last executing test programs:

3m8.608124048s ago: executing program 0 (id=134):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000080)=0x80000000, 0x4)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0x20}, 0x0)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x1c1}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001e40)=""/4096, 0x1000}], 0x1, &(0x7f00000005c0)=""/143, 0x8f}, 0x7f}], 0x2, 0x62, 0x0)

3m7.406467699s ago: executing program 2 (id=137):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0xc5)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
rmdir(&(0x7f0000000000)='./file1\x00')
chdir(&(0x7f0000000140)='./bus\x00')
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)

3m7.349194979s ago: executing program 0 (id=138):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000300)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000180)={{@my=0x0, 0xffffffff}, @my=0x0, 0x8, 0x0, 0x7, 0x0, 0x0, 0x2})
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x8692371a04dae0f4, 0x6, 0x2}, 0x18, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000140)=0x200000000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x0, 0x0, 0x47, 0x0, 0x0, 0x0)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, 0x0, 0x0)
munlockall()
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
write$vhost_msg_v2(r2, &(0x7f0000000080)={0x2, 0x0, {0x0, 0x0, 0x0, 0x1, 0x3}}, 0x48)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000080)=0x40)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r5 = fanotify_init(0x68, 0x0)
fanotify_mark(r5, 0x105, 0x40001032, r4, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

3m6.562870882s ago: executing program 2 (id=139):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_open_dev$vim2m(&(0x7f00000002c0), 0xd228, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000140)={0x2, @raw_data="cd1c0f81a34f8e7959553132d7cb8d418ee9b7271495f452cf7504b611bbc9804e4060b85cf0d7b9e50bce9e8ce9cc8db6af7fc30dea021e788bf809eb5792b0d70e1cbdb302331d62e7b32fb273609ae0b05b8a382ebc8a58201a6fcac62a855dff9b22dca633e2e3d6e7871179262a7a0f2be2a6719f7eaf50bb7aad3d446e4691c6c6f7b0e669c47d332053ccec74372d1cfddafc259b75b09587bd63360cd3ba82cfb0d32d8ebca4c92d762952826891ea6215ed73bf681a7de78c5a07ef41ec3ebcdd820330"})
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0xc, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @empty}]}]}, 0x70}}, 0x0)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000000), r0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r4, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="0000ff0f", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000800010003000000040004800800020001000000100008800c0007800800060000000000"], 0x38}}, 0x0)

3m6.307632205s ago: executing program 2 (id=141):
fsopen(0x0, 0x1)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000139209f422ca2f1d3568c599f830b1f821bc25fa46eaf5"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
shutdown(r0, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, 0x0, 0x0)
sendmmsg$inet(r5, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000900)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x70040000}, {{0x0, 0x0, 0x0}}], 0x2, 0x240448c0)

3m5.145817911s ago: executing program 2 (id=143):
socket$netlink(0x10, 0x3, 0x0)
socket(0x11, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90324fc60100003000a000200053582c137153e37000c0680050002000300", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
signalfd(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
io_uring_setup(0x175c, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r4 = accept$alg(r3, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, &(0x7f00000017c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x8}], 0x30, 0x200040c0}, 0x20000000)
write$binfmt_script(r4, &(0x7f00000001c0), 0xfec8)
socket$inet6_sctp(0xa, 0x5, 0x84)
recvmmsg(r4, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r5, 0x0, 0x13, &(0x7f0000000000)=0x800, 0x4)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080)=0xa08, 0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="40010000100001000000000000008000"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001006000000000000000480001006469676573745f6e756c6c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001e0006000000"], 0x140}, 0x1, 0x0, 0x0, 0x40080}, 0x40008800)

3m5.108487753s ago: executing program 0 (id=144):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r0, 0x0, 0x0)

3m3.807206284s ago: executing program 2 (id=146):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000200)={0x4, 0x4, 0x10, 0x0, @vifc_lcl_ifindex, @broadcast}, 0x10)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000080)={@broadcast, @multicast2, 0x0, "11ec34772e3bbee4cb306b4e6465f67811beb627aa81caa3e9afee88e86e388d", 0x10000, 0x997, 0x2, 0x3}, 0x3c)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000300)=0xb, 0x4)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r2, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
connect$inet(r2, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x878722882297843a, 0x0)
ioctl$PPPIOCSDEBUG(r3, 0x40047440, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={&(0x7f0000000100)=@isdn={0x22, 0x1, 0x8, 0xf8, 0x5}, 0x80, &(0x7f0000000240)=[{0x0}], 0x1}, 0x4088080)
syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x60c000, 0x20)
getsockname$packet(r7, &(0x7f00000001c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r6, @ANYBLOB="00000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r8, 0x40083, 0x715cb}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)

3m3.687172488s ago: executing program 0 (id=148):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x16, 0xa01, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r5}, 0x10)
r6 = open$dir(&(0x7f0000000000)='./file0\x00', 0x40, 0x63)
name_to_handle_at(r6, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@FILEID_INO32_GEN={0x8, 0x1, {0x6, 0x7}}, 0x0, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$FUSE(r7, &(0x7f0000000040)={0x2020}, 0x2020)
ioctl$BINDER_GET_FROZEN_INFO(r7, 0xc00c620f, &(0x7f0000000280))
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000500)}], 0x1, &(0x7f00000003c0)=[@sndinfo={0x20, 0x84, 0x2, {0x4, 0x45, 0x0, 0x1}}], 0x20, 0x4048800}, 0xc0)

3m2.125922966s ago: executing program 0 (id=150):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r2}, 0x38)
listen(0xffffffffffffffff, 0x5)
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, 0x0, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newlink={0x20, 0x10, 0x1}, 0x20}, 0x1, 0x0, 0x0, 0x88000}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000140)={0x11000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)

3m0.295832408s ago: executing program 0 (id=157):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001", @ANYRES16, @ANYRESHEX], 0x98}, 0x1, 0x0, 0x0, 0x20008020}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='contention_begin\x00', r0}, 0x18)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
splice(r7, 0x0, r6, 0x0, 0x1, 0x0)
fcntl$setpipe(r6, 0x408, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
io_uring_setup(0x5d83, &(0x7f0000000240)={0x0, 0xbcd3, 0x2000, 0x2, 0x245})
socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x8001)

3m0.213009018s ago: executing program 2 (id=159):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x18, 0x1, 0xfffffffd, 0x0, {0x2, 0x14, 0x0, 0x0, 0xff, 0x0, 0x0, 0x7}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(r1, 0x0, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x36, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000a00))
r6 = dup(r5)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r6})

2m43.944147733s ago: executing program 32 (id=157):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001", @ANYRES16, @ANYRESHEX], 0x98}, 0x1, 0x0, 0x0, 0x20008020}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='contention_begin\x00', r0}, 0x18)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
splice(r7, 0x0, r6, 0x0, 0x1, 0x0)
fcntl$setpipe(r6, 0x408, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
io_uring_setup(0x5d83, &(0x7f0000000240)={0x0, 0xbcd3, 0x2000, 0x2, 0x245})
socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x8001)

2m43.630619414s ago: executing program 33 (id=159):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x18, 0x1, 0xfffffffd, 0x0, {0x2, 0x14, 0x0, 0x0, 0xff, 0x0, 0x0, 0x7}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(r1, 0x0, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x36, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000a00))
r6 = dup(r5)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r6})

18.544518769s ago: executing program 3 (id=482):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="5000008072003303000000000000000007000000", @ANYRES32=0x0, @ANYBLOB], 0x50}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x80)
modify_ldt$write(0x1, 0x0, 0x0)
modify_ldt$read(0x0, &(0x7f0000002200)=""/229, 0xe5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000001900010000000000fcdbdf2580201400001100050000000008000f00feffffff06004e210000"], 0x2c}}, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket(0x10, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="28000000190000088cfd4d416f9cd445b2ab152128bd7000fbdbdf250a101406ff040007000800000c0009001fe80481", @ANYRES32=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x20000000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x38, 0x1403, 0x1, 0xf, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wlan0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x48854)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x5, @mcast1, 0x9}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000640)=ANY=[@ANYBLOB="0180c200000000000000000008004500002c000000000011907800000018e000000100004e2000189078040000000000000000000000000000003f9eff9a23707319514787ff10787db9c2f32eeaacf15657b4bfa82a6e2f8a1e3faf8b9a47aef702faf86061f5a356d6536cb187fda2f009902e5d70b0f92cf0f228a17fad674f69104813b492c9ca844a8574b4e254e8c555f6f5ea80536862f5b07b3524ab84811c109bd08948201928e68c33a9a6cde96be4374787ce8e5507373b25ae7c0bb5004784bd892f140b430fed590fb5c65a8894204f391a0258bc9f321461324f453b5cee04b0a30245c8b2f814169bdc804900614c98342b040f1210b439bfa03ad8c7b8f554d0d8aa0733354c927752acb66b8dc95857e92e593edca6ea660efa4f048d2919ec105e5c0389d5314cb00d02294d113dd4bc43b27cfe36ccefb1de9933f8ca57ddb2254b53b2e5b9cfc73a97190a6b923ac81ee760b218fafb1eefc0913a4b76ca5f14dc77804a2885e4299266e6c7b0d1e56f8e4ee2b0e16c5716bf627cfc0f16eb746327d0e18da17f10880861927f8687ea65f099a21cebcbb2e975fc75a53616c3a736e021bffab79ae7e9336a29257da3a8e2df79c93748ab4785ae713d87d1a6f6dde80647da"], 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x20000000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000002c00010026bd9300fcdbdf250400000008000c80"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
syz_emit_ethernet(0x141, &(0x7f00000008c0)={@broadcast, @empty, @void, {@ipv4={0x800, @tcp={{0x1d, 0x4, 0x3, 0x3f, 0x133, 0x65, 0x0, 0xde, 0x6, 0x0, @remote, @multicast1, {[@generic={0x86, 0x4, "7603"}, @timestamp={0x44, 0x28, 0x19, 0x0, 0x2, [0x1ff, 0x3, 0x6, 0x40, 0x7, 0x6, 0x4, 0x3, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x22, 0x3, 0x3, [{@broadcast}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@remote, 0xdfef}, {@local, 0x4}, {@loopback, 0xa}, {@private=0xa010100, 0x101}]}]}}, {{0x4e22, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x8778f3dbed39d4ff, 0x3, 0x0, 0x1, {[@md5sig={0x13, 0x12, "25cd5e87bf66956204d4ce3b45cd21e9"}]}}, {"eb2ede530163998bbfd192dd439219b1d0b37a49815ec1905ff068014395bf0dcf7d91206804bb87c99d5a5b84a4eca86bceded6815b21478c18377cb632dab53969078603509a0a5222b33a9e441e04707d1d674b6f7c11490e84d8f2273dc0d3f7b9ac749a27b00aba706a383efa37073e955a2a8eab50c78f7f83ed3fe1c1215750e0eef965dbe55fc81cbb5ada8be4185451fe7714"}}}}}}, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x2808c0)

17.320397375s ago: executing program 5 (id=486):
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x8801, 0x0)
ioperm(0x0, 0x9, 0x5)
r0 = inotify_init1(0x0)
inotify_rm_watch(r0, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r1, &(0x7f0000000440)={&(0x7f0000000300)={0x2, 0x4e24, @empty}, 0x10, 0x0}, 0x9d8d2a5017a9ed00)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_getscheduler(0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x28, r5, 0xc4fc9e906872378b, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r6}, @val={0xc}}}}, 0x28}}, 0x0)
recvmmsg(r3, &(0x7f00000005c0), 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x6, 0x1, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair(0x15, 0x2, 0x6, &(0x7f0000000000))
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r8}, 0x38)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r8}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)

16.595480921s ago: executing program 5 (id=489):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r1 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', 0x0, 0x4, 0x4, 0x4, 0x7, 0x1c, @private0, @dev={0xfe, 0x80, '\x00', 0x15}, 0x1, 0x40, 0x471d8c18, 0x9}})
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x7f03)

15.778199437s ago: executing program 3 (id=491):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0xf, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r4}, &(0x7f0000000040), &(0x7f0000000140)=r3}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000005100000000000000000a200000000900010073797a300000000014000000100001"], 0x48}}, 0x20050800)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000010000000c000597ff000000000000000c0002000000000000000000040007800c000800000000000000000008000a00000000004400078008000100", @ANYRES32, @ANYBLOB="32000100", @ANYRES32=r7], 0x90}}, 0x0)

13.621039361s ago: executing program 3 (id=495):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f00000011c0)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000300, r1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYBLOB="dd9473d8ce8e84300afeecb088fa8067317facee549c74255cd1eebea35f56e54b5e3796d986e2f7fdd4e5c292abcc61e4f93c724cc6ccec8ca8885b9ebc95dfddd78a0a87eb044f1c5c7226748abca01c7164ead6d62140bc97d0636447ec25fa813255542907830d96d003b702612dc315918f0770", @ANYBLOB="010000000000000000000c0000001800038014000380100001800400030008000100020000002000018008000300020000001400020076657468315f766972745f77696669"], 0x4c}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x40018)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
socket$kcm(0x10, 0x400000000, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/consoles\x00', 0x0, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz0\x00', {}, 0x10000000, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x2, 0x5, 0x0, 0x2, 0x0, 0xffffffff], [0x0, 0x10000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9]}, 0x45c)
ioctl$UI_DEV_CREATE(r7, 0x5501)
preadv(r6, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)

13.164124706s ago: executing program 5 (id=498):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
recvmmsg(0xffffffffffffffff, &(0x7f0000003680), 0x0, 0x40, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0xfffffffffffffebb)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x60b, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_connect$uac1(0x3, 0x0, 0x0, &(0x7f0000001240)={0x0, 0x0, 0x19, &(0x7f0000000300)=ANY=[@ANYBLOB="050f1900011410040028414aaa318740d55d15d868271d7482"]})
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000706000000ff"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@deltfilter={0x34, 0x2d, 0x1, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xfff3, 0x3}, {0xfff2, 0xffff}, {0xffe0, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x20044000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
futex(0x0, 0x80000000000b, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)

12.296763328s ago: executing program 3 (id=499):
creat(0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
bind$unix(r1, &(0x7f0000000140)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
prlimit64(0x0, 0x0, &(0x7f0000000340)={0x200, 0x25}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsopen(&(0x7f0000000180)='virtiofs\x00', 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f0000000040)={0x80, 0x8c8, 0x0, 0x0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

9.484245439s ago: executing program 4 (id=502):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="5000008072003303000000000000000007000000", @ANYRES32=0x0, @ANYBLOB], 0x50}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x80)
modify_ldt$write(0x1, 0x0, 0x0)
modify_ldt$read(0x0, &(0x7f0000002200)=""/229, 0xe5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000001900010000000000fcdbdf2580201400001100050000000008000f00feffffff06004e210000"], 0x2c}}, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket(0x10, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="28000000190000088cfd4d416f9cd445b2ab152128bd7000fbdbdf250a101406ff040007000800000c0009001fe80481", @ANYRES32=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x20000000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x38, 0x1403, 0x1, 0xf, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wlan0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x48854)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x5, @mcast1, 0x9}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000640)=ANY=[@ANYBLOB="0180c200000000000000000008004500002c000000000011907800000018e000000100004e2000189078040000000000000000000000000000003f9eff9a23707319514787ff10787db9c2f32eeaacf15657b4bfa82a6e2f8a1e3faf8b9a47aef702faf86061f5a356d6536cb187fda2f009902e5d70b0f92cf0f228a17fad674f69104813b492c9ca844a8574b4e254e8c555f6f5ea80536862f5b07b3524ab84811c109bd08948201928e68c33a9a6cde96be4374787ce8e5507373b25ae7c0bb5004784bd892f140b430fed590fb5c65a8894204f391a0258bc9f321461324f453b5cee04b0a30245c8b2f814169bdc804900614c98342b040f1210b439bfa03ad8c7b8f554d0d8aa0733354c927752acb66b8dc95857e92e593edca6ea660efa4f048d2919ec105e5c0389d5314cb00d02294d113dd4bc43b27cfe36ccefb1de9933f8ca57ddb2254b53b2e5b9cfc73a97190a6b923ac81ee760b218fafb1eefc0913a4b76ca5f14dc77804a2885e4299266e6c7b0d1e56f8e4ee2b0e16c5716bf627cfc0f16eb746327d0e18da17f10880861927f8687ea65f099a21cebcbb2e975fc75a53616c3a736e021bffab79ae7e9336a29257da3a8e2df79c93748ab4785ae713d87d1a6f6dde80647da"], 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x20000000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000002c00010026bd9300fcdbdf250400000008000c80"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
syz_emit_ethernet(0x141, &(0x7f00000008c0)={@broadcast, @empty, @void, {@ipv4={0x800, @tcp={{0x1d, 0x4, 0x3, 0x3f, 0x133, 0x65, 0x0, 0xde, 0x6, 0x0, @remote, @multicast1, {[@generic={0x86, 0x4, "7603"}, @timestamp={0x44, 0x28, 0x19, 0x0, 0x2, [0x1ff, 0x3, 0x6, 0x40, 0x7, 0x6, 0x4, 0x3, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x22, 0x3, 0x3, [{@broadcast}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@remote, 0xdfef}, {@local, 0x4}, {@loopback, 0xa}, {@private=0xa010100, 0x101}]}]}}, {{0x4e22, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x8778f3dbed39d4ff, 0x3, 0x0, 0x1, {[@md5sig={0x13, 0x12, "25cd5e87bf66956204d4ce3b45cd21e9"}]}}, {"eb2ede530163998bbfd192dd439219b1d0b37a49815ec1905ff068014395bf0dcf7d91206804bb87c99d5a5b84a4eca86bceded6815b21478c18377cb632dab53969078603509a0a5222b33a9e441e04707d1d674b6f7c11490e84d8f2273dc0d3f7b9ac749a27b00aba706a383efa37073e955a2a8eab50c78f7f83ed3fe1c1215750e0eef965dbe55fc81cbb5ada8be4185451fe7714"}}}}}}, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x2808c0)

