11032 Comm: syz.6.1242 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  568.692217][T11032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  568.692229][T11032] Call Trace:
[  568.692237][T11032]  <TASK>
[  568.692245][T11032]  dump_stack_lvl+0x189/0x250
[  568.692272][T11032]  ? __pfx____ratelimit+0x10/0x10
[  568.692293][T11032]  ? __pfx_dump_stack_lvl+0x10/0x10
[  568.692315][T11032]  ? __pfx__printk+0x10/0x10
[  568.692359][T11032]  should_fail_ex+0x414/0x560
[  568.692385][T11032]  _copy_to_user+0x31/0xb0
[  568.692415][T11032]  simple_read_from_buffer+0xe1/0x170
[  568.692441][T11032]  proc_fail_nth_read+0x1df/0x250
[  568.692469][T11032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  568.692497][T11032]  ? rw_verify_area+0x258/0x650
[  568.692525][T11032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  568.692551][T11032]  vfs_read+0x200/0x980
[  568.692585][T11032]  ? __pfx___mutex_lock+0x10/0x10
[  568.692608][T11032]  ? __pfx_vfs_read+0x10/0x10
[  568.692639][T11032]  ? __fget_files+0x2a/0x420
[  568.692666][T11032]  ? __fget_files+0x3a0/0x420
[  568.692692][T11032]  ? __fget_files+0x2a/0x420
[  568.692724][T11032]  ksys_read+0x145/0x250
[  568.692745][T11032]  ? __pfx_ksys_read+0x10/0x10
[  568.692767][T11032]  ? __x64_sys_read+0x2d/0x90
[  568.692790][T11032]  do_syscall_64+0xfa/0x3b0
[  568.692813][T11032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.692832][T11032]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  568.692851][T11032]  ? clear_bhb_loop+0x60/0xb0
[  568.692875][T11032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.692894][T11032] RIP: 0033:0x7f07d978d3bc
[  568.692911][T11032] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  568.692928][T11032] RSP: 002b:00007f07da579030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  568.692949][T11032] RAX: ffffffffffffffda RBX: 00007f07d99b6160 RCX: 00007f07d978d3bc
[  568.692963][T11032] RDX: 000000000000000f RSI: 00007f07da5790a0 RDI: 000000000000000a
[  568.692976][T11032] RBP: 00007f07da579090 R08: 0000000000000000 R09: 0000000000000000
[  568.692988][T11032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  568.693000][T11032] R13: 0000000000000000 R14: 00007f07d99b6160 R15: 00007ffcfb080038
[  568.693032][T11032]  </TASK>
[  568.922366][    C0] vkms_vblank_simulate: vblank timer overrun
[  569.407554][T11035] omfs: Unknown parameter '@'
[  569.901156][T11051] ubi31: attaching mtd0
[  569.917724][T11051] ubi31: scanning is finished
[  569.922503][T11051] ubi31: empty MTD device detected
[  570.369092][T11051] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  570.376974][T11051] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  570.384324][T11051] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  570.391478][T11051] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  570.399013][T11051] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  570.405897][T11051] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  570.414238][T11051] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3747378631
[  570.424401][T11051] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  570.437915][   T10] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  570.460109][T11053] ubi31: background thread "ubi_bgt31d" started, PID 11053
[  570.586176][   T10] usb 1-1: device descriptor read/64, error -71
[  570.611261][T11056] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1249'.
[  570.643089][T11056] netlink: zone id is out of range
[  570.648692][T11056] netlink: zone id is out of range
[  570.669440][T11056] netlink: zone id is out of range
[  570.691850][T11056] netlink: get zone limit has 8 unknown bytes
[  570.769136][T11060] binder: 11054:11060 ioctl c0306201 200000000240 returned -14
[  570.859555][   T10] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  571.166080][   T10] usb 1-1: device descriptor read/64, error -71
[  571.458000][   T10] usb usb1-port1: attempt power cycle
[  572.356098][   T10] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  572.365326][T11075] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  572.448276][   T10] usb 1-1: device descriptor read/8, error -71
[  572.736165][   T10] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  573.088014][   T10] usb 1-1: device not accepting address 27, error -71
[  574.014594][   T10] usb usb1-port1: unable to enumerate USB device
[  575.108396][T11095] input: syz0 as /devices/virtual/input/input24
[  577.688163][T11119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1267'.
[  580.198175][T11121] netdevsim netdevsim0: Direct firmware load for ..� failed with error -2
[  580.207019][T11121] netdevsim netdevsim0: Falling back to sysfs fallback for: ..�
[  581.096900][T11122] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1265'.
[  582.939587][T11130] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1269'.
[  583.136487][ T5972] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  583.383844][ T5972] usb 5-1: device descriptor read/64, error -71
[  583.696436][ T5972] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  584.030080][ T5972] usb 5-1: device descriptor read/64, error -71
[  584.243338][T11136] xt_nfacct: accounting object `syz1' does not exists
[  584.251661][ T5972] usb usb5-port1: attempt power cycle
[  584.513427][   T10] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  584.713616][ T5972] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  584.779128][   T10] usb 7-1: Using ep0 maxpacket: 16
[  584.887160][   T10] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[  584.895220][   T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  584.960386][   T10] usb 7-1: config 0 has no interface number 0
[  584.980598][   T10] usb 7-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  584.996512][T11147] netlink: 'syz.4.1273': attribute type 2 has an invalid length.
[  585.080116][   T10] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  585.107370][   T10] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  585.116445][ T5972] usb 5-1: device not accepting address 19, error -71
[  585.136642][   T10] usb 7-1: Product: syz
[  585.140860][   T10] usb 7-1: SerialNumber: syz
[  585.156807][   T10] usb 7-1: config 0 descriptor??
[  585.179924][   T10] usbhid 7-1:0.8: couldn't find an input interrupt endpoint
[  585.476071][ T5972] usb 5-1: new low-speed USB device number 20 using dummy_hcd
[  585.548508][T11158] input: syz0 as /devices/virtual/input/input25
[  585.672545][T11163] tipc: Started in network mode
[  585.677764][T11163] tipc: Node identity ac14140f, cluster identity 4711
[  585.691159][T11163] tipc: New replicast peer: 255.255.255.255
[  585.702609][T11163] tipc: Enabled bearer <udp:syz2>, priority 10
[  585.723061][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  585.729310][   T30] audit: type=1326 audit(1753500108.513:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  585.750909][    C0] vkms_vblank_simulate: vblank timer overrun
[  585.867737][T11164] FAULT_INJECTION: forcing a failure.
[  585.867737][T11164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  585.909137][   T30] audit: type=1326 audit(1753500108.513:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  585.917382][ T5972] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  585.931236][   T30] audit: type=1326 audit(1753500108.523:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  585.944784][ T5972] usb 5-1: config 1 has no interface number 1
[  585.971364][ T5972] usb 5-1: too many endpoints for config 1 interface 2 altsetting 251: 232, using maximum allowed: 30
[  586.006171][T11164] CPU: 0 UID: 0 PID: 11164 Comm: syz.6.1271 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  586.006200][T11164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  586.006216][T11164] Call Trace:
[  586.006224][T11164]  <TASK>
[  586.006232][T11164]  dump_stack_lvl+0x189/0x250
[  586.006259][T11164]  ? __pfx____ratelimit+0x10/0x10
[  586.006281][T11164]  ? __pfx_dump_stack_lvl+0x10/0x10
[  586.006303][T11164]  ? __pfx__printk+0x10/0x10
[  586.006341][T11164]  should_fail_ex+0x414/0x560
[  586.006377][T11164]  _copy_to_user+0x31/0xb0
[  586.006406][T11164]  simple_read_from_buffer+0xe1/0x170
[  586.006433][T11164]  proc_fail_nth_read+0x1df/0x250
[  586.006460][T11164]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  586.006487][T11164]  ? rw_verify_area+0x258/0x650
[  586.006515][T11164]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  586.006541][T11164]  vfs_read+0x200/0x980
[  586.006577][T11164]  ? __pfx___mutex_lock+0x10/0x10
[  586.006600][T11164]  ? __pfx_vfs_read+0x10/0x10
[  586.006629][T11164]  ? __fget_files+0x2a/0x420
[  586.006657][T11164]  ? __fget_files+0x3a0/0x420
[  586.006677][T11164]  ? __fget_files+0x2a/0x420
[  586.006710][T11164]  ksys_read+0x145/0x250
[  586.006727][T11164]  ? __fget_files+0x3a0/0x420
[  586.006750][T11164]  ? __pfx_ksys_read+0x10/0x10
[  586.006774][T11164]  ? do_syscall_64+0xbe/0x3b0
[  586.006798][T11164]  do_syscall_64+0xfa/0x3b0
[  586.006816][T11164]  ? lockdep_hardirqs_on+0x9c/0x150
[  586.006835][T11164]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.006855][T11164]  ? clear_bhb_loop+0x60/0xb0
[  586.006879][T11164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.006898][T11164] RIP: 0033:0x7f07d978d3bc
[  586.006915][T11164] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  586.006933][T11164] RSP: 002b:00007f07da59a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  586.006954][T11164] RAX: ffffffffffffffda RBX: 00007f07d99b6080 RCX: 00007f07d978d3bc
[  586.006969][T11164] RDX: 000000000000000f RSI: 00007f07da59a0a0 RDI: 0000000000000005
[  586.006982][T11164] RBP: 00007f07da59a090 R08: 0000000000000000 R09: 0000000000000000
[  586.006995][T11164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  586.007007][T11164] R13: 0000000000000001 R14: 00007f07d99b6080 R15: 00007ffcfb080038
[  586.007040][T11164]  </TASK>
[  586.237363][    C0] vkms_vblank_simulate: vblank timer overrun
[  586.251040][ T5972] usb 5-1: config 1 interface 2 altsetting 251 endpoint 0x1 has an invalid bInterval 22, changing to 4
[  586.262498][ T5972] usb 5-1: config 1 interface 2 altsetting 251 endpoint 0x1 has invalid maxpacket 64, setting to 0
[  586.273557][ T5972] usb 5-1: config 1 interface 2 altsetting 251 has 1 endpoint descriptor, different from the interface descriptor's value: 232
[  586.287581][ T5972] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 0
[  586.298680][ T5972] usb 5-1: config 1 interface 2 has no altsetting 2
[  586.306830][   T30] audit: type=1326 audit(1753500108.523:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.328973][   T30] audit: type=1326 audit(1753500108.523:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.350874][    C0] vkms_vblank_simulate: vblank timer overrun
[  586.357347][   T30] audit: type=1326 audit(1753500108.523:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.379464][   T30] audit: type=1326 audit(1753500108.523:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.401042][    C0] vkms_vblank_simulate: vblank timer overrun
[  586.408406][   T30] audit: type=1326 audit(1753500108.523:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.430128][   T30] audit: type=1326 audit(1753500108.523:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.451661][    C0] vkms_vblank_simulate: vblank timer overrun
[  586.457917][   T30] audit: type=1326 audit(1753500108.533:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11156 comm="syz.1.1277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  586.509374][ T5972] usb 5-1: string descriptor 0 read error: -22
[  586.515897][ T5972] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  586.545222][ T5972] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.546041][   T43] usb 7-1: USB disconnect, device number 5
[  586.799853][    T9] tipc: Node number set to 2886997007
[  587.281663][   T43] usb 5-1: USB disconnect, device number 20
[  587.350429][T11171] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1281'.
[  587.484102][T11171] sp0: Synchronizing with TNC
[  587.519589][T11173] capability: warning: `syz.5.1281' uses 32-bit capabilities (legacy support in use)
[  590.442045][T11217] FAULT_INJECTION: forcing a failure.