9.075842707s ago: executing program 5 (id=503):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x1a}, &(0x7f0000000040)=0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x3, 0xfffffffffffffffd)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10, 0x0}}], 0x5a3, 0x8014)

7.153574923s ago: executing program 4 (id=505):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYRES8=r3, @ANYRES32=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES64=r3, @ANYRES64=r2], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r4 = socket(0x9, 0x4, 0xa)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES32=r0], 0x9)
bind$inet(r4, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000001200)='attr\x00')
getdents64(r5, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000400)=ANY=[@ANYRESOCT=r6], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xec9223f0ec860c78, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r8}, 0x10)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000032680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt$CAIFSO_REQ_PARAM(r5, 0x116, 0x80, &(0x7f0000000040), 0x0)
epoll_create(0x207ffd)
r10 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
pwritev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r10, 0x4c00, 0xffffffffffffffff)

7.025280169s ago: executing program 5 (id=506):
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b00000000000119078000000000000000000004e20009c907801000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c04594"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020019000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x7fff, 0x200000000000000)

6.484256479s ago: executing program 1 (id=507):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x0)
pipe(&(0x7f00000045c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r6, 0x0)
vmsplice(r5, &(0x7f00000019c0)=[{&(0x7f0000001a00)="ce677fdc115e4956fcd3bb517e0f7ca5e216eae39cb024338a67264767240721eaaf20106bfb265efa2b77956e35eb2a71cc9c73b790e5256c65de21c754cba1312a9eb428ce713df313605e3f12a1f6d3f66710633af6ead1cb436e9452ae4a9edf7708f78bae12b68c1c6f0183c18eb257e2597b19d65bc66f5781f236e7c3ca9be674b7adf2ab9bc91a5f7621073dbf4297e6ae88764525039cd54bce2f11ec681f5ba5080e759c2599b58134d87279dc242d53c2ed8f6b396dee30911c59256cc16c0553e89511e950d6b285a65d8cd30ff4692dcf3b37638098613711c4f82073bd887a43732d5e2dbf481cd031c6bef11a8e677d65dd77a9f272a25044da3d921cea3b45edaddd89b801dfbe127884ae1637029f5c7763855cc8bc4d98fcedf8e9830425647dcea0eff468fdf076782469a86388ade165d42c850c43ef31a3e122596f4c986018e80535c218feae09643ca1f1379999ee7796b41f723efe91468b746ba0bb741fe1af33626240bd5bbce916e34d6673cff8117f251ee5dd03d88d785267c964d3a5b5bbe086efb64682d79c0c34f934fbfe658a2ed6730354c0d95f51379b638474dc5609fff84b033dc2afa360a4eda7c0e4b55390cc174646785965bc35b3d802360006c3c07b4d1d80ae938fb203a9fb31b469976ff7be8842b5fea674737bff5b6c73cb7827d2d4e8889f8d129906f5237b15c789c4ef1bff25057cd778b30f953c8ff45e11d90235b7b6d210c2890ce5882230aac7e2a35c30f165264890c4141f9a469813b6f31760aae1efa9ce61557146ff44d33bc480488d0986ee16208a0fa5ff260d6cef56db1e98f54d6f84ef8c2b19e7652de6769aeb47346d5440f6a630c45455e974e33c989f2a239b6648d33b834cf0de6c28e43c414892eb6567476a4f90b179778f1e5e78d42e42f56c0a8782b81a54fbaba60d49270d955a3e772b24aa6a6a652413553b0967a7f3092e04549ed8c30b344e5db516300917c26877e14323fa9fc29230c082a40a59f56ce8ca8e5c62c2d52da03e2b7c1d097152bca657b28fa437cb2b44cb7710514a2a9b84b7e1462d7af09614293733bb765753884066e91c6ec11395e711e6a13f2658e819cbd34607899f4ce4f91360bf6a2e7fbc7dd6d60c8aff2c9c89c929264b315e3eb887737c92a41e0e4ed68ea9724177c603c55652e8c6f2e6fe9808932d60ead9649f88d991200b46d3d72885ce4b3d916b14435f9000000000000008b3f4c9c1424dd2f8e762fd1df8c48a5bb1d12cfac51448148b6de923ad6617ea738a5a8133929bd0fe6af6d9ec17472b2e228531c17e909d9cdda7e316852c0e5ee96a223bb1f6da8fb311b0284856276b904511fa95ac22189cc429e6291a96e7865cbe47fc881814f9f9255649de15d6f3d780d5de3a5ee1619a73267a83939f2930aaac7268038803c6a750ececa7542a94d0ba1f09dd1d513b01d1f81771c9e820a086ad6276d37e4848bf141ca245ea196467e953f49b1851508ef4441428029d767a06198b0b3073a0188925959916aa86118d6ffc1b1fb6b71443fa09bf39cb3cb51ec57b58649d6a9a0d2d442321bffbb266d540906430ced0e0bcb0a7fef505730f71730fde61914f5c06d1a2f98ddd78356533a3c852a7ec5919fba1b01500368a9590a194f4d839cef1279072b168ed22e877ee976044497006d4564709eb5ea8f52b88e4121438567bd23f233ec00cb09432722fde354c8f902962efdd35f066bd915e5ae457144b90610037160d38be8ca6768dcd28674bb6ca9c59abf1d4d089e06b2b89a70880b9fabfc4d49a1511967b59c40c2e4e43f51baba8c86d93c654573bd2686c0ae8ba7fe9ab2b439a266ff4a69400ed531909898a0f7875c629be8094d943cd6d976697d1cf594f061f3de5b64ffcebb069d34f311ece8bcd3f0760922f48eeead0ba515d487a3226d28c878fed4caf503c4d549d0c3b8acef86e5fdfdc492ae1309f27de26bb73dc4a1cfc733c7bea5a7982520301384664ecb1f7d8c2d6a07e7a038c3d197718c58cdd7d57937bf27141611e877a4b150776fc7a98fade331b71f6d41f93d975ffa2c66d66d1a3aa06e95f2fc608e5800edea97c95704cd7f9d6eb42fb8ee9a34a387a49ff477d91be2c3604ec5bb849a0", 0x601}], 0x1, 0x1)
splice(r4, 0x0, r3, 0x0, 0x8000, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x8, <r7=>0x0}, 0x8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2000, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

6.33988462s ago: executing program 4 (id=508):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r1 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', 0x0, 0x4, 0x4, 0x4, 0x7, 0x1c, @private0, @dev={0xfe, 0x80, '\x00', 0x15}, 0x1, 0x40, 0x471d8c18, 0x9}})
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x7f03)

6.193260667s ago: executing program 6 (id=509):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f00000011c0)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000300, r1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYBLOB="dd9473d8ce8e84300afeecb088fa8067317facee549c74255cd1eebea35f56e54b5e3796d986e2f7fdd4e5c292abcc61e4f93c724cc6ccec8ca8885b9ebc95dfddd78a0a87eb044f1c5c7226748abca01c7164ead6d62140bc97d0636447ec25fa813255542907830d96d003b702612dc315918f0770", @ANYBLOB="010000000000000000000c0000001800038014000380100001800400030008000100020000002000018008000300020000001400020076657468315f766972745f77696669"], 0x4c}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x40018)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x10, 0x400000000, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/consoles\x00', 0x0, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz0\x00', {}, 0x10000000, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x2, 0x5, 0x0, 0x2, 0x0, 0xffffffff], [0x0, 0x10000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9]}, 0x45c)
ioctl$UI_DEV_CREATE(r7, 0x5501)
preadv(r6, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)

5.836514296s ago: executing program 1 (id=510):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', 0x0, 0x4, 0x4, 0x4, 0x7, 0x1c, @private0, @dev={0xfe, 0x80, '\x00', 0x15}, 0x1, 0x40, 0x471d8c18, 0x9}})
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r3, r3, &(0x7f0000000080), 0x7f03)

4.279389438s ago: executing program 1 (id=511):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
clock_nanosleep(0x1, 0x1, 0x0, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x8011}, 0x200440c0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, &(0x7f0000000000)=0x6, 0x4)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/183, 0xb7}, {&(0x7f00000003c0)=""/165, 0xa5}, {&(0x7f00000004c0)=""/135, 0x87}, {&(0x7f0000000580)=""/182, 0xb6}], 0x4, 0x4b, 0x0)
socket$packet(0x11, 0x2, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r2)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x30, r3, 0x413, 0x0, 0xfffffffe, {{}, {}, {0x14, 0x19, {0x0, 0x1, 0x80000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x851}, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
fanotify_init(0x0, 0x41003)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
r4 = openat$smackfs_change_rule(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file0', [{0x20, '\xff\xff'}], 0xa, "ab82491ab8de3b976e3ea9411d33d0dd23c481b19a3197c19a48e96783956b8037d1e3c11aaa073c831dcc6ce3336adae947048459482d856ee8d3372ca85372657d4b51d1fd45a69cbc7bd9ad005ec222299e2491ffb3e055a3d2505012551be5a402489bcd"}, 0x74)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r6, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r7, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xe}}}, 0x1c)
close_range(r5, r6, 0x0)

4.231015103s ago: executing program 5 (id=512):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
syz_usb_connect(0x0, 0x107, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000b2111d40c71b10905336000000010902f50001000000000904"], 0x0)
getsockopt$inet_int(r0, 0x10d, 0xe5, &(0x7f0000001040), &(0x7f0000000440)=0x4)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000003b00)={0x8, 0x0, &(0x7f0000003a80)=[@increfs={0x630d, 0x1}], 0x0, 0x0, 0x0})
socket$inet6_sctp(0xa, 0x1df87fe0dfd95299, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x2718, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)
r2 = syz_clone(0xa00000, &(0x7f0000000000)="bab1751b8d7fcd582d67ebe11dbfd09e2b4fc5c0c8bba4d7d77083f4837ccad46967408aa871301c86f9aa939a981d9e7e", 0x31, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)="88a6fc47c983154111fce990329b38df869e3ee35c2279de6c8c091667aff44fcb2c7b19")
prctl$PR_SCHED_CORE(0x3e, 0x2, r2, 0x3, &(0x7f0000000100))
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="240000002600010000000000000000001dd09c7702b2b1"], 0x24}], 0x1}, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r6, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000140)=""/4125, 0xffffff7f}], 0x1}, 0x40002022)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008103e00f80ecdb4cb9f207c804a00d000000880802fb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000013c0), r7)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000011c0)=ANY=[@ANYBLOB="34000000f5b557409ad463bb56980be63113fefcf6422791d67a16d491545c9818c8663e37ee6899d428a556340bf30c204b52a31750b1378bc6cd83ff185bb1bc8c90f7c993f1285477fe016eeb0414ae95eeb89154364645881bcdb0109b12bcbecb15e0c99d5612583f9bf1df7fe36f487af43cd696e08044d4c72b08ffcd56a7ed1f604efee6ba3c3541a77c86e2cbcccea83ced6f325a8b4d75eb2c7f58de626c4a5e7d6e5b03f38c566eee66305bf6d85796ae3f306996da646d0d3cfca1daa9f48e3a560d36579c75a85e39ab806d21f7770d0e", @ANYRES16=0x0, @ANYBLOB="010027bd70000400000102000000200001801400040000000000000000000000000000000001060001000a000000"], 0x34}}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$TUNSETLINK(r8, 0x400454cd, 0x118)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', @broadcast})
mknod$loop(&(0x7f0000001180)='./file0\x00', 0x8, 0x0)
write$tun(r8, &(0x7f0000001400)=ANY=[@ANYBLOB='\x00\x00\x00\f'], 0x152)

4.200724054s ago: executing program 6 (id=513):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000080)={{0x0, 0x4}, 'syz1\x00', 0x4b})
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000300)={0x39, {0xfffffffc, 0x0, 0x0, 0x1, 0x0, 0x5}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x54}}, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)

3.244082749s ago: executing program 6 (id=514):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
rt_sigaction(0x40, 0x0, 0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100f6000000000000000c000000b24e240fdbff8b2a0000000000000005004400000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x4)
write(r4, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x6}, {0xffff, 0xffff}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x6}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a40)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x10, 0x4}}]}}]}, 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x0, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'nq\x00', 0x1, 0x7, 0x400006a}, 0x2c)
r9 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r9, 0xc0405665, &(0x7f0000000140)={0x0, 0x4, 0x9})
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000e1"])

3.243231306s ago: executing program 4 (id=515):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x3, {{@in=@private=0x1, @in6=@remote, 0x0, 0xfffd, 0x0, 0x0, 0xa}, {0xfffffffffffffff8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x8000000000}, 0x0, 0x0, 0x0, 0x0, 0x4}, [@tmpl={0x84, 0x5, [{{@in=@multicast2, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x3504, 0x1, 0x0, 0x21}, {{@in=@remote, 0xbffffffd, 0x3c}, 0xa, @in6=@dev={0xfe, 0x80, '\x00', 0xc3}, 0x3501, 0x3, 0x0, 0x7, 0x7}]}]}, 0x13c}}, 0x4040000)
syz_emit_ethernet(0x66, &(0x7f0000000900)=ANY=[@ANYBLOB="01f487c80703000e0000000086dd6300000000303afffc020000000000000000000000000000ff020000000000000000000000000001"], 0x0)

3.132711741s ago: executing program 1 (id=516):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f00000001c0)=r0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000005c0)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_emit_ethernet(0x7c, &(0x7f0000000480)={@local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "92c01f", 0x46, 0x2f, 0x0, @remote, @ipv4={'\x00', '\xff\xff', @private}, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, [0x444]}, {}, {0x8, 0x88be, 0x4305000f, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}}}}}}}}}, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r4, 0xc0505405, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0)
r5 = syz_open_dev$video4linux(&(0x7f00000002c0), 0x5, 0x0)
ioctl$VIDIOC_G_CTRL(r5, 0xc008561b, &(0x7f0000000100))
r6 = socket$netlink(0x10, 0x3, 0x6)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc845}, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
getpeername(r7, &(0x7f0000000200)=@isdn, &(0x7f0000000140)=0x80)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYRES16=r1, @ANYRES32, @ANYBLOB="6750520006000500010002000800"], 0x2c}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)

3.064213188s ago: executing program 3 (id=517):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller0\x00', 0x4801})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000020000000801220006"], 0x48)
write$cgroup_devices(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b2308217f05"], 0xffdd)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x800000000000b, 0x2)

2.916406608s ago: executing program 4 (id=518):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@fwd={0x3}]}, {0x0, [0x30, 0x0, 0x61, 0x2e, 0x30, 0x5f, 0x5f]}}, 0x0, 0x2d, 0x0, 0x1, 0xb807, 0x0, @void, @value}, 0x28)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@bridge_setlink={0x28, 0x13, 0xa2f, 0xfffffffd, 0x0, {0x7, 0x0, 0x68, r1, 0x20b25, 0x2952}, [@IFLA_MTU={0x8, 0x4, 0x80}]}, 0x28}}, 0xc050)

2.797830562s ago: executing program 1 (id=519):
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', 0x0, 0x0, 0x5c, 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r5, 0x60cede2af18cd917, 0x70bd2a, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x54)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000200012800b0001006772657461700000100002800400120008000600e000000108001f0002"], 0x58}}, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
mknodat$loop(r7, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000140)='./file1\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
execve(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000600)={[&(0x7f0000000280)='---\x00', &(0x7f0000000300)='\x00', &(0x7f0000000380)='-\x00', &(0x7f00000003c0)='}\xa7\x00', &(0x7f0000000440)='\x00', &(0x7f0000000480)='\x01\x00']}, &(0x7f00000005c0)={[&(0x7f0000000540)='\xffC\x00\x00', &(0x7f0000000580)=',{\x00']})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000001440)={0xfffffffffffffd87, 0x0, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="00220500000073df59d823"], 0x0}, 0x0)