[  590.442045][T11217] name failslab, interval 1, probability 0, space 0, times 0
[  590.454840][T11217] CPU: 1 UID: 0 PID: 11217 Comm: syz.5.1294 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  590.454867][T11217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  590.454879][T11217] Call Trace:
[  590.454886][T11217]  <TASK>
[  590.454894][T11217]  dump_stack_lvl+0x189/0x250
[  590.454922][T11217]  ? lockdep_hardirqs_on+0x9c/0x150
[  590.454943][T11217]  ? __pfx_dump_stack_lvl+0x10/0x10
[  590.454965][T11217]  ? __pfx__printk+0x10/0x10
[  590.455003][T11217]  should_fail_ex+0x414/0x560
[  590.455029][T11217]  should_failslab+0xa8/0x100
[  590.455052][T11217]  __kmalloc_cache_noprof+0x70/0x3d0
[  590.455072][T11217]  ? ucma_alloc_ctx+0x4e/0x2d0
[  590.455105][T11217]  ucma_alloc_ctx+0x4e/0x2d0
[  590.455136][T11217]  ucma_create_id+0x1bb/0x360
[  590.455165][T11217]  ? __pfx_ucma_create_id+0x10/0x10
[  590.455210][T11217]  ucma_write+0x246/0x2e0
[  590.455244][T11217]  ? __pfx_ucma_write+0x10/0x10
[  590.455269][T11217]  ? security_file_permission+0x75/0x290
[  590.455293][T11217]  ? rw_verify_area+0x258/0x650
[  590.455321][T11217]  ? __pfx_ucma_write+0x10/0x10
[  590.455349][T11217]  vfs_write+0x27e/0xa90
[  590.455376][T11217]  ? __pfx_vfs_write+0x10/0x10
[  590.455397][T11217]  ? __fget_files+0x2a/0x420
[  590.455421][T11217]  ? __fget_files+0x2a/0x420
[  590.455441][T11217]  ? __fget_files+0x3a0/0x420
[  590.455461][T11217]  ? __fget_files+0x2a/0x420
[  590.455492][T11217]  ksys_write+0x145/0x250
[  590.455513][T11217]  ? __pfx_ksys_write+0x10/0x10
[  590.455544][T11217]  do_syscall_64+0xfa/0x3b0
[  590.455567][T11217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.455586][T11217]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  590.455604][T11217]  ? clear_bhb_loop+0x60/0xb0
[  590.455628][T11217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.455647][T11217] RIP: 0033:0x7f469258e9a9
[  590.455664][T11217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  590.455680][T11217] RSP: 002b:00007f46933cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  590.455701][T11217] RAX: ffffffffffffffda RBX: 00007f46927b6160 RCX: 00007f469258e9a9
[  590.455716][T11217] RDX: 0000000000000020 RSI: 0000200000000240 RDI: 0000000000000006
[  590.455728][T11217] RBP: 00007f46933cc090 R08: 0000000000000000 R09: 0000000000000000
[  590.455740][T11217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  590.455752][T11217] R13: 0000000000000000 R14: 00007f46927b6160 R15: 00007ffe673a6608
[  590.455783][T11217]  </TASK>
[  591.519901][ T5972] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  591.638366][T11230] xt_nfacct: accounting object `syz1' does not exists
[  592.201809][ T5972] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  592.228562][ T5972] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  592.256147][ T5972] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  592.304092][ T5972] usb 7-1: Product: syz
[  593.325755][ T5972] usb 7-1: Manufacturer: syz
[  593.330746][ T5972] usb 7-1: SerialNumber: syz
[  593.349489][ T5972] usb 7-1: can't set config #1, error -71
[  593.357201][ T5972] usb 7-1: USB disconnect, device number 6
[  593.592573][T11249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1301'.
[  594.079219][T11252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1301'.
[  596.044160][T11264] netlink: 'syz.1.1305': attribute type 2 has an invalid length.
[  596.062243][   T43] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  596.716806][T11266] fuse: Bad value for 'fd'
[  596.722330][T11263] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1307'.
[  599.151409][   T43] usb 5-1: Using ep0 maxpacket: 16
[  599.157845][ T6465] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  599.345208][   T43] usb 5-1: device descriptor read/all, error -71
[  599.808115][T11277] Cannot find del_set index 1 as target
[  601.453151][T11288] FAULT_INJECTION: forcing a failure.
[  601.453151][T11288] name failslab, interval 1, probability 0, space 0, times 0
[  601.496901][T11288] CPU: 0 UID: 0 PID: 11288 Comm: syz.5.1313 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  601.496931][T11288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  601.496944][T11288] Call Trace:
[  601.496952][T11288]  <TASK>
[  601.496960][T11288]  dump_stack_lvl+0x189/0x250
[  601.496988][T11288]  ? __pfx____ratelimit+0x10/0x10
[  601.497009][T11288]  ? __pfx_dump_stack_lvl+0x10/0x10
[  601.497031][T11288]  ? __pfx__printk+0x10/0x10
[  601.497062][T11288]  ? __pfx___might_resched+0x10/0x10
[  601.497081][T11288]  ? fs_reclaim_acquire+0x7d/0x100
[  601.497108][T11288]  should_fail_ex+0x414/0x560
[  601.497134][T11288]  should_failslab+0xa8/0x100
[  601.497157][T11288]  kmem_cache_alloc_noprof+0x73/0x3c0
[  601.497176][T11288]  ? alloc_empty_file+0x55/0x1d0
[  601.497205][T11288]  alloc_empty_file+0x55/0x1d0
[  601.497230][T11288]  alloc_file_pseudo+0x13d/0x210
[  601.497258][T11288]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  601.497280][T11288]  ? evm_inode_alloc_security+0x40/0xb0
[  601.497304][T11288]  ? security_inode_alloc+0xd5/0x330
[  601.497343][T11288]  sock_alloc_file+0xb8/0x2e0
[  601.497370][T11288]  do_accept+0x34b/0x680
[  601.497400][T11288]  ? __pfx_do_accept+0x10/0x10
[  601.497452][T11288]  __sys_accept4+0x11c/0x1c0
[  601.497480][T11288]  ? __pfx___sys_accept4+0x10/0x10
[  601.497505][T11288]  ? __pfx_ksys_write+0x10/0x10
[  601.497521][T11288]  ? rcu_is_watching+0x15/0xb0
[  601.497549][T11288]  __x64_sys_accept4+0x9a/0xb0
[  601.497577][T11288]  do_syscall_64+0xfa/0x3b0
[  601.497598][T11288]  ? lockdep_hardirqs_on+0x9c/0x150
[  601.497618][T11288]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.497637][T11288]  ? clear_bhb_loop+0x60/0xb0
[  601.497661][T11288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.497679][T11288] RIP: 0033:0x7f469258e9a9
[  601.497697][T11288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.497714][T11288] RSP: 002b:00007f469340e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  601.497736][T11288] RAX: ffffffffffffffda RBX: 00007f46927b5fa0 RCX: 00007f469258e9a9
[  601.497751][T11288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  601.497763][T11288] RBP: 00007f469340e090 R08: 0000000000000000 R09: 0000000000000000
[  601.497775][T11288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.497787][T11288] R13: 0000000000000000 R14: 00007f46927b5fa0 R15: 00007ffe673a6608
[  601.497818][T11288]  </TASK>
[  601.749000][    C0] vkms_vblank_simulate: vblank timer overrun
[  601.912312][T11294] siw: device registration error -23
[  602.049602][T11291] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1312'.