2.707199534s ago: executing program 4 (id=520):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r0=>0xffffffffffffffff}, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@delchain={0x44, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x9, 0xe}, {0x10, 0xffff}, {0xffe0, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_ENC_IP_TTL={0x5, 0x52, 0x4}]}}]}, 0x44}}, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000090400"/20, @ANYRES32=r7, @ANYBLOB="020000000000000024001280110001006272696467655f736c617665000000000c00058005002b"], 0x44}, 0x1, 0x0, 0x0, 0x4801}, 0x0)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000007f00000000000000", @ANYRES32, @ANYBLOB="0000000000000000f86e00210000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x9, 0x1, 0x0, r8}, @generic={0x66, 0x0, 0x0, 0xfffc, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}, @exit, @printk={@s, {0x3, 0x0, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r10 = syz_open_procfs(0x0, &(0x7f0000000380)='attr\x00')
r11 = signalfd(0xffffffffffffffff, &(0x7f00000003c0)={[0x4]}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0x1, <r12=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x18, 0x2, &(0x7f00000000c0)=@raw=[@map_fd={0x18, 0xa, 0x1, 0x0, r0}], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x1000, &(0x7f0000000640)=""/4096, 0x41000, 0x0, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0x2, 0x3883, 0x9}, 0x10, 0x0, 0x0, 0x6, &(0x7f00000004c0)=[r8, r9, r10, r11, r12], &(0x7f0000000500)=[{0x3, 0x2, 0xc, 0xb}, {0x4, 0x1, 0x1, 0x5}, {0x5, 0x1, 0xc, 0x9}, {0x3, 0x2, 0xe, 0x2}, {0x5, 0x1, 0xb, 0x5}, {0x4, 0x3, 0x8, 0x3}], 0x10, 0x0, @void, @value}, 0x94)
r13 = socket$kcm(0x10, 0x2, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000300)={'bond0\x00', <r16=>0x0})
sendmsg$nl_route(r14, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5400000010000104000000000000002180aa6d00", @ANYRES32=r16, @ANYBLOB="00000000020000003400128009000100626f6e64000000002400028008000300040004000500060000000000"], 0x54}}, 0x0)
sendmsg$kcm(r13, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

2.660588081s ago: executing program 6 (id=521):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0xc5)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
rmdir(0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)

2.388404309s ago: executing program 6 (id=522):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', 0x0, 0x4, 0x4, 0x4, 0x7, 0x1c, @private0, @dev={0xfe, 0x80, '\x00', 0x15}, 0x1, 0x40, 0x471d8c18, 0x9}})
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r3, r3, &(0x7f0000000080), 0x7f03)

1.522449454s ago: executing program 3 (id=523):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f00000011c0)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000300, r1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYBLOB="dd9473d8ce8e84300afeecb088fa8067317facee549c74255cd1eebea35f56e54b5e3796d986e2f7fdd4e5c292abcc61e4f93c724cc6ccec8ca8885b9ebc95dfddd78a0a87eb044f1c5c7226748abca01c7164ead6d62140bc97d0636447ec25fa813255542907830d96d003b702612dc315918f0770", @ANYBLOB="010000000000000000000c0000001800038014000380100001800400030008000100020000002000018008000300020000001400020076657468315f766972745f77696669"], 0x4c}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x40018)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x10, 0x400000000, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/consoles\x00', 0x0, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz0\x00', {}, 0x10000000, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x2, 0x5, 0x0, 0x2, 0x0, 0xffffffff], [0x0, 0x10000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9]}, 0x45c)
ioctl$UI_DEV_CREATE(r7, 0x5501)
preadv(r6, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)

6.927861ms ago: executing program 1 (id=524):
r0 = getpgrp(0x0)
r1 = getpgrp(0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
ioctl$AUTOFS_IOC_READY(r3, 0x9360, 0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00305d784b2dfe2700"], 0x48)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000200)={0x4, @win={{0x8000, 0x8001, 0x7fffffff, 0x4}, 0x5, 0x101, 0x0, 0x3, 0x0, 0x8}})
connect$inet(r2, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
close(r2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpriority(0x1, r1, 0x4)
syz_clone3(&(0x7f0000000480)={0x20000180, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[r0], 0x1}, 0x58)

0s ago: executing program 6 (id=525):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000000000000711071000000000006000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000002380)='./file0\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)=""/124, 0x7c}, {&(0x7f0000000180)=""/29, 0x1d}, {&(0x7f0000001d40)=""/101, 0x65}, {&(0x7f0000000300)=""/46, 0x2e}], 0x4, &(0x7f00000003c0)=""/4096, 0x1000}, 0x2)
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x458, 0x5011, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x394}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r2, 0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = accept(r3, 0x0, 0x0)
sendmsg$AUDIT_USER_AVC(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x454}}, 0x0)
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r7 = syz_usb_connect$printer(0x4, 0x36, &(0x7f0000001400)=ANY=[@ANYBLOB="12010002000000402505a8a440000102030109022439000000000000000008010701020609050102100004fa07090582020800010007"], &(0x7f0000001900)={0xa, &(0x7f0000001440)={0xa, 0x6, 0x250, 0x7, 0x3, 0x7, 0x40, 0x6}, 0xca, &(0x7f0000001480)={0x5, 0xf, 0xca, 0x1, [@generic={0xc5, 0x10, 0x2, "d20fae09dfe0d6aabf42b984471d7a2a4aab7febcfbb97c9cffcc46ebcea79de19e38ccedf823e87bb5608ea25565d6b3e702e7dfe2540bb3144d93a6ab90af5f430f9b980ec122cb720429bdd97165a885c3c13dca6d5bc437c25399ca4d710bbb44db9bb92bf3bd03493cc342ee7698f14584ed9a2f6449b52bb2bb94cbd866fc44f1d3fc70cf3b00ddd9fdb37303aa8f041ec04f52071de06aa31def1e61c55b880ea03ed39bd7e45cb435abbe8d9dff4af0cc9ea5a9a5c9eea4e9a451c883ea5"}]}, 0x8, [{0x4, &(0x7f0000001580)=@lang_id={0x4, 0x3, 0x2c09}}, {0x2a, &(0x7f00000015c0)=@string={0x2a, 0x3, "e60d2ae3b291bbe9cabb4128824e250376decc8ba1003f046055913fb0f0cae0ba23184c8bb7a846"}}, {0x4, &(0x7f0000001600)=@lang_id={0x4, 0x3, 0x2009}}, {0x4, &(0x7f0000001640)=@lang_id={0x4, 0x3, 0x813}}, {0xc4, &(0x7f0000001680)=@string={0xc4, 0x3, "cd0606b2cf72310746623501f0f085c5745ea7b3cd7208b3787585f1f09073455e768aceb6b5dd31db90b15db9ddfd45510e2e314a14e11964e65851756bc5de6254732e16397fb9f1b26e85576b112cec05950a522a2f19d1aabcdad902abff36c6c059adf7535d5cd1d9a41975e769f4eda8a8674da15a2634a2a8c4eb3e852c99f9bf5b61ef1c95e1b5e28d7792951d8c4a06953bfdee4f855a6002e2bd0770def06f13008204d1c302731ce9a003c7638ff66c38bea66ed38efc4c0634908aec"}}, {0x4, &(0x7f0000001780)=@lang_id={0x4, 0x3, 0x44e}}, {0x4, &(0x7f00000017c0)=@lang_id={0x4, 0x3, 0x1004}}, {0xef, &(0x7f00000023c0)=@string={0xef, 0x3, "224808e8240bf2b81ae25a8a472a15b8e79d93fb7b9ccd66f33e2cb0cefa6577d6da5fb87ac2ff412ea84a2981489980aac7ffc500cbd69c50221b807509c8cb30c31f2ec5613db1e06356ec2a80033c16b0f27037a27ee3cb44c4b6d2293f10c4583c6ef516e1f570ce9f5dff22b98f8b014c161fc4c82ee11a3efaeeb67ce47d60831ac6eb0c8f67fb924f5b012a53e6714db2847c74db98bc7a7872a3d1a7c4a583abd38b1036ea2bb05ce2a0313d72df12ff05d28c1288a432c7e87f1d835e6703b2ca51551f164f62a2f5b92fb2d7b869e11cefc35a2b63610136bf25392da97b954724bc36528a7f9432"}}]})
syz_usb_control_io$printer(r7, &(0x7f0000001b00)={0x14, &(0x7f0000001980)={0x40, 0xf, 0x93, {0x93, 0x24, "874cb6a55afbb8da5bd591e921f9352713a5c2233f195eb4e2fa07e74faab9091b63197b85e297f186e7de4119e98b78aa421a341aa053a1f3f03b7234831ba4376bf96245e1890a7bf335f7abcb6c2c41f90aa92c59a914cf6dc92e112e530351611927d03cc3447f23d0a5194712d930dba4135f8642a1999eb6fb346511c55fcb77e2617aa22609db04e50a819bd249"}}, &(0x7f0000001a40)={0x0, 0x3, 0x98, @string={0x98, 0x3, "f7f253f29dfc823fe1c79eb28e241b258d30ed501dae6b08e5e8301d4e733961b0bcecc79b896a39e0e6824ba0105d14e6ecf0f8e1f5a833ae5d80d7d1961aec490a47d284d4ba0d07e61bb86cc2bc0b4c089405e83d3b04e1be5cffee03288c9a8219082b2f980a1ac2adc13e3bfe0b7e30ee07a265711d3115ce20467501bcead4703d8b7476988bca449fefc8b97b164d03685567"}}}, &(0x7f0000001d00)={0x34, &(0x7f0000001800)=ANY=[@ANYBLOB="00f47300000049e9525e02898f3f0dd210a1535efa10c77f38bf3ab8ac2f2379379410790f7e254d213921d1344f8901f3cd374b612eb1c753763c430bebeff514a26d092a38be4f807413ad8ab00a3a5c8d218583d042e8e07d7c0b936f27cb3ce32d503f772cf7845b1449df7aa5fde7a715f8d47f09d529140f66030c09b2d8b4caa8d3b6488a"], &(0x7f0000001bc0)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000001c00)={0x0, 0x8, 0x1, 0xff}, &(0x7f0000001c40)={0x20, 0x0, 0x7, {0x5, "819448f6ac"}}, &(0x7f0000001c80)={0x20, 0x1, 0x1, 0xb}, &(0x7f0000001cc0)={0x20, 0x0, 0x1, 0x3}})
socket$inet_mptcp(0x2, 0x1, 0x106)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
dup(r10)

kernel console output (not intermixed with test programs):