[  602.087860][T11291] omfs: Unknown parameter '@'
[  602.486004][T11308] netlink: 'syz.1.1318': attribute type 2 has an invalid length.
[  603.306079][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  603.306100][   T30] audit: type=1326 audit(1753500126.183:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  603.333736][    C0] vkms_vblank_simulate: vblank timer overrun
[  603.420243][T11300] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1315'.
[  603.432883][   T30] audit: type=1326 audit(1753500126.183:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  604.345585][   T30] audit: type=1326 audit(1753500126.183:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  604.367196][    C0] vkms_vblank_simulate: vblank timer overrun
[  604.373859][   T30] audit: type=1326 audit(1753500126.183:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  604.396709][   T30] audit: type=1326 audit(1753500126.183:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  604.418261][    C0] vkms_vblank_simulate: vblank timer overrun
[  604.429261][   T30] audit: type=1326 audit(1753500126.183:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  604.450817][    C0] vkms_vblank_simulate: vblank timer overrun
[  604.457858][   T30] audit: type=1326 audit(1753500126.183:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11309 comm="syz.1.1319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb03038e9a9 code=0x7ffc0000
[  605.318313][T11337] FAULT_INJECTION: forcing a failure.
[  605.318313][T11337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  605.382300][T11337] CPU: 0 UID: 0 PID: 11337 Comm: syz.4.1327 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  605.382331][T11337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  605.382343][T11337] Call Trace:
[  605.382351][T11337]  <TASK>
[  605.382359][T11337]  dump_stack_lvl+0x189/0x250
[  605.382386][T11337]  ? __pfx____ratelimit+0x10/0x10
[  605.382408][T11337]  ? __pfx_dump_stack_lvl+0x10/0x10
[  605.382430][T11337]  ? __pfx__printk+0x10/0x10
[  605.382468][T11337]  should_fail_ex+0x414/0x560
[  605.382506][T11337]  _copy_to_user+0x31/0xb0
[  605.382535][T11337]  simple_read_from_buffer+0xe1/0x170
[  605.382562][T11337]  proc_fail_nth_read+0x1df/0x250
[  605.382589][T11337]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  605.382616][T11337]  ? rw_verify_area+0x258/0x650
[  605.382644][T11337]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  605.382669][T11337]  vfs_read+0x200/0x980
[  605.382705][T11337]  ? __pfx___mutex_lock+0x10/0x10
[  605.382726][T11337]  ? __pfx_vfs_read+0x10/0x10
[  605.382756][T11337]  ? __fget_files+0x2a/0x420
[  605.382782][T11337]  ? __fget_files+0x3a0/0x420
[  605.382802][T11337]  ? __fget_files+0x2a/0x420
[  605.382833][T11337]  ksys_read+0x145/0x250
[  605.382854][T11337]  ? __pfx_ksys_read+0x10/0x10
[  605.382877][T11337]  ? do_syscall_64+0xbe/0x3b0
[  605.382903][T11337]  do_syscall_64+0xfa/0x3b0
[  605.382923][T11337]  ? lockdep_hardirqs_on+0x9c/0x150
[  605.382943][T11337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.382963][T11337]  ? clear_bhb_loop+0x60/0xb0
[  605.382986][T11337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.383005][T11337] RIP: 0033:0x7fc78818d3bc
[  605.383021][T11337] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  605.383039][T11337] RSP: 002b:00007fc789034030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  605.383059][T11337] RAX: ffffffffffffffda RBX: 00007fc7883b5fa0 RCX: 00007fc78818d3bc
[  605.383074][T11337] RDX: 000000000000000f RSI: 00007fc7890340a0 RDI: 0000000000000005
[  605.383086][T11337] RBP: 00007fc789034090 R08: 0000000000000000 R09: 0000000000000000
[  605.383099][T11337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  605.383110][T11337] R13: 0000000000000000 R14: 00007fc7883b5fa0 R15: 00007ffc950a9368
[  605.383142][T11337]  </TASK>
[  605.388094][T11333] [U] �
[  605.848024][T11341] netlink: 'syz.5.1329': attribute type 33 has an invalid length.
[  605.855895][T11341] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1329'.
[  607.067564][T11349] netlink: 'syz.4.1330': attribute type 2 has an invalid length.
[  607.302976][   T30] audit: type=1326 audit(1753500130.193:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  607.567776][   T30] audit: type=1326 audit(1753500130.193:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  607.590851][   T30] audit: type=1326 audit(1753500130.203:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  608.366701][   T30] audit: type=1326 audit(1753500130.203:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  608.699360][   T30] audit: type=1326 audit(1753500130.203:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  608.776507][   T30] audit: type=1326 audit(1753500130.203:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  608.798307][   T30] audit: type=1326 audit(1753500130.223:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  608.820041][   T30] audit: type=1326 audit(1753500130.223:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11350 comm="syz.5.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469258e9a9 code=0x7ffc0000
[  614.349544][T11388] netlink: 'syz.1.1342': attribute type 33 has an invalid length.
[  614.357450][T11388] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1342'.
[  616.629560][T11407] netlink: 'syz.4.1346': attribute type 2 has an invalid length.
[  616.710925][T11408] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.1347' sets config #1
[  619.914244][T11424] netlink: 'syz.5.1352': attribute type 21 has an invalid length.