8 #0
[   87.408655][ T6012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.408668][ T6012] Call Trace:
[   87.408675][ T6012]  <TASK>
[   87.408683][ T6012]  dump_stack_lvl+0x241/0x360
[   87.408716][ T6012]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.408736][ T6012]  ? __pfx__printk+0x10/0x10
[   87.408770][ T6012]  ? __pfx_lock_release+0x10/0x10
[   87.408808][ T6012]  should_fail_ex+0x40a/0x550
[   87.408844][ T6012]  _copy_from_user+0x2d/0xb0
[   87.408873][ T6012]  copy_msghdr_from_user+0xae/0x680
[   87.408925][ T6012]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   87.408951][ T6012]  ? __fget_files+0x2a/0x410
[   87.408976][ T6012]  ? __fget_files+0x2a/0x410
[   87.409007][ T6012]  __sys_recvmsg+0x200/0x390
[   87.409034][ T6012]  ? __pfx___sys_recvmsg+0x10/0x10
[   87.409069][ T6012]  ? __fget_files+0x2a/0x410
[   87.409105][ T6012]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   87.409143][ T6012]  ? do_syscall_64+0x100/0x230
[   87.409177][ T6012]  ? do_syscall_64+0xb6/0x230
[   87.409210][ T6012]  do_syscall_64+0xf3/0x230
[   87.409241][ T6012]  ? clear_bhb_loop+0x35/0x90
[   87.409273][ T6012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.409300][ T6012] RIP: 0033:0x7fadbe98d169
[   87.409318][ T6012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.409334][ T6012] RSP: 002b:00007fadbf7c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   87.409356][ T6012] RAX: ffffffffffffffda RBX: 00007fadbeba5fa0 RCX: 00007fadbe98d169
[   87.409371][ T6012] RDX: 0000000000000000 RSI: 0000400000002a80 RDI: 0000000000000003
[   87.409382][ T6012] RBP: 00007fadbf7c4090 R08: 0000000000000000 R09: 0000000000000000
[   87.409395][ T6012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.409407][ T6012] R13: 0000000000000000 R14: 00007fadbeba5fa0 R15: 00007ffc541842b8
[   87.409436][ T6012]  </TASK>
[   87.619155][ T6015] FAULT_INJECTION: forcing a failure.
[   87.619155][ T6015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.633036][ T6015] CPU: 1 UID: 0 PID: 6015 Comm: syz.3.30 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[   87.633063][ T6015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.633075][ T6015] Call Trace:
[   87.633082][ T6015]  <TASK>
[   87.633090][ T6015]  dump_stack_lvl+0x241/0x360
[   87.633127][ T6015]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.633148][ T6015]  ? __pfx__printk+0x10/0x10
[   87.633179][ T6015]  ? __mutex_unlock_slowpath+0x227/0x800
[   87.633210][ T6015]  ? __pfx_lock_release+0x10/0x10
[   87.633247][ T6015]  should_fail_ex+0x40a/0x550
[   87.633282][ T6015]  strncpy_from_user+0x36/0x270
[   87.633315][ T6015]  __se_sys_add_key+0xd9/0x490
[   87.633348][ T6015]  ? __pfx___se_sys_add_key+0x10/0x10
[   87.633384][ T6015]  ? do_syscall_64+0x100/0x230
[   87.633421][ T6015]  ? __x64_sys_add_key+0x20/0xc0
[   87.633454][ T6015]  do_syscall_64+0xf3/0x230
[   87.633484][ T6015]  ? clear_bhb_loop+0x35/0x90
[   87.633516][ T6015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.633543][ T6015] RIP: 0033:0x7f482af8d169
[   87.633561][ T6015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.633577][ T6015] RSP: 002b:00007f482bd8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   87.633599][ T6015] RAX: ffffffffffffffda RBX: 00007f482b1a5fa0 RCX: 00007f482af8d169
[   87.633614][ T6015] RDX: 0000400000000300 RSI: 0000000000000000 RDI: 0000400000001580
[   87.633628][ T6015] RBP: 00007f482bd8f090 R08: 00000000129af570 R09: 0000000000000000
[   87.633641][ T6015] R10: 000000000000003d R11: 0000000000000246 R12: 0000000000000001
[   87.633653][ T6015] R13: 0000000000000000 R14: 00007f482b1a5fa0 R15: 00007ffe0d1b06d8
[   87.633681][ T6015]  </TASK>
[   87.869293][ T6017] Zero length message leads to an empty skb
[   88.284635][   T30] audit: type=1326 audit(1741951507.210:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6025 comm="syz.2.32" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadbe98d169 code=0x0
[   89.517966][ T6048] FAULT_INJECTION: forcing a failure.
[   89.517966][ T6048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.531250][ T6048] CPU: 1 UID: 0 PID: 6048 Comm: syz.4.36 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[   89.531278][ T6048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   89.531290][ T6048] Call Trace:
[   89.531298][ T6048]  <TASK>
[   89.531307][ T6048]  dump_stack_lvl+0x241/0x360
[   89.531337][ T6048]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.531358][ T6048]  ? __pfx__printk+0x10/0x10
[   89.531392][ T6048]  ? __pfx_lock_release+0x10/0x10
[   89.531431][ T6048]  should_fail_ex+0x40a/0x550
[   89.531468][ T6048]  _copy_from_user+0x2d/0xb0
[   89.531498][ T6048]  copy_msghdr_from_user+0xae/0x680
[   89.531533][ T6048]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   89.531559][ T6048]  ? __fget_files+0x2a/0x410
[   89.531585][ T6048]  ? __fget_files+0x2a/0x410
[   89.531616][ T6048]  __sys_recvmsg+0x200/0x390
[   89.531644][ T6048]  ? __pfx___sys_recvmsg+0x10/0x10
[   89.531680][ T6048]  ? __fget_files+0x2a/0x410
[   89.531717][ T6048]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   89.531748][ T6048]  ? do_syscall_64+0x100/0x230
[   89.531783][ T6048]  ? do_syscall_64+0xb6/0x230
[   89.531817][ T6048]  do_syscall_64+0xf3/0x230
[   89.531848][ T6048]  ? clear_bhb_loop+0x35/0x90
[   89.531881][ T6048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.531917][ T6048] RIP: 0033:0x7f2a4738d169
[   89.531937][ T6048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.531953][ T6048] RSP: 002b:00007f2a471b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   89.531976][ T6048] RAX: ffffffffffffffda RBX: 00007f2a475a6160 RCX: 00007f2a4738d169
[   89.531991][ T6048] RDX: 0000000000000000 RSI: 00004000000005c0 RDI: 0000000000000007
[   89.532004][ T6048] RBP: 00007f2a471b7090 R08: 0000000000000000 R09: 0000000000000000
[   89.532017][ T6048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.532029][ T6048] R13: 0000000000000000 R14: 00007f2a475a6160 R15: 00007ffffca05f58
[   89.532058][ T6048]  </TASK>
[   91.597397][ T6083] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   91.630035][ T5834] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   91.646902][ T6076] netlink: 8 bytes leftover after parsing attributes in process `syz.2.41'.
[   91.657217][ T6076] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   91.891056][ T5834] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   91.954466][ T5834] usb 4-1: config 0 interface 0 has no altsetting 0
[   91.991278][ T5834] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[   92.195865][  T839] cfg80211: failed to load regulatory.db
[   92.261581][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.297587][ T6067] DRBG: could not allocate digest TFM handle: hmac(sha512)
[   92.318296][ T5834] usb 4-1: config 0 descriptor??
[   92.346822][ T6077] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   92.690859][ T6074] xt_hashlimit: size too large, truncated to 1048576
[   92.721267][ T6074] xt_hashlimit: max too large, truncated to 1048576
[   92.788763][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   92.819712][ T5834] usbhid 4-1:0.0: can't add hid device: -71
[   92.917949][ T5834] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[   92.934096][ T5834] usb 4-1: USB disconnect, device number 2
[   94.214475][ T6103] netlink: 'syz.0.49': attribute type 1 has an invalid length.
[   94.215839][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   94.249012][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.483816][ T6103] netlink: 224 bytes leftover after parsing attributes in process `syz.0.49'.
[   96.468068][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   96.476991][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   96.485839][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.168845][ T5876] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   97.218544][ T6122] netlink: 68 bytes leftover after parsing attributes in process `syz.4.53'.
[   97.361226][    T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!!
[   97.400154][ T5876] usb 3-1: Using ep0 maxpacket: 8
[   97.443643][ T5876] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[   97.467989][ T5876] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[   97.486866][ T5876] usb 3-1: Product: syz
[   97.503679][ T5876] usb 3-1: Manufacturer: syz
[   97.518937][ T5876] usb 3-1: SerialNumber: syz
[   97.542335][ T5876] usb 3-1: config 0 descriptor??
[   97.561814][ T5876] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[   98.171155][ T6120] process 'syz.2.52' launched './file0' with NULL argv: empty string added
[   98.259269][ T6115] netlink: 'syz.2.52': attribute type 8 has an invalid length.
[   98.299362][ T5876] gspca_zc3xx: reg_r err -110
[   98.304191][ T5876] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -110
[   98.342191][   T58] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   98.458811][   T30] audit: type=1800 audit(1741951516.418:11): pid=6120 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.52" name="/" dev="fuse" ino=0 res=0 errno=0
[   98.533250][   T58] usb 5-1: Using ep0 maxpacket: 8
[   98.580099][ T5834] usb 3-1: USB disconnect, device number 3
[   98.589105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   98.620038][   T58] usb 5-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=a8.17
[   98.642094][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.657441][   T58] usb 5-1: Product: syz
[   98.675601][   T58] usb 5-1: Manufacturer: syz
[   98.689574][   T58] usb 5-1: SerialNumber: syz
[   98.711408][   T58] usb 5-1: config 0 descriptor??
[   98.760238][   T58] hub 5-1:0.0: bad descriptor, ignoring hub
[   98.766238][   T58] hub 5-1:0.0: probe with driver hub failed with error -5
[   98.794674][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.808371][   T58] gspca_main: jeilinj-2.14.0 probing 0979:0270
[   98.928973][ T5938] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   98.941711][ T6126] FAULT_INJECTION: forcing a failure.
[   98.941711][ T6126] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.986694][ T6126] CPU: 0 UID: 0 PID: 6126 Comm: syz.4.55 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[   98.986717][ T6126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   98.986726][ T6126] Call Trace:
[   98.986731][ T6126]  <TASK>
[   98.986738][ T6126]  dump_stack_lvl+0x241/0x360
[   98.986759][ T6126]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.986774][ T6126]  ? __pfx__printk+0x10/0x10
[   98.986798][ T6126]  ? __pfx_lock_release+0x10/0x10
[   98.986825][ T6126]  should_fail_ex+0x40a/0x550
[   98.986851][ T6126]  _copy_from_user+0x2d/0xb0
[   98.986872][ T6126]  copy_msghdr_from_user+0xae/0x680
[   98.986898][ T6126]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   98.986917][ T6126]  ? __fget_files+0x2a/0x410
[   98.986935][ T6126]  ? __fget_files+0x2a/0x410
[   98.986956][ T6126]  __sys_sendmsg+0x209/0x350
[   98.986975][ T6126]  ? __pfx___sys_sendmsg+0x10/0x10
[   98.986998][ T6126]  ? do_sys_openat2+0x17a/0x1d0
[   98.987032][ T6126]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.987054][ T6126]  ? do_syscall_64+0x100/0x230
[   98.987079][ T6126]  ? do_syscall_64+0xb6/0x230
[   98.987109][ T6126]  do_syscall_64+0xf3/0x230
[   98.987131][ T6126]  ? clear_bhb_loop+0x35/0x90
[   98.987156][ T6126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.987176][ T6126] RIP: 0033:0x7f2a4738d169
[   98.987189][ T6126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.987200][ T6126] RSP: 002b:00007f2a471f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.987216][ T6126] RAX: ffffffffffffffda RBX: 00007f2a475a5fa0 RCX: 00007f2a4738d169
[   98.987227][ T6126] RDX: 0000000000000802 RSI: 00004000000003c0 RDI: 000000000000000c
[   98.987236][ T6126] RBP: 00007f2a471f9090 R08: 0000000000000000 R09: 0000000000000000
[   98.987245][ T6126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.987253][ T6126] R13: 0000000000000000 R14: 00007f2a475a5fa0 R15: 00007ffffca05f58
[   98.987273][ T6126]  </TASK>
[   99.217474][ T6136] FAULT_INJECTION: forcing a failure.
[   99.217474][ T6136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.238065][   T58] usb 5-1: USB disconnect, device number 2
[   99.258579][ T6136] CPU: 0 UID: 0 PID: 6136 Comm: syz.3.54 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[   99.258600][ T6136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   99.258609][ T6136] Call Trace:
[   99.258615][ T6136]  <TASK>
[   99.258622][ T6136]  dump_stack_lvl+0x241/0x360
[   99.258644][ T6136]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.258659][ T6136]  ? __pfx__printk+0x10/0x10
[   99.258686][ T6136]  ? snprintf+0xda/0x120
[   99.258715][ T6136]  should_fail_ex+0x40a/0x550
[   99.258750][ T6136]  _copy_to_user+0x31/0xb0
[   99.258780][ T6136]  simple_read_from_buffer+0xca/0x150
[   99.258814][ T6136]  proc_fail_nth_read+0x1e9/0x250
[   99.258838][ T6136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.258863][ T6136]  ? rw_verify_area+0x243/0x630
[   99.258889][ T6136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.258910][ T6136]  vfs_read+0x1f8/0xb40
[   99.258946][ T6136]  ? fdget_pos+0x254/0x320
[   99.258973][ T6136]  ? __pfx___mutex_lock+0x10/0x10
[   99.259004][ T6136]  ? __pfx_vfs_read+0x10/0x10
[   99.259027][ T6136]  ? do_sys_openat2+0x17a/0x1d0
[   99.259052][ T6136]  ? __fget_files+0x2a/0x410
[   99.259072][ T6136]  ? __fget_files+0x395/0x410
[   99.259089][ T6136]  ? __fget_files+0x2a/0x410
[   99.259116][ T6136]  ksys_read+0x18f/0x2b0
[   99.259146][ T6136]  ? __pfx_ksys_read+0x10/0x10
[   99.259173][ T6136]  ? do_syscall_64+0x100/0x230
[   99.259204][ T6136]  ? do_syscall_64+0xb6/0x230
[   99.259228][ T6136]  do_syscall_64+0xf3/0x230
[   99.259250][ T6136]  ? clear_bhb_loop+0x35/0x90
[   99.259274][ T6136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.259294][ T6136] RIP: 0033:0x7f482af8bb7c
[   99.259315][ T6136] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   99.259327][ T6136] RSP: 002b:00007f482bd6e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   99.259343][ T6136] RAX: ffffffffffffffda RBX: 00007f482b1a6080 RCX: 00007f482af8bb7c
[   99.259354][ T6136] RDX: 000000000000000f RSI: 00007f482bd6e0a0 RDI: 0000000000000003
[   99.259363][ T6136] RBP: 00007f482bd6e090 R08: 0000000000000000 R09: 0000000000000000
[   99.259372][ T6136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.259380][ T6136] R13: 0000000000000000 R14: 00007f482b1a6080 R15: 00007ffe0d1b06d8
[   99.259401][ T6136]  </TASK>
[   99.503728][ T5834] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   99.542340][ T5938] usb 2-1: Using ep0 maxpacket: 16
[   99.554160][ T5938] usb 2-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[   99.563345][ T5938] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.572862][ T5938] usb 2-1: Product: syz
[   99.578827][ T5938] usb 2-1: Manufacturer: syz
[   99.583484][ T5938] usb 2-1: SerialNumber: syz
[   99.595956][ T5938] usb 2-1: config 0 descriptor??
[   99.605403][ T5938] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[   99.656191][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.59'.
[   99.669666][ T5834] usb 3-1: Using ep0 maxpacket: 8
[   99.679231][ T5834] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   99.688557][ T5834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.703985][ T5834] usb 3-1: config 0 descriptor??
[   99.760425][ T6141] =======================================================
[   99.760425][ T6141] WARNING: The mand mount option has been deprecated and
[   99.760425][ T6141]          and is ignored by this kernel. Remove the mand
[   99.760425][ T6141]          option from the mount to silence this warning.
[   99.760425][ T6141] =======================================================
[   99.795335][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.816849][ T5938] gp8psk: usb in 128 operation failed.
[   99.882942][ T5938] gp8psk: usb in 137 operation failed.
[   99.914246][ T5938] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   99.936739][ T5938] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[   99.963113][ T5834] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   99.984408][ T5938] usb 2-1: media controller created
[  100.072836][ T5938] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  100.711177][ T5938] gp8psk_fe: Frontend revision 1 attached
[  100.717372][ T5938] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  100.739824][ T5938] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  100.858933][ T5938] gp8psk: usb in 138 operation failed.
[  100.878825][ T5938] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[  100.923862][ T5938] gp8psk: found Genpix USB device pID = 201 (hex)
[  100.935208][ T6150] FAULT_INJECTION: forcing a failure.
[  100.935208][ T6150] name failslab, interval 1, probability 0, space 0, times 0
[  100.965547][ T6152] FAULT_INJECTION: forcing a failure.
[  100.965547][ T6152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.985159][ T5938] usb 2-1: USB disconnect, device number 3
[  101.032878][ T6150] CPU: 0 UID: 0 PID: 6150 Comm: syz.1.63 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  101.032906][ T6150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.032919][ T6150] Call Trace:
[  101.032926][ T6150]  <TASK>
[  101.032938][ T6150]  dump_stack_lvl+0x241/0x360
[  101.032967][ T6150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.032996][ T6150]  ? __pfx__printk+0x10/0x10
[  101.033031][ T6150]  ? fs_reclaim_acquire+0x93/0x130
[  101.033058][ T6150]  ? __pfx___might_resched+0x10/0x10
[  101.033087][ T6150]  should_fail_ex+0x40a/0x550
[  101.033123][ T6150]  should_failslab+0xac/0x100
[  101.033158][ T6150]  __kmalloc_noprof+0xdd/0x4c0
[  101.033177][ T6150]  ? kstrtouint_from_user+0x128/0x190
[  101.033197][ T6150]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  101.033226][ T6150]  tomoyo_realpath_from_path+0xcf/0x5e0
[  101.033261][ T6150]  tomoyo_path_number_perm+0x239/0x770
[  101.033292][ T6150]  ? __lock_acquire+0x1397/0x2100
[  101.033324][ T6150]  ? tomoyo_path_number_perm+0x209/0x770
[  101.033358][ T6150]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  101.033430][ T6150]  ? __fget_files+0x2a/0x410
[  101.033457][ T6150]  ? __fget_files+0x2a/0x410
[  101.033502][ T6150]  security_file_ioctl+0xc6/0x2a0
[  101.033538][ T6150]  __se_sys_ioctl+0x46/0x170
[  101.033570][ T6150]  do_syscall_64+0xf3/0x230
[  101.033603][ T6150]  ? clear_bhb_loop+0x35/0x90
[  101.033636][ T6150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.033665][ T6150] RIP: 0033:0x7f430b98d169
[  101.033683][ T6150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.033700][ T6150] RSP: 002b:00007f430c73e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.033722][ T6150] RAX: ffffffffffffffda RBX: 00007f430bba5fa0 RCX: 00007f430b98d169
[  101.033737][ T6150] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  101.033750][ T6150] RBP: 00007f430c73e090 R08: 0000000000000000 R09: 0000000000000000
[  101.033762][ T6150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.033773][ T6150] R13: 0000000000000000 R14: 00007f430bba5fa0 R15: 00007ffc47b07a48
[  101.033803][ T6150]  </TASK>
[  101.033897][ T6150] ERROR: Out of memory at tomoyo_realpath_from_path.
[  101.180346][ T6152] CPU: 1 UID: 0 PID: 6152 Comm: syz.0.62 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  101.180377][ T6152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.180390][ T6152] Call Trace:
[  101.180399][ T6152]  <TASK>
[  101.180408][ T6152]  dump_stack_lvl+0x241/0x360
[  101.180442][ T6152]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.180470][ T6152]  ? __pfx__printk+0x10/0x10
[  101.180507][ T6152]  ? __pfx_lock_release+0x10/0x10
[  101.180549][ T6152]  should_fail_ex+0x40a/0x550
[  101.180587][ T6152]  _copy_from_user+0x2d/0xb0
[  101.180618][ T6152]  copy_msghdr_from_user+0xae/0x680
[  101.180655][ T6152]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  101.180683][ T6152]  ? __fget_files+0x2a/0x410
[  101.180710][ T6152]  ? __fget_files+0x2a/0x410
[  101.180744][ T6152]  __sys_recvmsg+0x200/0x390
[  101.180772][ T6152]  ? __pfx___sys_recvmsg+0x10/0x10
[  101.180810][ T6152]  ? __fget_files+0x2a/0x410
[  101.180849][ T6152]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  101.180882][ T6152]  ? do_syscall_64+0x100/0x230
[  101.180918][ T6152]  ? do_syscall_64+0xb6/0x230
[  101.180961][ T6152]  do_syscall_64+0xf3/0x230
[  101.180995][ T6152]  ? clear_bhb_loop+0x35/0x90
[  101.181028][ T6152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.181054][ T6152] RIP: 0033:0x7faec5d8d169
[  101.181072][ T6152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.181088][ T6152] RSP: 002b:00007faec6cb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  101.181109][ T6152] RAX: ffffffffffffffda RBX: 00007faec5fa5fa0 RCX: 00007faec5d8d169
[  101.181123][ T6152] RDX: 0000000000000000 RSI: 0000400000002a80 RDI: 0000000000000003
[  101.181136][ T6152] RBP: 00007faec6cb5090 R08: 0000000000000000 R09: 0000000000000000
[  101.181148][ T6152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.181159][ T6152] R13: 0000000000000000 R14: 00007faec5fa5fa0 R15: 00007ffd7d872b88
[  101.181189][ T6152]  </TASK>
[  101.239389][ T5876] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  101.457111][ T5938] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[  101.790496][ T6161] warning: `syz.3.65' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  102.332514][ T5834] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  102.404912][ T5834] asix 3-1:0.0: probe with driver asix failed with error -71
[  102.483539][ T5834] usb 3-1: USB disconnect, device number 4
[  102.602067][ T6168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.642327][ T6168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.665418][ T5876] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.681292][ T5876] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.705986][ T5876] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  102.721543][ T5876] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  102.749206][ T5876] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.826133][ T5876] usb 5-1: config 0 descriptor??
[  102.864555][ T6173] netlink: 'syz.0.68': attribute type 3 has an invalid length.
[  102.868906][  T839] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  102.881601][ T6173] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.68'.
[  103.011253][ T6173] trusted_key: syz.0.68 sent an empty control message without MSG_MORE.
[  103.129959][  T839] usb 4-1: Using ep0 maxpacket: 16
[  103.173254][  T839] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  103.261496][  T839] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  103.339474][  T839] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  103.468260][  T839] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  103.518515][  T839] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  103.556120][  T839] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.577497][  T839] usb 4-1: config 0 descriptor??
[  103.587794][ T6170] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  103.604791][  T839] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input8
[  104.755260][ T5876] usbhid 5-1:0.0: can't add hid device: -71
[  104.869153][ T5876] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  104.879530][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.921882][ T5876] usb 5-1: USB disconnect, device number 3
[  104.983569][ T5834] usb 4-1: USB disconnect, device number 3
[  104.989715][    C0] pxrc 4-1:0.0: pxrc_usb_irq - usb_submit_urb failed with result: -19
[  105.064695][ T6182] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  105.134763][ T6182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.71'.
[  105.144556][ T6182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.71'.
[  105.165597][ T6182] netlink: 10 bytes leftover after parsing attributes in process `syz.0.71'.
[  105.444505][ T6191] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  105.447236][ T6189] wlan0 speed is unknown, defaulting to 1000
[  105.482842][ T6189] wlan0 speed is unknown, defaulting to 1000
[  105.510995][ T6189] wlan0 speed is unknown, defaulting to 1000
[  105.535046][ T6189] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  105.570705][ T6189] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  105.687076][ T6189] wlan0 speed is unknown, defaulting to 1000
[  105.696767][ T6189] wlan0 speed is unknown, defaulting to 1000
[  105.837381][ T6189] wlan0 speed is unknown, defaulting to 1000
[  105.877280][ T6189] wlan0 speed is unknown, defaulting to 1000
[  106.152485][ T6189] wlan0 speed is unknown, defaulting to 1000
[  106.929631][ T6201] gre1: entered promiscuous mode
[  106.934800][ T6201] gre1: entered allmulticast mode
[  107.128343][ T6200] xt_CT: You must specify a L4 protocol and not use inversions on it
[  107.575975][ T6201] syz.3.74 (6201) used greatest stack depth: 18416 bytes left
[  107.783762][ T6197] siw: device registration error -23
[  110.019298][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.83'.
[  110.139362][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'.
[  110.158907][ T5938] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  110.207911][ T6225] netlink: 10 bytes leftover after parsing attributes in process `syz.1.83'.
[  110.709407][ T5938] usb 1-1: Using ep0 maxpacket: 16
[  110.766510][ T5938] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  110.786076][ T5938] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  110.802837][ T5938] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  110.818138][ T5938] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.829358][ T5938] usb 1-1: Product: syz
[  110.835792][ T5938] usb 1-1: Manufacturer: syz
[  110.840660][ T5938] usb 1-1: SerialNumber: syz
[  111.250120][  T839] IPVS: starting estimator thread 0...
[  111.440146][ T6240] IPVS: using max 24 ests per chain, 57600 per kthread
[  111.907626][ T5938] usb 1-1: 0:2 : does not exist
[  111.997295][  T839] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  112.199414][  T839] usb 3-1: Using ep0 maxpacket: 16
[  112.366588][  T839] usb 3-1: config 0 has an invalid interface number: 76 but max is 0
[  112.529108][ T5876] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  112.614947][   T30] audit: type=1326 audit(1741951530.548:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6246 comm="syz.4.90" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2a4738d169 code=0x0
[  112.654028][  T839] usb 3-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  112.732703][ T6251] FAULT_INJECTION: forcing a failure.
[  112.732703][ T6251] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  112.790735][ T5938] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  112.821521][  T839] usb 3-1: config 0 has no interface number 0
[  112.849294][ T5938] usb 1-1: USB disconnect, device number 6
[  112.855341][  T839] usb 3-1: config 0 interface 76 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  112.855397][  T839] usb 3-1: config 0 interface 76 altsetting 0 endpoint 0x9 has an invalid bInterval 64, changing to 10
[  112.855428][  T839] usb 3-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[  112.855453][  T839] usb 3-1: config 0 interface 76 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  112.855481][  T839] usb 3-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  112.857784][  T839] usb 3-1: New USB device found, idVendor=093a, idProduct=260f, bcdDevice=14.d3
[  112.873934][ T6251] CPU: 0 UID: 0 PID: 6251 Comm: syz.4.90 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  112.873971][ T6251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  112.873984][ T6251] Call Trace:
[  112.873993][ T6251]  <TASK>
[  112.874001][ T6251]  dump_stack_lvl+0x241/0x360
[  112.874034][ T6251]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.874057][ T6251]  ? __pfx__printk+0x10/0x10
[  112.874093][ T6251]  ? lockdep_hardirqs_on+0x99/0x150
[  112.874135][ T6251]  should_fail_ex+0x40a/0x550
[  112.874175][ T6251]  prepare_alloc_pages+0x1da/0x5b0
[  112.874216][ T6251]  __alloc_frozen_pages_noprof+0x16f/0x710
[  112.874260][ T6251]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  112.874316][ T6251]  alloc_pages_mpol+0x311/0x660
[  112.874360][ T6251]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  112.874418][ T6251]  vma_alloc_folio_noprof+0x12b/0x260
[  112.874458][ T6251]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  112.874496][ T6251]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  112.874534][ T6251]  folio_prealloc+0x2e/0x170
[  112.874565][ T6251]  __handle_mm_fault+0x3e4b/0x70f0
[  112.874624][ T6251]  ? __pfx___handle_mm_fault+0x10/0x10
[  112.874651][ T6251]  ? rcu_is_watching+0x15/0xb0
[  112.874678][ T6251]  ? rcu_read_unlock_special+0x497/0x570
[  112.874714][ T6251]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  112.874746][ T6251]  ? __pfx_lock_release+0x10/0x10
[  112.874791][ T6251]  ? __rcu_read_unlock+0xa1/0x110
[  112.874819][ T6251]  ? mt_find+0x2a9/0x920
[  112.874854][ T6251]  ? mt_find+0x6c8/0x920
[  112.874886][ T6251]  ? mt_find+0x2a9/0x920
[  112.874925][ T6251]  ? __pfx_mt_find+0x10/0x10
[  112.874983][ T6251]  ? find_vma+0xf9/0x170
[  112.875008][ T6251]  ? __pfx_find_vma+0x10/0x10
[  112.875031][ T6251]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  112.875067][ T6251]  handle_mm_fault+0x2c1/0x7e0
[  112.875105][ T6251]  exc_page_fault+0x2b9/0x8b0
[  112.875143][ T6251]  asm_exc_page_fault+0x26/0x30
[  112.875173][ T6251] RIP: 0010:rep_movs_alternative+0x33/0x70
[  112.875201][ T6251] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  112.875218][ T6251] RSP: 0018:ffffc9001b1d7878 EFLAGS: 00050246
[  112.875240][ T6251] RAX: 0a30360a38350a31 RBX: 0000000000000008 RCX: 0000000000000008
[  112.875261][ T6251] RDX: 0000000000000000 RSI: ffff888027d62000 RDI: 0000400000001740
[  112.875276][ T6251] RBP: ffffc9001b1d79e8 R08: ffff888027d62007 R09: 1ffff11004fac400
[  112.875292][ T6251] R10: dffffc0000000000 R11: ffffed1004fac401 R12: ffffc9001b1d7d68
[  112.875308][ T6251] R13: 1ffff9200363afad R14: ffff888027d62000 R15: 0000000000000008
[  112.875344][ T6251]  _copy_to_iter+0x260/0x1c40
[  112.875372][ T6251]  ? __pfx_preempt_schedule+0x10/0x10
[  112.875402][ T6251]  ? __pfx_lock_release+0x10/0x10
[  112.875442][ T6251]  ? preempt_schedule_thunk+0x1a/0x30
[  112.875472][ T6251]  ? __pfx__copy_to_iter+0x10/0x10
[  112.875501][ T6251]  ? __virt_addr_valid+0x449/0x530
[  112.875535][ T6251]  ? __virt_addr_valid+0x4e1/0x530
[  112.875570][ T6251]  ? __virt_addr_valid+0x45f/0x530
[  112.875604][ T6251]  ? __phys_addr_symbol+0x2f/0x70
[  112.875646][ T6251]  seq_read_iter+0xb80/0xd70
[  112.875699][ T6251]  do_iter_readv_writev+0x71a/0x9d0
[  112.875739][ T6251]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  112.875783][ T6251]  ? rw_verify_area+0x243/0x630
[  112.875817][ T6251]  vfs_readv+0x2b3/0xa80
[  112.875844][ T6251]  ? __mutex_lock+0x397/0x1010
[  112.875883][ T6251]  ? __pfx_vfs_readv+0x10/0x10
[  112.875926][ T6251]  ? __fget_files+0x2a/0x410
[  112.875952][ T6251]  ? __fget_files+0x395/0x410
[  112.875974][ T6251]  ? __fget_files+0x2a/0x410
[  112.876008][ T6251]  do_readv+0x1b6/0x360
[  112.876029][ T6251]  ? irqentry_exit+0x63/0x90
[  112.876059][ T6251]  ? lockdep_hardirqs_on+0x99/0x150
[  112.876094][ T6251]  ? __pfx_do_readv+0x10/0x10
[  112.876130][ T6251]  do_syscall_64+0xf3/0x230
[  112.876164][ T6251]  ? clear_bhb_loop+0x35/0x90
[  112.876199][ T6251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.876229][ T6251] RIP: 0033:0x7f2a4738d169
[  112.876254][ T6251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.876272][ T6251] RSP: 002b:00007f2a471be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  112.876293][ T6251] RAX: ffffffffffffffda RBX: 00007f2a475a6080 RCX: 00007f2a4738d169
[  112.876310][ T6251] RDX: 0000000000000001 RSI: 0000400000000340 RDI: 0000000000000005
[  112.876323][ T6251] RBP: 00007f2a471be090 R08: 0000000000000000 R09: 0000000000000000
[  112.876337][ T6251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.876351][ T6251] R13: 0000000000000000 R14: 00007f2a475a6080 R15: 00007ffffca05f58
[  112.876385][ T6251]  </TASK>
[  113.319312][ T5834] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  113.353043][  T839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.428541][ T5876] usb 2-1: config 0 interface 0 has no altsetting 0
[  113.435550][ T5876] usb 2-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  113.457533][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.477963][ T5876] usb 2-1: config 0 descriptor??
[  113.505686][ T6257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.92'.
[  113.521992][  T839] usb 3-1: Product: syz
[  113.522715][ T6257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.92'.
[  113.536390][  T839] usb 3-1: Manufacturer: syz
[  113.545230][ T6257] netlink: 'syz.0.92': attribute type 1 has an invalid length.
[  113.561676][  T839] usb 3-1: SerialNumber: syz
[  113.586648][ T6257] netlink: 10 bytes leftover after parsing attributes in process `syz.0.92'.
[  113.600066][  T839] usb 3-1: config 0 descriptor??
[  113.636931][  T839] gspca_main: pac7311-2.14.0 probing 093a:260f
[  113.640928][ T5834] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  113.660935][ T5823] udevd[5823]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  113.691280][ T5834] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  113.710030][ T5834] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.734723][ T5834] usb 4-1: Product: syz
[  113.743371][ T5834] usb 4-1: Manufacturer: syz
[  113.753381][ T5834] usb 4-1: SerialNumber: syz
[  114.037154][ T5834] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  114.196342][ T5876]  (null): keene_cmd_main failed (-110)
[  114.207678][ T5876] video4linux radio48: keene_cmd_main failed (-32)
[  114.214656][ T5876] radio-keene 2-1:0.0: V4L2 device registered as radio48
[  114.329528][  T839] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -110
[  114.353530][  T839] pac7311 3-1:0.76: probe with driver pac7311 failed with error -110
[  114.355519][ T5834] usb 4-1: USB disconnect, device number 4
[  114.373350][ T6254] usblp0:failed reading printer status (-71)
[  114.468322][ T6272] nfs: Unknown parameter '}//~\['
[  114.574869][ T6253] usblp0: removed
[  114.864647][  T839] usb 2-1: USB disconnect, device number 4
[  115.056356][ T6284] fuse: Bad value for 'fd'
[  115.067978][ T6284] netlink: 'syz.4.100': attribute type 1 has an invalid length.
[  115.113296][ T6284] netlink: 'syz.4.100': attribute type 3 has an invalid length.
[  115.149805][ T6281] syz.1.99: attempt to access beyond end of device
[  115.149805][ T6281] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0
[  115.163241][ T6281] syz.1.99: attempt to access beyond end of device
[  115.163241][ T6281] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0
[  115.176174][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  115.187066][ T6281] syz.1.99: attempt to access beyond end of device
[  115.187066][ T6281] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0
[  115.200109][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  115.211509][ T6281] syz.1.99: attempt to access beyond end of device
[  115.211509][ T6281] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  115.224507][ T6281] syz.1.99: attempt to access beyond end of device
[  115.224507][ T6281] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  115.239187][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  115.249045][ T6281] syz.1.99: attempt to access beyond end of device
[  115.249045][ T6281] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  115.262676][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  115.274402][ T6281] syz.1.99: attempt to access beyond end of device
[  115.274402][ T6281] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[  115.287416][ T6281] syz.1.99: attempt to access beyond end of device
[  115.287416][ T6281] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  115.300437][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  115.311717][ T6281] syz.1.99: attempt to access beyond end of device
[  115.311717][ T6281] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  115.324688][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  115.334757][ T6281] syz.1.99: attempt to access beyond end of device
[  115.334757][ T6281] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  115.347928][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  115.355168][ T6284] netlink: 216 bytes leftover after parsing attributes in process `syz.4.100'.
[  115.357657][ T6281] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  115.376251][ T6281] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  115.394633][ T6284] NCSI netlink: No device for ifindex 813332851
[  115.413728][ T6283] nbd1: detected capacity change from 0 to 67108884
[  115.432880][ T5823] block nbd1: Send control failed (result -89)
[  115.439929][ T5823] block nbd1: Request send failed, requeueing
[  115.450311][ T6285] netlink: 'syz.4.100': attribute type 1 has an invalid length.
[  115.450354][ T5839] block nbd1: Receive control failed (result -32)
[  115.469719][  T100] block nbd1: Dead connection, failed to find a fallback
[  115.478089][  T100] block nbd1: shutting down sockets
[  115.484270][ T6285] netlink: 'syz.4.100': attribute type 3 has an invalid length.
[  115.484630][  T100] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.504755][  T100] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.513014][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.523473][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.529664][ T6285] netlink: 216 bytes leftover after parsing attributes in process `syz.4.100'.
[  115.531881][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.549819][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.579625][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.591091][ T6285] NCSI netlink: No device for ifindex 813332851
[  115.593923][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.605572][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.614912][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.625836][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.636040][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.644526][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.653777][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.661803][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.671146][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.679113][ T5823] ldm_validate_partition_table(): Disk read failed.
[  115.686237][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.767270][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.779125][ T5823] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.788313][ T5823] Buffer I/O error on dev nbd1, logical block 0, async page read
[  115.798953][ T5823] Dev nbd1: unable to read RDB block 0
[  115.805646][ T5823]  nbd1: unable to read partition table
[  115.831922][ T5823] ldm_validate_partition_table(): Disk read failed.
[  115.855136][ T5823] Dev nbd1: unable to read RDB block 0
[  115.893287][ T5823]  nbd1: unable to read partition table
[  116.819581][ T6297] siw: device registration error -23
[  117.382362][ T6302] mmap: syz.1.104 (6302) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  117.552971][ T6305] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[  117.596319][ T6305] netlink: 4 bytes leftover after parsing attributes in process `syz.3.105'.
[  117.648951][ T6305] netlink: 10 bytes leftover after parsing attributes in process `syz.3.105'.
[  119.362948][ T6318] netlink: 8 bytes leftover after parsing attributes in process `syz.1.107'.
[  119.595742][ T5839] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  120.454463][ T5834] usb 3-1: USB disconnect, device number 5
[  120.842241][ T6337] 9pnet_virtio: no channels available for device syz
[  120.862342][ T6344] netlink: 'syz.4.113': attribute type 1 has an invalid length.
[  121.012440][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.116'.
[  121.062808][ T6344] 8021q: adding VLAN 0 to HW filter on device bond1
[  121.080572][ T6348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.116'.