[  619.963202][T11428] nfs: Unknown parameter 'u'
[  619.993325][T11432] netlink: 10 bytes leftover after parsing attributes in process `syz.5.1352'.
[  622.868790][T11451] FAULT_INJECTION: forcing a failure.
[  622.868790][T11451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  623.070697][T11451] CPU: 0 UID: 0 PID: 11451 Comm: syz.0.1359 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  623.070727][T11451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  623.070740][T11451] Call Trace:
[  623.070747][T11451]  <TASK>
[  623.070756][T11451]  dump_stack_lvl+0x189/0x250
[  623.070784][T11451]  ? __pfx____ratelimit+0x10/0x10
[  623.070805][T11451]  ? __pfx_dump_stack_lvl+0x10/0x10
[  623.070826][T11451]  ? __pfx__printk+0x10/0x10
[  623.070865][T11451]  should_fail_ex+0x414/0x560
[  623.070890][T11451]  _copy_from_user+0x2d/0xb0
[  623.070917][T11451]  __copy_msghdr+0x3c5/0x5b0
[  623.070951][T11451]  ___sys_sendmsg+0x1a5/0x2a0
[  623.070983][T11451]  ? __pfx____sys_sendmsg+0x10/0x10
[  623.071059][T11451]  ? __fget_files+0x2a/0x420
[  623.071080][T11451]  ? __fget_files+0x3a0/0x420
[  623.071113][T11451]  __x64_sys_sendmsg+0x19b/0x260
[  623.071145][T11451]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  623.071184][T11451]  ? __pfx_ksys_write+0x10/0x10
[  623.071200][T11451]  ? rcu_is_watching+0x15/0xb0
[  623.071227][T11451]  ? do_syscall_64+0xbe/0x3b0
[  623.071253][T11451]  do_syscall_64+0xfa/0x3b0
[  623.071273][T11451]  ? lockdep_hardirqs_on+0x9c/0x150
[  623.071293][T11451]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.071312][T11451]  ? clear_bhb_loop+0x60/0xb0
[  623.071335][T11451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.071354][T11451] RIP: 0033:0x7f814198e9a9
[  623.071371][T11451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.071389][T11451] RSP: 002b:00007f8142825038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  623.071410][T11451] RAX: ffffffffffffffda RBX: 00007f8141bb5fa0 RCX: 00007f814198e9a9
[  623.071425][T11451] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  623.071438][T11451] RBP: 00007f8142825090 R08: 0000000000000000 R09: 0000000000000000
[  623.071450][T11451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.071462][T11451] R13: 0000000000000000 R14: 00007f8141bb5fa0 R15: 00007ffe4b89fc78
[  623.071492][T11451]  </TASK>
[  623.278643][    C0] vkms_vblank_simulate: vblank timer overrun
[  624.380293][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  624.416246][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  627.587282][ T1312] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.648439][ T1312] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  628.276085][ T1312] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  628.374064][T11501] netlink: 'syz.5.1371': attribute type 2 has an invalid length.
[  629.215023][ T1312] usb 2-1: Using ep0 maxpacket: 16
[  629.232909][ T1312] usb 2-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  629.261870][ T1312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  629.317000][ T1312] usb 2-1: Product: syz
[  629.521321][ T1312] usb 2-1: Manufacturer: syz
[  629.535986][ T1312] usb 2-1: SerialNumber: syz
[  629.554662][ T1312] usb 2-1: config 0 descriptor??
[  629.705485][ T1312] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  629.900301][T11506] sp0: Synchronizing with TNC
[  629.935601][ T6468] 
[  629.937936][ T6468] =====================================================
[  629.944841][ T6468] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[  629.952279][ T6468] 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 Not tainted
[  629.959362][ T6468] -----------------------------------------------------
[  629.966265][ T6468] kworker/u8:19/6468 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  629.974132][ T6468] ffffffff8ecdf378 (disc_data_lock#3){.+.+}-{3:3}, at: sixpack_write_wakeup+0x30/0x480
[  629.983782][ T6468] 
[  629.983782][ T6468] and this task is already holding:
[  629.991121][ T6468] ffffffff99dc2bd8 (&port_lock_key){-.-.}-{3:3}, at: uart_port_ref_lock+0xc4/0x3b0
[  630.000409][ T6468] which would create a new lock dependency:
[  630.006271][ T6468]  (&port_lock_key){-.-.}-{3:3} -> (disc_data_lock#3){.+.+}-{3:3}
[  630.014081][ T6468] 
[  630.014081][ T6468] but this new dependency connects a HARDIRQ-irq-safe lock:
[  630.023505][ T6468]  (&port_lock_key){-.-.}-{3:3}
[  630.023521][ T6468] 
[  630.023521][ T6468] ... which became HARDIRQ-irq-safe at:
[  630.036021][ T6468]   lock_acquire+0x120/0x360
[  630.040585][ T6468]   _raw_spin_lock_irqsave+0xa7/0xf0
[  630.045853][ T6468]   serial8250_handle_irq+0x6b/0xbb0
[  630.051117][ T6468]   serial8250_default_handle_irq+0xbf/0x1b0
[  630.057073][ T6468]   serial8250_interrupt+0xa2/0x1d0
[  630.062248][ T6468]   __handle_irq_event_percpu+0x289/0x980
[  630.067944][ T6468]   handle_irq_event+0x8b/0x1e0
[  630.072771][ T6468]   handle_edge_irq+0x267/0x9c0
[  630.077596][ T6468]   __common_interrupt+0x140/0x250
[  630.082687][ T6468]   common_interrupt+0xb6/0xe0
[  630.087429][ T6468]   asm_common_interrupt+0x26/0x40
[  630.092513][ T6468]   pv_native_safe_halt+0x13/0x20
[  630.097509][ T6468]   default_idle+0x13/0x20
[  630.101903][ T6468]   default_idle_call+0x74/0xb0
[  630.106731][ T6468]   do_idle+0x1e8/0x510
[  630.110862][ T6468]   cpu_startup_entry+0x44/0x60
[  630.115689][ T6468]   rest_init+0x2de/0x300
[  630.119997][ T6468]   start_kernel+0x47d/0x500
[  630.124651][ T6468]   x86_64_start_reservations+0x24/0x30
[  630.130175][ T6468]   x86_64_start_kernel+0x143/0x1c0
[  630.135352][ T6468]   common_startup_64+0x13e/0x147
[  630.140357][ T6468] 
[  630.140357][ T6468] to a HARDIRQ-irq-unsafe lock:
[  630.147351][ T6468]  (disc_data_lock#3){.+.+}-{3:3}
[  630.147373][ T6468] 
[  630.147373][ T6468] ... which became HARDIRQ-irq-unsafe at:
[  630.160226][ T6468] ...
[  630.160231][ T6468]   lock_acquire+0x120/0x360
[  630.167350][ T6468]   _raw_read_lock+0x36/0x50
[  630.171931][ T6468]   sixpack_receive_buf+0x5c/0x1450
[  630.177111][ T6468]   tty_ldisc_receive_buf+0x116/0x160
[  630.182466][ T6468]   tty_port_default_receive_buf+0x6e/0xa0
[  630.188253][ T6468]   flush_to_ldisc+0x24a/0x720
[  630.192997][ T6468]   process_scheduled_works+0xade/0x17b0
[  630.198605][ T6468]   worker_thread+0x8a0/0xda0
[  630.203257][ T6468]   kthread+0x70e/0x8a0
[  630.207423][ T6468]   ret_from_fork+0x3fc/0x770
[  630.212074][ T6468]   ret_from_fork_asm+0x1a/0x30
[  630.216903][ T6468] 
[  630.216903][ T6468] other info that might help us debug this:
[  630.216903][ T6468] 
[  630.227107][ T6468]  Possible interrupt unsafe locking scenario:
[  630.227107][ T6468] 
[  630.235399][ T6468]        CPU0                    CPU1
[  630.240738][ T6468]        ----                    ----
[  630.246075][ T6468]   lock(disc_data_lock#3);
[  630.250563][ T6468]                                local_irq_disable();
[  630.257296][ T6468]                                lock(&port_lock_key);
[  630.264122][ T6468]                                lock(disc_data_lock#3);
[  630.271123][ T6468]   <Interrupt>
[  630.274555][ T6468]     lock(&port_lock_key);
[  630.279035][ T6468] 
[  630.279035][ T6468]  *** DEADLOCK ***
[  630.279035][ T6468] 
[  630.287154][ T6468] 6 locks held by kworker/u8:19/6468:
[  630.292497][ T6468]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  630.304143][ T6468]  #1: ffffc9000408fbc0 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  630.315805][ T6468]  #2: ffff888024a80ca0 (&buf->lock){+.+.}-{4:4}, at: flush_to_ldisc+0x38/0x720
[  630.324852][ T6468]  #3: ffff888035eba0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90
[  630.334136][ T6468]  #4: ffffffff99dc2bd8 (&port_lock_key){-.-.}-{3:3}, at: uart_port_ref_lock+0xc4/0x3b0
[  630.343852][ T6468]  #5: ffff888035eba0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x90
[  630.353136][ T6468] 
[  630.353136][ T6468] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[  630.363532][ T6468] -> (&port_lock_key){-.-.}-{3:3} {
[  630.368742][ T6468]    IN-HARDIRQ-W at:
[  630.372708][ T6468]                     lock_acquire+0x120/0x360
[  630.378858][ T6468]                     _raw_spin_lock_irqsave+0xa7/0xf0
[  630.385701][ T6468]                     serial8250_handle_irq+0x6b/0xbb0
[  630.392527][ T6468]                     serial8250_default_handle_irq+0xbf/0x1b0
[  630.400044][ T6468]                     serial8250_interrupt+0xa2/0x1d0
[  630.406794][ T6468]                     __handle_irq_event_percpu+0x289/0x980
[  630.414057][ T6468]                     handle_irq_event+0x8b/0x1e0
[  630.420445][ T6468]                     handle_edge_irq+0x267/0x9c0
[  630.426850][ T6468]                     __common_interrupt+0x140/0x250
[  630.433510][ T6468]                     common_interrupt+0xb6/0xe0
[  630.439816][ T6468]                     asm_common_interrupt+0x26/0x40
[  630.446462][ T6468]                     pv_native_safe_halt+0x13/0x20
[  630.453022][ T6468]                     default_idle+0x13/0x20
[  630.458980][ T6468]                     default_idle_call+0x74/0xb0
[  630.465374][ T6468]                     do_idle+0x1e8/0x510
[  630.471066][ T6468]                     cpu_startup_entry+0x44/0x60
[  630.477494][ T6468]                     rest_init+0x2de/0x300
[  630.483364][ T6468]                     start_kernel+0x47d/0x500
[  630.489497][ T6468]                     x86_64_start_reservations+0x24/0x30
[  630.496585][ T6468]                     x86_64_start_kernel+0x143/0x1c0
[  630.503325][ T6468]                     common_startup_64+0x13e/0x147
[  630.509889][ T6468]    IN-SOFTIRQ-W at:
[  630.513845][ T6468]                     lock_acquire+0x120/0x360
[  630.519969][ T6468]                     _raw_spin_lock_irqsave+0xa7/0xf0
[  630.526805][ T6468]                     serial8250_handle_irq+0x6b/0xbb0
[  630.533632][ T6468]                     serial8250_default_handle_irq+0xbf/0x1b0
[  630.541149][ T6468]                     serial8250_interrupt+0xa2/0x1d0
[  630.547886][ T6468]                     __handle_irq_event_percpu+0x289/0x980
[  630.555166][ T6468]                     handle_irq_event+0x8b/0x1e0
[  630.561582][ T6468]                     handle_edge_irq+0x267/0x9c0
[  630.567985][ T6468]                     __common_interrupt+0x140/0x250
[  630.574654][ T6468]                     common_interrupt+0x5e/0xe0
[  630.580969][ T6468]                     asm_common_interrupt+0x26/0x40
[  630.587629][ T6468]                     rcu_core+0x131c/0x1710
[  630.593587][ T6468]                     handle_softirqs+0x283/0x870
[  630.599982][ T6468]                     __irq_exit_rcu+0xca/0x1f0
[  630.606201][ T6468]                     irq_exit_rcu+0x9/0x30