[  121.104115][ T6348] netlink: 'syz.1.116': attribute type 1 has an invalid length.
[  121.148648][ T6348] netlink: 10 bytes leftover after parsing attributes in process `syz.1.116'.
[  121.216138][ T6350] netlink: 'syz.2.115': attribute type 4 has an invalid length.
[  121.244222][ T6350] netlink: 'syz.2.115': attribute type 4 has an invalid length.
[  122.268297][ T5834] IPVS: starting estimator thread 0...
[  122.390420][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  122.439184][ T6365] IPVS: using max 13 ests per chain, 31200 per kthread
[  122.689741][    T9] usb 2-1: Using ep0 maxpacket: 32
[  122.812391][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.038290][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.199099][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  123.281267][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.403544][    T9] hub 2-1:4.0: USB hub found
[  123.581703][    T9] hub 2-1:4.0: 3 ports detected
[  123.607919][    T9] hub 2-1:4.0: insufficient power available to use all downstream ports
[  123.794137][    T9] hub 2-1:4.0: hub_hub_status failed (err = -71)
[  123.828797][    T9] hub 2-1:4.0: config failed, can't get hub status (err -71)
[  123.938550][    T9] usb 2-1: USB disconnect, device number 5
[  126.697233][ T6417] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'.
[  127.767049][ T6434] ieee802154 phy1 wpan1: encryption failed: -22
[  129.209486][ T6446] netlink: 'syz.2.143': attribute type 3 has an invalid length.
[  129.217301][ T6446] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.143'.
[  130.459887][ T6453] pimreg: entered allmulticast mode
[  130.499393][ T6453] pimreg: left allmulticast mode
[  133.007834][    T9] IPVS: starting estimator thread 0...
[  133.176537][ T6480] IPVS: using max 18 ests per chain, 43200 per kthread
[  133.184005][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  136.396064][ T6510] siw: device registration error -23
[  137.858864][  T839] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  138.035554][  T839] usb 5-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  138.913539][  T839] usb 5-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  138.939008][  T839] usb 5-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  138.975839][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  139.561232][  T839] usb 5-1: New USB device found, idVendor=04b4, idProduct=de64, bcdDevice= 0.00
[  139.598904][  T839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.650571][  T839] usb 5-1: config 0 descriptor??
[  139.669325][  T839] usb 5-1: can't set config #0, error -71
[  139.689821][  T839] usb 5-1: USB disconnect, device number 4
[  145.339861][ T6547] bridge_slave_0: left allmulticast mode
[  145.407508][ T6547] bridge_slave_0: left promiscuous mode
[  145.416241][ T6547] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.925189][ T6547] bridge_slave_1: left allmulticast mode
[  145.961699][ T6547] bridge_slave_1: left promiscuous mode
[  145.978945][ T6547] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.239405][ T6547] bond0: (slave bond_slave_0): Releasing backup interface
[  146.400109][ T6547] bond0: (slave bond_slave_1): Releasing backup interface
[  146.559233][ T6547] team0: Port device team_slave_0 removed
[  147.774310][ T6547] team0: Port device team_slave_1 removed
[  147.793998][ T6547] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  149.907167][ T6547] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.106409][ T6547] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.146201][ T6547] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.887578][ T6588] siw: device registration error -23
[  152.878296][ T6592] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  152.900455][ T6592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.184'.
[  152.918341][ T6592] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.978002][ T6593] 9pnet_fd: Insufficient options for proto=fd
[  155.640778][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  155.666788][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  155.676862][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  155.678278][ T6592] bridge_slave_1 (unregistering): left allmulticast mode
[  155.691278][ T6592] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.720292][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  155.749113][ T5838] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  155.770047][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  156.321398][ T6594] wlan0 speed is unknown, defaulting to 1000
[  157.762597][ T6594] chnl_net:caif_netlink_parms(): no params data found
[  158.102599][ T5838] Bluetooth: hci5: command tx timeout
[  158.969588][ T5839] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  158.987693][ T5839] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  158.998161][ T5839] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  159.009292][ T5839] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  159.018588][ T5839] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  159.030836][ T5839] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  160.189326][ T5838] Bluetooth: hci5: command tx timeout
[  160.410563][ T5938] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  160.990137][ T6594] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.122976][ T6594] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.158896][ T5838] Bluetooth: hci6: command tx timeout
[  161.267592][ T6594] bridge_slave_0: entered allmulticast mode
[  161.330653][ T6594] bridge_slave_0: entered promiscuous mode
[  161.389226][ T6617] wlan0 speed is unknown, defaulting to 1000
[  161.449880][ T6594] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.482687][ T6594] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.490570][   T30] audit: type=1326 audit(1741951579.448:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  161.866554][ T6594] bridge_slave_1: entered allmulticast mode
[  162.470985][ T5838] Bluetooth: hci5: command tx timeout
[  162.546100][ T6594] bridge_slave_1: entered promiscuous mode
[  162.876140][   T30] audit: type=1326 audit(1741951579.478:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  163.009011][   T30] audit: type=1326 audit(1741951579.478:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  163.149079][   T30] audit: type=1326 audit(1741951579.478:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  163.263446][   T30] audit: type=1326 audit(1741951579.478:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  163.289197][ T5839] Bluetooth: hci6: command tx timeout
[  163.391711][ T6644] siw: device registration error -23
[  163.655988][   T30] audit: type=1326 audit(1741951579.478:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  164.510256][ T5839] Bluetooth: hci5: command tx timeout
[  164.757548][ T6594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.776745][   T30] audit: type=1326 audit(1741951579.478:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  164.804062][ T6594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.835590][   T30] audit: type=1326 audit(1741951580.478:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  164.888942][   T30] audit: type=1326 audit(1741951580.478:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  164.918782][   T30] audit: type=1326 audit(1741951580.478:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6630 comm="syz.1.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430b98d169 code=0x7ffc0000
[  166.109068][ T5839] Bluetooth: hci6: command tx timeout
[  166.152123][ T6594] team0: Port device team_slave_0 added
[  166.851545][ T6594] team0: Port device team_slave_1 added
[  167.213718][ T6594] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.264835][ T6594] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.408899][ T6594] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.486158][ T6657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.197'.
[  167.499972][ T6657] netlink: 4 bytes leftover after parsing attributes in process `syz.3.197'.
[  167.521948][ T6657] netlink: 26 bytes leftover after parsing attributes in process `syz.3.197'.
[  167.551820][ T6656] batman_adv: batadv0: Adding interface: dummy0
[  167.558258][ T6656] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.584110][ T6656] batman_adv: batadv0: Interface activated: dummy0
[  167.765881][ T6594] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.010181][ T6594] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.097025][ T6660] netlink: 'syz.4.198': attribute type 3 has an invalid length.
[  168.105116][ T6660] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.198'.
[  168.139749][ T6594] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.189341][ T5839] Bluetooth: hci6: command tx timeout
[  169.087117][ T6666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.199'.
[  169.138048][ T6665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.200'.
[  169.204521][ T5839] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  169.767331][ T6594] hsr_slave_0: entered promiscuous mode
[  169.879090][ T6594] hsr_slave_1: entered promiscuous mode
[  169.906447][ T6594] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.946896][ T6594] Cannot create hsr debugfs directory
[  170.084816][ T6617] chnl_net:caif_netlink_parms(): no params data found
[  171.562012][ T6221] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.754169][ T5825] syz-executor (5825) used greatest stack depth: 17552 bytes left
[  172.920765][ T6221] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.564404][ T6221] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.918207][ T6221] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.052667][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  174.052685][   T30] audit: type=1326 audit(1741951592.018:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6694 comm="syz.3.207" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f482af8d169 code=0x0
[  174.132709][   T30] audit: type=1326 audit(1741951592.028:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6694 comm="syz.3.207" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f482af8d169 code=0x0
[  174.200944][ T6617] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.254336][ T6617] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.270721][ T6617] bridge_slave_0: entered allmulticast mode
[  174.299105][ T6617] bridge_slave_0: entered promiscuous mode
[  174.345845][ T6708] x_tables: duplicate underflow at hook 2
[  174.400286][ T6617] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.407715][ T6617] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.415485][ T6617] bridge_slave_1: entered allmulticast mode
[  174.423387][ T6617] bridge_slave_1: entered promiscuous mode
[  174.514276][ T6617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.549886][ T6617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.608987][ T5920] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  174.656268][ T6617] team0: Port device team_slave_0 added
[  174.670621][ T6221] bridge_slave_1: left allmulticast mode
[  174.676585][ T6221] bridge_slave_1: left promiscuous mode
[  174.705409][ T6221] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.750251][ T6221] bridge_slave_0: left allmulticast mode
[  174.758888][ T6221] bridge_slave_0: left promiscuous mode
[  174.764874][ T6221] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.797584][ T5920] usb 4-1: unable to get BOS descriptor or descriptor too short
[  174.809585][ T5920] usb 4-1: not running at top speed; connect to a high speed hub
[  174.859634][ T5920] usb 4-1: config 17 has an invalid interface number: 8 but max is 1
[  174.867885][ T5920] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2
[  174.900705][ T5920] usb 4-1: config 17 has no interface number 0
[  174.907527][ T5920] usb 4-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0
[  174.917976][ T5920] usb 4-1: config 17 interface 8 has no altsetting 0
[  174.932134][ T5920] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  174.948900][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.959905][ T5920] usb 4-1: Product: syz
[  174.964130][ T5920] usb 4-1: Manufacturer: syz
[  174.989236][ T5920] usb 4-1: SerialNumber: syz
[  175.291748][ T6706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.440063][ T6706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.745577][ T5920] usb 4-1: selecting invalid altsetting 0
[  176.026360][ T5920] usb 4-1: USB disconnect, device number 5
[  176.531029][ T6221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.735272][ T6722] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  176.810490][ T6221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.177095][ T6221] bond0 (unregistering): Released all slaves
[  177.223067][ T6594] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  177.254095][ T6617] team0: Port device team_slave_1 added
[  177.506623][ T6594] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  177.537650][ T6594] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  177.578020][ T6728] veth0_virt_wifi: entered allmulticast mode
[  177.666965][ T6594] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  178.394302][ T6728] veth0_virt_wifi: left allmulticast mode
[  178.489765][ T6617] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.522691][ T6617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.550256][ T6617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.576288][ T6617] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.583629][ T6617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.615622][ T6617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.628832][ T5875] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  178.664482][ T6743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.220'.
[  178.676564][ T6743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.220'.
[  178.687476][ T6743] netlink: 26 bytes leftover after parsing attributes in process `syz.1.220'.
[  178.720028][ T6617] hsr_slave_0: entered promiscuous mode
[  178.726568][ T6617] hsr_slave_1: entered promiscuous mode
[  178.736087][ T6617] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.745054][ T6617] Cannot create hsr debugfs directory
[  178.768980][ T5938] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  178.802590][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  178.818765][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  178.843215][ T5875] usb 4-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  178.873885][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.885787][ T5875] usb 4-1: Product: syz
[  178.908072][ T5875] usb 4-1: Manufacturer: syz
[  178.914550][ T5875] usb 4-1: SerialNumber: syz
[  178.924524][ T5875] usb 4-1: config 0 descriptor??
[  178.937904][ T5875] adutux 4-1:0.0: interrupt endpoints not found
[  178.948923][ T5938] usb 5-1: Using ep0 maxpacket: 16
[  178.955853][ T5938] usb 5-1: config 0 has an invalid interface number: 76 but max is 0
[  178.964166][ T5938] usb 5-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  178.983162][ T5938] usb 5-1: config 0 has no interface number 0
[  179.008226][ T5938] usb 5-1: config 0 interface 76 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  179.041279][ T5938] usb 5-1: config 0 interface 76 altsetting 0 endpoint 0x9 has an invalid bInterval 64, changing to 10
[  179.069085][ T5938] usb 5-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[  179.080123][ T5938] usb 5-1: config 0 interface 76 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  179.091192][ T5938] usb 5-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  179.107946][ T6750] tipc: Started in network mode
[  179.118269][ T6750] tipc: Node identity e6c3f036ac42, cluster identity 4711
[  179.122267][ T6754] netlink: 4 bytes leftover after parsing attributes in process `syz.1.221'.
[  179.131360][ T5938] usb 5-1: New USB device found, idVendor=093a, idProduct=260f, bcdDevice=14.d3
[  179.148813][ T5938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.159981][ T6750] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.169855][ T5873] usb 4-1: USB disconnect, device number 6
[  179.180675][ T5938] usb 5-1: Product: syz
[  179.184897][ T5938] usb 5-1: Manufacturer: syz
[  179.209259][ T5938] usb 5-1: SerialNumber: syz
[  179.228213][ T5938] usb 5-1: config 0 descriptor??
[  179.254564][ T5938] gspca_main: pac7311-2.14.0 probing 093a:260f
[  179.291820][ T5842] wlan0 speed is unknown, defaulting to 1000
[  179.311461][ T5842] infiniband syz2: ib_query_port failed (-19)
[  179.343753][ T6750] netlink: 24 bytes leftover after parsing attributes in process `syz.1.221'.
[  179.375489][ T6748] tipc: Disabling bearer <eth:syzkaller0>
[  179.489301][ T6221] hsr_slave_0: left promiscuous mode
[  179.502036][ T6221] hsr_slave_1: left promiscuous mode
[  179.513658][ T6221] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.533534][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.556980][ T6221] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.595505][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.675874][ T6221] veth1_macvtap: left promiscuous mode
[  179.682129][ T6221] veth0_macvtap: left promiscuous mode
[  179.687951][ T6221] veth1_vlan: left promiscuous mode
[  179.693642][ T6221] veth0_vlan: left promiscuous mode
[  179.976649][ T5938] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -110
[  180.021005][ T5938] pac7311 5-1:0.76: probe with driver pac7311 failed with error -110
[  180.148120][ T6771] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  182.059527][ T5938] usb 5-1: USB disconnect, device number 5
[  183.379628][ T6800] overlayfs: missing 'workdir'
[  183.425426][ T6803] netlink: 112 bytes leftover after parsing attributes in process `syz.4.233'.
[  184.425172][ T6221] team0 (unregistering): Port device team_slave_1 removed
[  185.284546][ T6221] team0 (unregistering): Port device team_slave_0 removed
[  185.916518][ T6594] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.994629][ T6594] 8021q: adding VLAN 0 to HW filter on device team0
[  186.054815][ T1313] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.062007][ T1313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.123175][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.130343][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.353321][ T6617] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  186.400000][ T6617] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  186.452603][ T6617] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  186.459790][ T5875] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  186.571577][ T6617] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  186.620302][ T5875] usb 2-1: Using ep0 maxpacket: 16
[  186.658347][ T5875] usb 2-1: config 0 has an invalid interface number: 76 but max is 0
[  186.683288][ T5875] usb 2-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  186.757793][ T5875] usb 2-1: config 0 has no interface number 0
[  186.779094][ T5875] usb 2-1: config 0 interface 76 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  186.810621][ T6221] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.821624][ T5875] usb 2-1: config 0 interface 76 altsetting 0 endpoint 0x9 has an invalid bInterval 64, changing to 10
[  186.866948][ T5875] usb 2-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[  186.891405][ T5875] usb 2-1: config 0 interface 76 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  186.922929][ T5875] usb 2-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  186.953678][ T5875] usb 2-1: New USB device found, idVendor=093a, idProduct=260f, bcdDevice=14.d3
[  186.985047][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.007754][ T5875] usb 2-1: Product: syz
[  187.022519][ T5875] usb 2-1: Manufacturer: syz
[  187.027169][ T5875] usb 2-1: SerialNumber: syz
[  187.093771][ T5875] usb 2-1: config 0 descriptor??
[  187.109052][ T6221] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.134583][ T5875] gspca_main: pac7311-2.14.0 probing 093a:260f
[  187.248514][ T6594] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.286761][ T6854] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  187.304130][ T6855] overlayfs: missing 'workdir'
[  187.315817][ T6221] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.480549][ T6617] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.566255][ T6862] netlink: 8 bytes leftover after parsing attributes in process `syz.3.244'.
[  187.664791][ T6221] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.770124][ T5875] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -110
[  188.788427][ T5875] pac7311 2-1:0.76: probe with driver pac7311 failed with error -110
[  188.973190][ T6617] 8021q: adding VLAN 0 to HW filter on device team0
[  189.050163][ T1313] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.057319][ T1313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.097163][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.104361][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.454169][ T6221] bridge_slave_1: left allmulticast mode
[  189.476013][ T6221] bridge_slave_1: left promiscuous mode
[  189.498482][ T6221] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.525315][ T6221] bridge_slave_0: left allmulticast mode
[  189.534285][ T6221] bridge_slave_0: left promiscuous mode
[  189.546872][ T6221] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.033928][ T5834] usb 2-1: USB disconnect, device number 7
[  191.436469][ T6908] netlink: 'syz.3.251': attribute type 1 has an invalid length.
[  191.444305][ T6908] netlink: 224 bytes leftover after parsing attributes in process `syz.3.251'.
[  191.539861][ T6913] overlayfs: missing 'lowerdir'
[  191.636018][ T6221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.667765][ T6221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.691500][ T6221] bond0 (unregistering): Released all slaves
[  191.972393][ T6594] veth0_vlan: entered promiscuous mode
[  192.194594][ T6924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.256'.
[  192.203628][ T6924] netlink: 4 bytes leftover after parsing attributes in process `syz.1.256'.
[  192.214290][ T6922] capability: warning: `syz.4.255' uses deprecated v2 capabilities in a way that may be insecure
[  192.224910][ T6924] netlink: 26 bytes leftover after parsing attributes in process `syz.1.256'.
[  192.449945][ T6931] wlan0 speed is unknown, defaulting to 1000
[  192.456234][ T6931] wlan0 speed is unknown, defaulting to 1000
[  192.476891][ T6594] veth1_vlan: entered promiscuous mode
[  192.799144][ T6931] wlan0 speed is unknown, defaulting to 1000
[  192.854426][ T6936] FAULT_INJECTION: forcing a failure.
[  192.854426][ T6936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.905748][ T6936] CPU: 0 UID: 0 PID: 6936 Comm: syz.4.259 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  192.905773][ T6936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  192.905783][ T6936] Call Trace:
[  192.905790][ T6936]  <TASK>
[  192.905797][ T6936]  dump_stack_lvl+0x241/0x360
[  192.905821][ T6936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.905838][ T6936]  ? __pfx__printk+0x10/0x10
[  192.905865][ T6936]  ? __pfx_lock_release+0x10/0x10
[  192.905895][ T6936]  should_fail_ex+0x40a/0x550
[  192.905925][ T6936]  _copy_from_user+0x2d/0xb0
[  192.905950][ T6936]  copy_msghdr_from_user+0xae/0x680
[  192.905980][ T6936]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  192.906002][ T6936]  ? __fget_files+0x2a/0x410
[  192.906024][ T6936]  ? __fget_files+0x2a/0x410
[  192.906052][ T6936]  __sys_sendmsg+0x209/0x350
[  192.906074][ T6936]  ? __pfx___sys_sendmsg+0x10/0x10
[  192.906101][ T6936]  ? do_sys_openat2+0x17a/0x1d0
[  192.906139][ T6936]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  192.906163][ T6936]  ? do_syscall_64+0x100/0x230
[  192.906192][ T6936]  ? do_syscall_64+0xb6/0x230
[  192.906219][ T6936]  do_syscall_64+0xf3/0x230
[  192.906243][ T6936]  ? clear_bhb_loop+0x35/0x90
[  192.906271][ T6936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.906296][ T6936] RIP: 0033:0x7f2a4738d169
[  192.906319][ T6936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.906333][ T6936] RSP: 002b:00007f2a471f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.906359][ T6936] RAX: ffffffffffffffda RBX: 00007f2a475a5fa0 RCX: 00007f2a4738d169
[  192.906371][ T6936] RDX: 0000000000000802 RSI: 00004000000003c0 RDI: 0000000000000003
[  192.906381][ T6936] RBP: 00007f2a471f9090 R08: 0000000000000000 R09: 0000000000000000
[  192.906390][ T6936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.906399][ T6936] R13: 0000000000000000 R14: 00007f2a475a5fa0 R15: 00007ffffca05f58
[  192.906423][ T6936]  </TASK>
[  193.146053][ T6931] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  193.468027][ T6931] wlan0 speed is unknown, defaulting to 1000
[  193.584179][ T6931] wlan0 speed is unknown, defaulting to 1000
[  193.591881][ T6617] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.636131][ T6931] wlan0 speed is unknown, defaulting to 1000
[  193.646521][ T6594] veth0_macvtap: entered promiscuous mode
[  193.655061][ T6931] wlan0 speed is unknown, defaulting to 1000
[  193.693737][ T6594] veth1_macvtap: entered promiscuous mode
[  193.726608][ T6931] wlan0 speed is unknown, defaulting to 1000
[  193.778257][ T6594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.836993][ T6594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.872990][ T6594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.905024][ T6594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.929028][ T6594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.960200][ T6594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.003378][ T6594] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.043031][ T6931] wlan0 speed is unknown, defaulting to 1000
[  194.052457][ T6950] syzkaller1: entered promiscuous mode
[  194.074752][ T6950] syzkaller1: entered allmulticast mode
[  194.119940][ T6221] hsr_slave_0: left promiscuous mode
[  194.133641][ T6221] hsr_slave_1: left promiscuous mode
[  194.155558][ T6221] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.162363][ T6964] overlayfs: missing 'lowerdir'
[  194.174414][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.193945][ T6221] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.205504][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.274157][ T6221] veth1_macvtap: left promiscuous mode
[  194.295927][ T6221] veth0_macvtap: left promiscuous mode
[  194.307009][ T6221] veth1_vlan: left promiscuous mode
[  194.313547][ T6221] veth0_vlan: left promiscuous mode
[  194.619597][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  195.874397][ T6221] team0 (unregistering): Port device team_slave_1 removed
[  196.790173][ T6221] team0 (unregistering): Port device team_slave_0 removed
[  198.276952][ T6594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.288201][ T6594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.298407][ T6594] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.309180][ T6594] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.325525][ T6594] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.460572][ T6594] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.470607][ T6594] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.515365][ T6594] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.524579][ T6594] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.407550][ T6995] netlink: 'syz.4.269': attribute type 3 has an invalid length.
[  199.415716][ T6995] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.269'.
[  199.956504][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.270'.
[  199.997880][ T1313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.277079][ T1313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.542780][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.270'.
[  200.592904][ T6997] netlink: 26 bytes leftover after parsing attributes in process `syz.3.270'.
[  200.618844][ T6997] nbd: socks must be embedded in a SOCK_ITEM attr
[  200.620200][ T6617] veth0_vlan: entered promiscuous mode
[  200.657801][ T6617] veth1_vlan: entered promiscuous mode
[  200.786553][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.829860][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.857012][ T6617] veth0_macvtap: entered promiscuous mode
[  200.871582][ T6617] veth1_macvtap: entered promiscuous mode
[  200.887385][ T6617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.909316][ T7011] siw: device registration error -23
[  200.930605][ T6617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.060597][ T7012] netlink: 'syz.3.273': attribute type 1 has an invalid length.
[  201.068394][ T7012] netlink: 224 bytes leftover after parsing attributes in process `syz.3.273'.
[  201.090736][ T6617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.115323][ T6617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.518869][ T6617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.571854][ T6617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.600298][ T6617] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.797294][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  201.803863][ T5135] Bluetooth: hci1: command 0x0406 tx timeout
[  201.810266][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  202.276982][ T6617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.325904][ T6617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.398825][ T6617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.434038][ T6617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.455969][ T6617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.508955][ T6617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.542828][ T6617] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.592741][ T6617] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.652438][ T6617] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.799741][ T6617] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.949104][ T6617] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.500537][ T5838] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  204.417165][ T7036] netlink: 'syz.1.277': attribute type 3 has an invalid length.
[  204.427313][ T7036] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.277'.
[  205.461664][ T5842] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  205.562086][ T6221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.634090][ T6221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.791866][ T6221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.855379][ T6221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.028297][ T7055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[  206.085573][ T7055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.281'.
[  206.129641][ T7055] netlink: 26 bytes leftover after parsing attributes in process `syz.1.281'.
[  206.173435][ T7055] nbd: socks must be embedded in a SOCK_ITEM attr
[  206.410869][ T5842] usb 5-1: device descriptor read/64, error -71
[  206.648872][ T5842] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  206.840346][ T5842] usb 5-1: device descriptor read/64, error -71
[  206.951819][ T5876] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  206.987926][ T5842] usb usb5-port1: attempt power cycle
[  207.120538][ T7076] netlink: 'syz.5.284': attribute type 1 has an invalid length.
[  207.128426][ T7076] netlink: 224 bytes leftover after parsing attributes in process `syz.5.284'.
[  207.729078][ T5842] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  208.207614][ T7081] ubi31: attaching mtd0
[  208.218374][ T7081] ubi31: scanning is finished
[  208.223295][ T7081] ubi31: empty MTD device detected
[  209.015258][ T5842] usb 5-1: device descriptor read/8, error -71
[  209.168199][ T7081] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  209.175916][ T7081] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  209.183365][ T7081] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  209.190981][ T7081] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  209.198540][ T7081] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  209.205518][ T7081] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  209.214726][ T7081] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4114693572
[  209.224936][ T7081] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  209.270827][ T7086] ubi31: background thread "ubi_bgt31d" started, PID 7086
[  210.945441][ T5876] usb 7-1: unable to get BOS descriptor or descriptor too short
[  210.955880][ T5876] usb 7-1: unable to read config index 0 descriptor/start: -71
[  210.965348][ T5876] usb 7-1: can't read configurations, error -71
[  211.185188][ T5834] IPVS: starting estimator thread 0...
[  211.449051][ T7105] IPVS: using max 19 ests per chain, 45600 per kthread
[  213.395763][ T5834] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  213.978969][ T5834] usb 6-1: Using ep0 maxpacket: 16
[  214.048223][ T5834] usb 6-1: config 0 has an invalid interface number: 76 but max is 0
[  214.079178][ T5834] usb 6-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  214.100799][ T5834] usb 6-1: config 0 has no interface number 0
[  214.133990][ T5834] usb 6-1: config 0 interface 76 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  214.183310][ T7120] syzkaller1: entered promiscuous mode
[  214.190133][ T5834] usb 6-1: config 0 interface 76 altsetting 0 endpoint 0x9 has an invalid bInterval 64, changing to 10
[  214.228923][ T7120] syzkaller1: entered allmulticast mode
[  214.255143][ T5834] usb 6-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[  214.302973][ T5834] usb 6-1: config 0 interface 76 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  214.400158][ T5834] usb 6-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  214.565875][ T5834] usb 6-1: New USB device found, idVendor=093a, idProduct=260f, bcdDevice=14.d3
[  214.627782][ T5834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.710766][ T5834] usb 6-1: Product: syz
[  214.745911][ T5834] usb 6-1: Manufacturer: syz
[  214.777539][ T5834] usb 6-1: SerialNumber: syz
[  214.836833][ T5834] usb 6-1: config 0 descriptor??
[  214.888300][ T5834] gspca_main: pac7311-2.14.0 probing 093a:260f
[  215.629107][ T7148] batman_adv: batadv0: Adding interface: dummy0
[  215.635665][ T7148] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.661514][ T7148] batman_adv: batadv0: Interface activated: dummy0
[  215.699215][ T7152] overlayfs: failed to resolve './file1': -2
[  216.188802][ T5834] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -110
[  216.196858][ T5834] pac7311 6-1:0.76: probe with driver pac7311 failed with error -110
[  216.521530][ T7148] batadv0: mtu less than device minimum
[  216.529634][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.542702][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.555408][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.568068][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.580734][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.593374][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.606002][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.618694][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  216.631362][ T7148] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  217.938836][ T7159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.299'.
[  218.041520][ T5838] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  218.047998][ T5875] usb 6-1: USB disconnect, device number 2
[  218.410789][ T7169] FAULT_INJECTION: forcing a failure.
[  218.410789][ T7169] name failslab, interval 1, probability 0, space 0, times 0
[  218.430520][ T7169] CPU: 0 UID: 0 PID: 7169 Comm: syz.6.301 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  218.430553][ T7169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  218.430566][ T7169] Call Trace:
[  218.430573][ T7169]  <TASK>
[  218.430582][ T7169]  dump_stack_lvl+0x241/0x360
[  218.430612][ T7169]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.430633][ T7169]  ? __pfx__printk+0x10/0x10
[  218.430668][ T7169]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  218.430692][ T7169]  ? __pfx___might_resched+0x10/0x10
[  218.430724][ T7169]  should_fail_ex+0x40a/0x550
[  218.430760][ T7169]  should_failslab+0xac/0x100
[  218.430793][ T7169]  kmem_cache_alloc_node_noprof+0x77/0x380
[  218.430814][ T7169]  ? __alloc_skb+0x1c3/0x440
[  218.430852][ T7169]  __alloc_skb+0x1c3/0x440
[  218.430890][ T7169]  ? __pfx___alloc_skb+0x10/0x10
[  218.430919][ T7169]  ? __local_bh_enable_ip+0x168/0x200
[  218.430943][ T7169]  ? l2tp_ip_sendmsg+0x36/0x1680
[  218.430971][ T7169]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  218.430991][ T7169]  ? do_raw_spin_unlock+0x13c/0x8b0
[  218.431020][ T7169]  sock_wmalloc+0xab/0x120
[  218.431046][ T7169]  l2tp_ip_sendmsg+0x1bd/0x1680
[  218.431082][ T7169]  ? inet_sendmsg+0x330/0x390
[  218.431119][ T7169]  __sock_sendmsg+0x1a6/0x270
[  218.431151][ T7169]  ____sys_sendmsg+0x53a/0x860
[  218.431183][ T7169]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.431203][ T7169]  ? __fget_files+0x2a/0x410
[  218.431239][ T7169]  ? __fget_files+0x2a/0x410
[  218.431272][ T7169]  __sys_sendmmsg+0x36a/0x720
[  218.431307][ T7169]  ? __pfx___sys_sendmmsg+0x10/0x10
[  218.431344][ T7169]  ? __pfx_lock_release+0x10/0x10
[  218.431372][ T7169]  ? kstrtouint_from_user+0x128/0x190
[  218.431427][ T7169]  ? ksys_write+0x22a/0x2b0
[  218.431455][ T7169]  ? __pfx_lock_release+0x10/0x10
[  218.431492][ T7169]  ? sb_end_write+0xe9/0x1c0
[  218.431514][ T7169]  ? vfs_write+0x7fa/0xd10
[  218.431544][ T7169]  ? __mutex_unlock_slowpath+0x227/0x800
[  218.431608][ T7169]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  218.431641][ T7169]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.431673][ T7169]  ? do_syscall_64+0x100/0x230
[  218.431708][ T7169]  __x64_sys_sendmmsg+0xa0/0xb0
[  218.431733][ T7169]  do_syscall_64+0xf3/0x230
[  218.431763][ T7169]  ? clear_bhb_loop+0x35/0x90
[  218.431795][ T7169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.431822][ T7169] RIP: 0033:0x7fe67eb8d169
[  218.431839][ T7169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.431856][ T7169] RSP: 002b:00007fe67f9ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  218.431877][ T7169] RAX: ffffffffffffffda RBX: 00007fe67eda5fa0 RCX: 00007fe67eb8d169
[  218.431893][ T7169] RDX: 00000000040000cf RSI: 0000400000000900 RDI: 0000000000000004
[  218.431905][ T7169] RBP: 00007fe67f9ca090 R08: 0000000000000000 R09: 0000000000000000
[  218.431918][ T7169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.431931][ T7169] R13: 0000000000000000 R14: 00007fe67eda5fa0 R15: 00007ffc59fcb7d8
[  218.431963][ T7169]  </TASK>
[  218.730879][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.912274][ T5876] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  219.150158][ T5876] usb 5-1: Using ep0 maxpacket: 8
[  219.161012][ T5876] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  219.253795][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  219.307697][ T5876] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.376117][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  219.394841][ T7177] FAULT_INJECTION: forcing a failure.
[  219.394841][ T7177] name failslab, interval 1, probability 0, space 0, times 0
[  219.418980][ T7177] CPU: 0 UID: 0 PID: 7177 Comm: syz.6.305 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  219.419011][ T7177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  219.419029][ T7177] Call Trace:
[  219.419037][ T7177]  <TASK>
[  219.419047][ T7177]  dump_stack_lvl+0x241/0x360
[  219.419077][ T7177]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.419099][ T7177]  ? __pfx__printk+0x10/0x10
[  219.419133][ T7177]  ? fs_reclaim_acquire+0x93/0x130
[  219.419162][ T7177]  ? __pfx___might_resched+0x10/0x10
[  219.419191][ T7177]  should_fail_ex+0x40a/0x550
[  219.419230][ T7177]  should_failslab+0xac/0x100
[  219.419266][ T7177]  __kmalloc_noprof+0xdd/0x4c0
[  219.419286][ T7177]  ? kstrtouint_from_user+0x128/0x190
[  219.419308][ T7177]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  219.419340][ T7177]  tomoyo_realpath_from_path+0xcf/0x5e0