[  630.612068][ T6468]                     sysvec_apic_timer_interrupt+0xa6/0xc0
[  630.619340][ T6468]                     asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  630.626947][ T6468]                     pv_native_safe_halt+0x13/0x20
[  630.633520][ T6468]                     default_idle+0x13/0x20
[  630.639488][ T6468]                     default_idle_call+0x74/0xb0
[  630.645881][ T6468]                     do_idle+0x1e8/0x510
[  630.651662][ T6468]                     cpu_startup_entry+0x44/0x60
[  630.658063][ T6468]                     rest_init+0x2de/0x300
[  630.663933][ T6468]                     start_kernel+0x47d/0x500
[  630.670075][ T6468]                     x86_64_start_reservations+0x24/0x30
[  630.677164][ T6468]                     x86_64_start_kernel+0x143/0x1c0
[  630.683902][ T6468]                     common_startup_64+0x13e/0x147
[  630.690468][ T6468]    INITIAL USE at:
[  630.694339][ T6468]                    lock_acquire+0x120/0x360
[  630.700396][ T6468]                    _raw_spin_lock_irqsave+0xa7/0xf0
[  630.707137][ T6468]                    serial8250_do_set_termios+0x4bb/0x1c20
[  630.714400][ T6468]                    uart_set_options+0x3c2/0x5b0
[  630.720795][ T6468]                    serial8250_console_setup+0x2f4/0x3c0
[  630.727883][ T6468]                    univ8250_console_setup+0x43a/0x540
[  630.734798][ T6468]                    try_enable_preferred_console+0x4e4/0x650
[  630.742230][ T6468]                    register_console+0x551/0xf90
[  630.748626][ T6468]                    univ8250_console_init+0x52/0x90
[  630.755278][ T6468]                    console_init+0x1a1/0x670
[  630.761324][ T6468]                    start_kernel+0x2cc/0x500
[  630.767367][ T6468]                    x86_64_start_reservations+0x24/0x30
[  630.774366][ T6468]                    x86_64_start_kernel+0x143/0x1c0
[  630.781016][ T6468]                    common_startup_64+0x13e/0x147
[  630.787495][ T6468]  }
[  630.789987][ T6468]  ... key      at: [<ffffffff99dc1fa0>] port_lock_key+0x0/0x20
[  630.797593][ T6468] 
[  630.797593][ T6468] the dependencies between the lock to be acquired
[  630.797600][ T6468]  and HARDIRQ-irq-unsafe lock:
[  630.811077][ T6468] -> (disc_data_lock#3){.+.+}-{3:3} {
[  630.816446][ T6468]    HARDIRQ-ON-R at:
[  630.820405][ T6468]                     lock_acquire+0x120/0x360
[  630.826532][ T6468]                     _raw_read_lock+0x36/0x50
[  630.832675][ T6468]                     sixpack_receive_buf+0x5c/0x1450
[  630.839435][ T6468]                     tty_ldisc_receive_buf+0x116/0x160
[  630.846349][ T6468]                     tty_port_default_receive_buf+0x6e/0xa0
[  630.853699][ T6468]                     flush_to_ldisc+0x24a/0x720
[  630.860073][ T6468]                     process_scheduled_works+0xade/0x17b0
[  630.867269][ T6468]                     worker_thread+0x8a0/0xda0
[  630.873493][ T6468]                     kthread+0x70e/0x8a0
[  630.879209][ T6468]                     ret_from_fork+0x3fc/0x770
[  630.885426][ T6468]                     ret_from_fork_asm+0x1a/0x30
[  630.891817][ T6468]    SOFTIRQ-ON-R at:
[  630.895776][ T6468]                     lock_acquire+0x120/0x360
[  630.901904][ T6468]                     _raw_read_lock+0x36/0x50
[  630.908032][ T6468]                     sixpack_receive_buf+0x5c/0x1450
[  630.914776][ T6468]                     tty_ldisc_receive_buf+0x116/0x160
[  630.921687][ T6468]                     tty_port_default_receive_buf+0x6e/0xa0
[  630.929035][ T6468]                     flush_to_ldisc+0x24a/0x720
[  630.935343][ T6468]                     process_scheduled_works+0xade/0x17b0
[  630.942513][ T6468]                     worker_thread+0x8a0/0xda0
[  630.948730][ T6468]                     kthread+0x70e/0x8a0
[  630.954440][ T6468]                     ret_from_fork+0x3fc/0x770
[  630.960652][ T6468]                     ret_from_fork_asm+0x1a/0x30
[  630.967050][ T6468]    INITIAL USE at:
[  630.970921][ T6468]                    lock_acquire+0x120/0x360
[  630.976959][ T6468]                    _raw_write_lock_irq+0xa2/0xf0
[  630.983433][ T6468]                    sixpack_close+0x2c/0x280
[  630.989475][ T6468]                    tty_set_ldisc+0x33f/0x560
[  630.995605][ T6468]                    tty_ioctl+0xc38/0xde0
[  631.001386][ T6468]                    __se_sys_ioctl+0xfc/0x170
[  631.007518][ T6468]                    do_syscall_64+0xfa/0x3b0
[  631.013648][ T6468]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.021091][ T6468]    INITIAL READ USE at:
[  631.025396][ T6468]                         lock_acquire+0x120/0x360
[  631.031869][ T6468]                         _raw_read_lock+0x36/0x50
[  631.038343][ T6468]                         sixpack_receive_buf+0x5c/0x1450
[  631.045431][ T6468]                         tty_ldisc_receive_buf+0x116/0x160
[  631.052703][ T6468]                         tty_port_default_receive_buf+0x6e/0xa0
[  631.060399][ T6468]                         flush_to_ldisc+0x24a/0x720
[  631.067314][ T6468]                         process_scheduled_works+0xade/0x17b0
[  631.074831][ T6468]                         worker_thread+0x8a0/0xda0
[  631.081404][ T6468]                         kthread+0x70e/0x8a0
[  631.087460][ T6468]                         ret_from_fork+0x3fc/0x770
[  631.094022][ T6468]                         ret_from_fork_asm+0x1a/0x30
[  631.100768][ T6468]  }
[  631.103243][ T6468]  ... key      at: [<ffffffff8ecdf378>] disc_data_lock+0x18/0x100
[  631.111114][ T6468]  ... acquired at:
[  631.114891][ T6468]    lock_acquire+0x120/0x360
[  631.119541][ T6468]    _raw_read_lock+0x36/0x50
[  631.124192][ T6468]    sixpack_write_wakeup+0x30/0x480
[  631.129457][ T6468]    tty_wakeup+0xbb/0x100
[  631.133852][ T6468]    tty_port_default_wakeup+0xa2/0xf0
[  631.139289][ T6468]    serial8250_tx_chars+0x72e/0x970
[  631.144552][ T6468]    __start_tx+0x33b/0x480
[  631.149036][ T6468]    __uart_start+0x23f/0x440
[  631.153692][ T6468]    uart_write+0xdc/0x130
[  631.158087][ T6468]    sixpack_receive_buf+0x447/0x1450
[  631.163439][ T6468]    tty_ldisc_receive_buf+0x116/0x160
[  631.168880][ T6468]    tty_port_default_receive_buf+0x6e/0xa0
[  631.174751][ T6468]    flush_to_ldisc+0x24a/0x720
[  631.179584][ T6468]    process_scheduled_works+0xade/0x17b0
[  631.185278][ T6468]    worker_thread+0x8a0/0xda0
[  631.190017][ T6468]    kthread+0x70e/0x8a0
[  631.194239][ T6468]    ret_from_fork+0x3fc/0x770
[  631.198978][ T6468]    ret_from_fork_asm+0x1a/0x30
[  631.203891][ T6468] 
[  631.206191][ T6468] 
[  631.206191][ T6468] stack backtrace:
[  631.212058][ T6468] CPU: 1 UID: 0 PID: 6468 Comm: kworker/u8:19 Not tainted 6.16.0-rc7-syzkaller-00114-g327579671a9b #0 PREEMPT(full) 
[  631.212071][ T6468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  631.212079][ T6468] Workqueue: events_unbound flush_to_ldisc
[  631.212097][ T6468] Call Trace:
[  631.212104][ T6468]  <TASK>
[  631.212111][ T6468]  dump_stack_lvl+0x189/0x250
[  631.212124][ T6468]  ? __pfx_dump_stack_lvl+0x10/0x10
[  631.212135][ T6468]  ? __pfx__printk+0x10/0x10
[  631.212151][ T6468]  validate_chain+0x1f05/0x2140
[  631.212168][ T6468]  __lock_acquire+0xab9/0xd20
[  631.212179][ T6468]  ? sixpack_write_wakeup+0x30/0x480
[  631.212193][ T6468]  lock_acquire+0x120/0x360
[  631.212201][ T6468]  ? sixpack_write_wakeup+0x30/0x480
[  631.212216][ T6468]  ? ldsem_down_read_trylock+0x137/0x1a0
[  631.212227][ T6468]  ? tty_ldisc_ref+0x1c/0x90
[  631.212240][ T6468]  _raw_read_lock+0x36/0x50
[  631.212249][ T6468]  ? sixpack_write_wakeup+0x30/0x480
[  631.212262][ T6468]  sixpack_write_wakeup+0x30/0x480
[  631.212277][ T6468]  ? __pfx_sixpack_write_wakeup+0x10/0x10
[  631.212291][ T6468]  tty_wakeup+0xbb/0x100
[  631.212303][ T6468]  tty_port_default_wakeup+0xa2/0xf0
[  631.212319][ T6468]  serial8250_tx_chars+0x72e/0x970
[  631.212337][ T6468]  __start_tx+0x33b/0x480
[  631.212351][ T6468]  __uart_start+0x23f/0x440
[  631.212365][ T6468]  uart_write+0xdc/0x130
[  631.212378][ T6468]  sixpack_receive_buf+0x447/0x1450
[  631.212398][ T6468]  ? __pfx_sixpack_receive_buf+0x10/0x10
[  631.212412][ T6468]  tty_ldisc_receive_buf+0x116/0x160
[  631.212428][ T6468]  tty_port_default_receive_buf+0x6e/0xa0
[  631.212443][ T6468]  flush_to_ldisc+0x24a/0x720
[  631.212459][ T6468]  ? process_scheduled_works+0x9ef/0x17b0
[  631.212469][ T6468]  process_scheduled_works+0xade/0x17b0
[  631.212485][ T6468]  ? __pfx_process_scheduled_works+0x10/0x10
[  631.212499][ T6468]  worker_thread+0x8a0/0xda0
[  631.212515][ T6468]  kthread+0x70e/0x8a0
[  631.212528][ T6468]  ? __pfx_worker_thread+0x10/0x10
[  631.212538][ T6468]  ? __pfx_kthread+0x10/0x10
[  631.212551][ T6468]  ? _raw_spin_unlock_irq+0x23/0x50
[  631.212559][ T6468]  ? lockdep_hardirqs_on+0x9c/0x150
[  631.212568][ T6468]  ? __pfx_kthread+0x10/0x10
[  631.212580][ T6468]  ret_from_fork+0x3fc/0x770
[  631.212590][ T6468]  ? __pfx_ret_from_fork+0x10/0x10
[  631.212600][ T6468]  ? __switch_to_asm+0x39/0x70
[  631.212611][ T6468]  ? __switch_to_asm+0x33/0x70
[  631.212622][ T6468]  ? __pfx_kthread+0x10/0x10
[  631.212634][ T6468]  ret_from_fork_asm+0x1a/0x30
[  631.212650][ T6468]  </TASK>
[  631.212880][    C0] vkms_vblank_simulate: vblank timer overrun
[  631.458345][    C0] vkms_vblank_simulate: vblank timer overrun
[  631.639864][ T1312] gspca_sn9c2028: read1 error -110
[  631.739208][ T1312] gspca_sn9c2028: read1 error -32
[  631.745500][ T1312] sn9c2028 2-1:0.0: probe with driver sn9c2028 failed with error -32
[  631.770090][ T1312] usb 2-1: USB disconnect, device number 19
[  632.177338][ T6465] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)