[  219.419385][ T7177]  tomoyo_path_number_perm+0x239/0x770
[  219.419419][ T7177]  ? __lock_acquire+0x1397/0x2100
[  219.419452][ T7177]  ? tomoyo_path_number_perm+0x209/0x770
[  219.419487][ T7177]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  219.419562][ T7177]  ? __fget_files+0x2a/0x410
[  219.419601][ T7177]  ? __fget_files+0x2a/0x410
[  219.419629][ T7177]  security_file_ioctl+0xc6/0x2a0
[  219.419681][ T7177]  __se_sys_ioctl+0x46/0x170
[  219.419713][ T7177]  do_syscall_64+0xf3/0x230
[  219.419745][ T7177]  ? clear_bhb_loop+0x35/0x90
[  219.419780][ T7177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.419809][ T7177] RIP: 0033:0x7fe67eb8d169
[  219.419828][ T7177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.419846][ T7177] RSP: 002b:00007fe67f9ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  219.419868][ T7177] RAX: ffffffffffffffda RBX: 00007fe67eda5fa0 RCX: 00007fe67eb8d169
[  219.419884][ T7177] RDX: 0000400000000000 RSI: 00000000c0045516 RDI: 0000000000000003
[  219.419898][ T7177] RBP: 00007fe67f9ca090 R08: 0000000000000000 R09: 0000000000000000
[  219.419911][ T7177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.419924][ T7177] R13: 0000000000000000 R14: 00007fe67eda5fa0 R15: 00007ffc59fcb7d8
[  219.419956][ T7177]  </TASK>
[  219.420008][ T7177] ERROR: Out of memory at tomoyo_realpath_from_path.
[  219.429050][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  219.458869][    T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  219.531687][ T5876] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  219.692807][ T7183] netlink: 8 bytes leftover after parsing attributes in process `syz.6.306'.
[  219.704017][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  219.715991][ T5876] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.742692][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  219.744404][    T9] usb 6-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[  219.753952][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  219.800605][ T5838] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  219.879060][    T9] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  219.916245][    T9] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  219.970553][ T5876] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  220.004056][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.016557][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  220.027948][    T9] usb 6-1: Product: syz
[  220.036218][    T9] usb 6-1: Manufacturer: syz
[  220.103889][    T9] usb 6-1: SerialNumber: syz
[  220.119800][ T5876] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  220.201321][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  220.283044][ T5876] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  220.418052][ T5876] usb 5-1: string descriptor 0 read error: -22
[  220.468627][ T5876] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  220.518395][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.778134][ T5876] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  221.036070][ T5920] usb 5-1: USB disconnect, device number 10
[  221.951489][ T7210] batman_adv: batadv0: Adding interface: dummy0
[  221.958010][ T7210] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.983806][ T7210] batman_adv: batadv0: Interface activated: dummy0
[  222.757845][    T9] usb 6-1: USB disconnect, device number 3
[  223.389429][ T5839] Bluetooth: hci6: command 0x0405 tx timeout
[  223.712579][ T7228] netlink: 'syz.5.312': attribute type 3 has an invalid length.
[  223.722017][ T7228] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.312'.
[  224.275436][ T7233] siw: device registration error -23
[  227.059549][ T5875] IPVS: starting estimator thread 0...
[  227.158944][ T7247] IPVS: using max 17 ests per chain, 40800 per kthread
[  227.174889][ T7250] netlink: 8 bytes leftover after parsing attributes in process `syz.5.315'.
[  227.580732][ T5838] Bluetooth: hci5: SCO packet for unknown connection handle 0
[  228.226095][ T7252] netlink: 'syz.1.317': attribute type 1 has an invalid length.
[  228.243314][ T7252] netlink: 224 bytes leftover after parsing attributes in process `syz.1.317'.
[  229.070787][ T7276] siw: device registration error -23
[  231.206946][ T7298] netlink: 24 bytes leftover after parsing attributes in process `syz.6.324'.
[  231.447602][   T30] audit: type=1326 audit(1741951645.322:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  231.469224][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.838790][   T30] audit: type=1326 audit(1741951645.332:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  231.949877][   T30] audit: type=1326 audit(1741951645.452:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  232.089122][   T30] audit: type=1326 audit(1741951645.452:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  232.323630][   T30] audit: type=1326 audit(1741951645.452:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  232.618168][   T30] audit: type=1326 audit(1741951645.482:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe67eb8bad0 code=0x7ffc0000
[  232.836095][   T30] audit: type=1326 audit(1741951645.492:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  233.158434][   T30] audit: type=1326 audit(1741951645.502:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  233.568167][   T30] audit: type=1326 audit(1741951645.552:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  233.708804][  T839] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  233.716565][   T30] audit: type=1326 audit(1741951645.552:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7292 comm="syz.6.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe67eb8d169 code=0x7ffc0000
[  233.910476][  T839] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 769
[  233.960670][  T839] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  234.146597][  T839] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  234.273595][  T839] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.99
[  234.402033][  T839] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.662252][ T7307] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  235.634149][  T839] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  235.663905][  T839] usb 4-1: invalid MIDI in EP 0
[  235.841945][  T839] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  236.097431][ T7334] udevd[7334]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  236.851929][ T5876] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  236.990785][ T5842] usb 4-1: USB disconnect, device number 7
[  237.034713][ T5876] usb 5-1: Using ep0 maxpacket: 16
[  237.040161][  T839] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  237.082793][ T5876] usb 5-1: config 0 has an invalid interface number: 142 but max is 0
[  237.111863][ T5876] usb 5-1: config 0 has no interface number 0
[  237.137020][ T5876] usb 5-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=91.0d
[  237.220161][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.228223][ T5876] usb 5-1: Product: syz
[  237.232790][  T839] usb 7-1: device descriptor read/64, error -71
[  237.271675][ T5876] usb 5-1: Manufacturer: syz
[  237.287370][ T5876] usb 5-1: SerialNumber: syz
[  237.305002][ T5876] usb 5-1: config 0 descriptor??
[  237.510698][ T7353] batman_adv: batadv0: Adding interface: dummy0
[  237.517184][ T7353] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.543969][ T7353] batman_adv: batadv0: Interface activated: dummy0
[  238.011185][ T5876] s2255 5-1:0.142: Could not find bulk-in endpoint
[  238.017835][ T5876] Sensoray 2255 driver load failed: 0xfffffff4
[  238.048883][  T839] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  238.112906][ T5876] s2255 5-1:0.142: probe with driver s2255 failed with error -12
[  238.163419][ T7355] netlink: 64 bytes leftover after parsing attributes in process `syz.5.337'.
[  238.252627][  T839] usb 7-1: device descriptor read/64, error -71
[  238.415868][  T839] usb usb7-port1: attempt power cycle
[  238.511022][ T5876] usb 5-1: USB disconnect, device number 11
[  238.828908][  T839] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  238.894732][  T839] usb 7-1: device descriptor read/8, error -71
[  239.929216][  T839] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  240.179507][ T7380] netlink: 'syz.5.343': attribute type 1 has an invalid length.
[  240.187478][ T7380] netlink: 224 bytes leftover after parsing attributes in process `syz.5.343'.
[  240.187601][  T839] usb 7-1: device not accepting address 7, error -71
[  240.372205][  T839] usb usb7-port1: unable to enumerate USB device
[  242.203868][ T7403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.351'.
[  242.226984][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz.1.351'.
[  242.257057][ T7403] netlink: 26 bytes leftover after parsing attributes in process `syz.1.351'.
[  247.614039][ T7480] FAULT_INJECTION: forcing a failure.
[  247.614039][ T7480] name failslab, interval 1, probability 0, space 0, times 0
[  247.692661][ T7480] CPU: 0 UID: 0 PID: 7480 Comm: syz.1.362 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  247.692698][ T7480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  247.692711][ T7480] Call Trace:
[  247.692719][ T7480]  <TASK>
[  247.692728][ T7480]  dump_stack_lvl+0x241/0x360
[  247.692758][ T7480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.692781][ T7480]  ? __pfx__printk+0x10/0x10
[  247.692829][ T7480]  ? __kmalloc_cache_noprof+0x48/0x390
[  247.692881][ T7480]  ? __pfx___might_resched+0x10/0x10
[  247.692915][ T7480]  should_fail_ex+0x40a/0x550
[  247.692953][ T7480]  should_failslab+0xac/0x100
[  247.692989][ T7480]  __kmalloc_cache_noprof+0x70/0x390
[  247.693036][ T7480]  ? __se_sys_mount+0x15a/0x3c0
[  247.693056][ T7480]  ? memdup_user+0x9f/0xc0
[  247.693085][ T7480]  __se_sys_mount+0x15a/0x3c0
[  247.693108][ T7480]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.693142][ T7480]  ? __pfx___se_sys_mount+0x10/0x10
[  247.693165][ T7480]  ? do_syscall_64+0x100/0x230
[  247.693201][ T7480]  ? __x64_sys_mount+0x20/0xc0
[  247.693226][ T7480]  do_syscall_64+0xf3/0x230
[  247.693257][ T7480]  ? clear_bhb_loop+0x35/0x90
[  247.693291][ T7480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.693320][ T7480] RIP: 0033:0x7f430b98d169
[  247.693339][ T7480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.693357][ T7480] RSP: 002b:00007f430c73e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  247.693380][ T7480] RAX: ffffffffffffffda RBX: 00007f430bba5fa0 RCX: 00007f430b98d169
[  247.693396][ T7480] RDX: 0000400000000b80 RSI: 0000400000000040 RDI: 0000000000000000
[  247.693410][ T7480] RBP: 00007f430c73e090 R08: 0000400000000580 R09: 0000000000000000
[  247.693424][ T7480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.693437][ T7480] R13: 0000000000000000 R14: 00007f430bba5fa0 R15: 00007ffc47b07a48
[  247.693468][ T7480]  </TASK>
[  247.947844][ T7487] netlink: 4560 bytes leftover after parsing attributes in process `syz.4.365'.
[  247.991961][ T7486] netlink: 4 bytes leftover after parsing attributes in process `syz.6.363'.
[  248.021498][ T7487] netlink: 4560 bytes leftover after parsing attributes in process `syz.4.365'.
[  248.030895][ T7487] netlink: 69 bytes leftover after parsing attributes in process `syz.4.365'.
[  248.046699][ T7492] ax25_connect(): syz.6.363 uses autobind, please contact jreuter@yaina.de
[  250.766153][ T7514] siw: device registration error -23
[  250.809099][ T7517] siw: device registration error -23
[  251.455740][ T7522] net_ratelimit: 10 callbacks suppressed
[  251.455760][ T7522] netlink: del zone limit has 4 unknown bytes
[  252.723994][ T7540] netlink: 4 bytes leftover after parsing attributes in process `syz.6.375'.
[  253.275992][ T5838] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  256.117917][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  257.401328][ T7603] IPv6: addrconf: prefix option has invalid lifetime
[  258.472796][ T7591] netlink: 'syz.1.385': attribute type 1 has an invalid length.
[  258.480688][ T7591] netlink: 224 bytes leftover after parsing attributes in process `syz.1.385'.
[  259.130597][ T7625] siw: device registration error -23
[  259.272999][ T5838] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  260.531796][ T7637] sock: sock_timestamping_bind_phc: sock not bind to device
[  260.560505][ T7637] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  260.569279][ T7637] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  260.577723][ T7637] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  260.667601][ T7638] netlink: 4 bytes leftover after parsing attributes in process `syz.5.390'.
[  260.776298][ T7646] netlink: 'syz.1.396': attribute type 3 has an invalid length.
[  260.795126][ T7646] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.396'.
[  262.532560][ T7666] netlink: 256 bytes leftover after parsing attributes in process `syz.3.401'.
[  262.555229][ T7667] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  263.583050][ T7675] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  264.938146][ T7704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.406'.
[  265.146829][ T7711] siw: device registration error -23
[  265.871587][ T7714] IPVS: ip_vs_add_dest(): server weight less than zero
[  267.621401][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.415'.
[  268.331121][ T7750] lo: entered promiscuous mode
[  268.352226][ T7750] tunl0: entered promiscuous mode
[  268.378441][ T7750] gre0: entered promiscuous mode
[  268.426366][ T7750] gretap0: entered promiscuous mode
[  268.478815][ T5920] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[  268.489439][ T7750] erspan0: entered promiscuous mode
[  268.505815][ T7750] ip_vti0: entered promiscuous mode
[  268.530424][ T7750] ip6_vti0: entered promiscuous mode
[  268.540360][ T7756] overlayfs: failed to resolve './file1': -2
[  268.544425][ T7750] sit0: entered promiscuous mode
[  268.617601][ T7750] ip6tnl0: entered promiscuous mode
[  268.629996][ T5920] usb 5-1: device descriptor read/64, error -71
[  268.666812][ T7750] ip6gre0: entered promiscuous mode
[  268.705852][ T7750] syz_tun: entered promiscuous mode
[  268.839253][ T7750] ip6gretap0: entered promiscuous mode
[  268.874566][ T7750] bridge0: entered promiscuous mode
[  268.918753][ T5920] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  268.944633][ T7750] vcan0: entered promiscuous mode
[  268.952578][ T7768] siw: device registration error -23
[  268.960663][ T7750] bond0: entered promiscuous mode
[  269.079274][ T5920] usb 5-1: device descriptor read/64, error -71
[  269.192925][ T5920] usb usb5-port1: attempt power cycle
[  269.568812][ T5920] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[  269.574536][ T7750] team0: entered promiscuous mode
[  269.607540][ T7750] batman_adv: batadv0: Interface deactivated: dummy0
[  269.623276][ T5920] usb 5-1: device descriptor read/8, error -71
[  269.630360][ T7750] dummy0: entered promiscuous mode
[  269.675055][ T7750] nlmon0: entered promiscuous mode
[  269.705883][ T7750] caif0: entered promiscuous mode
[  269.719935][ T7750] batadv0: entered promiscuous mode
[  269.774360][ T7750] vxcan0: entered promiscuous mode
[  269.799882][ T7750] vxcan1: entered promiscuous mode
[  269.840599][ T7750] veth0: entered promiscuous mode
[  269.848475][ T7780] usb usb1: usbfs: process 7780 (syz.5.423) did not claim interface 0 before use
[  269.862747][ T7750] veth1: entered promiscuous mode
[  269.892477][ T7750] wg0: entered promiscuous mode
[  269.909078][ T5920] usb 5-1: new low-speed USB device number 15 using dummy_hcd
[  269.927055][ T7750] wg1: entered promiscuous mode
[  269.948914][ T5920] usb 5-1: device descriptor read/8, error -71
[  269.996351][ T7785] siw: device registration error -23
[  270.098705][ T7750] wg2: entered promiscuous mode
[  270.113431][ T5920] usb usb5-port1: unable to enumerate USB device
[  270.142781][ T7750] veth0_to_bridge: entered promiscuous mode
[  270.174500][ T7750] bridge_slave_0: entered promiscuous mode
[  270.354953][ T7750] veth1_to_bridge: entered promiscuous mode
[  270.658478][ T7750] bridge_slave_1: entered promiscuous mode
[  270.710966][ T7750] veth0_to_bond: entered promiscuous mode
[  270.744148][ T7750] bond_slave_0: entered promiscuous mode
[  270.770605][ T7750] veth1_to_bond: entered promiscuous mode
[  270.790481][ T7750] bond_slave_1: entered promiscuous mode
[  270.807095][ T7750] veth0_to_team: entered promiscuous mode
[  270.817527][ T7750] team_slave_0: entered promiscuous mode
[  270.824206][ T7750] veth1_to_team: entered promiscuous mode
[  270.844143][ T7750] team_slave_1: entered promiscuous mode
[  270.876431][ T7750] veth0_to_batadv: entered promiscuous mode
[  270.919768][ T7750] batadv_slave_0: entered promiscuous mode
[  270.944368][ T7750] veth1_to_batadv: entered promiscuous mode
[  270.954256][ T7750] batadv_slave_1: entered promiscuous mode
[  270.964756][ T7750] xfrm0: entered promiscuous mode
[  270.974537][ T7750] veth0_to_hsr: entered promiscuous mode
[  271.017808][ T7750] veth1_to_hsr: entered promiscuous mode
[  271.043707][ T7750] hsr0: entered promiscuous mode
[  271.056828][ T7750] veth1_virt_wifi: entered promiscuous mode
[  271.067822][ T7750] veth0_virt_wifi: entered promiscuous mode
[  271.081535][ T7750] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  271.260318][ T7750] vlan0: entered promiscuous mode
[  271.265924][ T7750] vlan1: entered promiscuous mode
[  271.295706][ T7750] macvlan0: entered promiscuous mode
[  271.675050][ T7750] macvlan1: entered promiscuous mode
[  271.855819][ T7750] ipvlan0: entered promiscuous mode
[  272.010546][ T7750] ipvlan1: entered promiscuous mode
[  272.101622][ T7750] macvtap0: entered promiscuous mode
[  272.115973][ T7750] macsec0: entered promiscuous mode
[  272.131209][ T7750] geneve0: entered promiscuous mode
[  272.321987][ T7750] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  272.369068][ T7750] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.038143][ T7750] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.088735][ T7750] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.110710][ T7750] geneve1: entered promiscuous mode
[  274.183649][ T7750] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  274.230882][ T7750] netdevsim netdevsim3 netdevsim1: entered promiscuous mode
[  274.280646][ T7750] netdevsim netdevsim3 netdevsim2: entered promiscuous mode
[  274.355566][ T7750] netdevsim netdevsim3 netdevsim3: entered promiscuous mode
[  274.455547][ T7750] mac80211_hwsim hwsim3 wlan0: entered promiscuous mode
[  274.498588][ T7750] mac80211_hwsim hwsim6 wlan1: entered promiscuous mode
[  274.520765][ T7750] geneve2: entered promiscuous mode
[  274.531196][ T7750] geneve2: left allmulticast mode
[  274.539881][ T7750] gre1: left allmulticast mode
[  274.569059][ T7750] mac80211_hwsim hwsim14 wlan2: entered promiscuous mode
[  274.647251][  T839] wlan0 speed is unknown, defaulting to 1000
[  275.854049][ T7837] siw: device registration error -23
[  276.572930][ T7843] FAULT_INJECTION: forcing a failure.
[  276.572930][ T7843] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.586300][ T7843] CPU: 0 UID: 0 PID: 7843 Comm: syz.1.436 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  276.586337][ T7843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  276.586351][ T7843] Call Trace:
[  276.586359][ T7843]  <TASK>
[  276.586367][ T7843]  dump_stack_lvl+0x241/0x360
[  276.586394][ T7843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.586414][ T7843]  ? __pfx__printk+0x10/0x10
[  276.586442][ T7843]  ? __pfx_lock_release+0x10/0x10
[  276.586474][ T7843]  should_fail_ex+0x40a/0x550
[  276.586505][ T7843]  _copy_from_user+0x2d/0xb0
[  276.586530][ T7843]  copy_msghdr_from_user+0xae/0x680
[  276.586560][ T7843]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  276.586584][ T7843]  ? __fget_files+0x2a/0x410
[  276.586607][ T7843]  ? __fget_files+0x2a/0x410
[  276.586639][ T7843]  __sys_sendmsg+0x209/0x350
[  276.586671][ T7843]  ? __pfx___sys_sendmsg+0x10/0x10
[  276.586711][ T7843]  ? do_sys_openat2+0x17a/0x1d0
[  276.586764][ T7843]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  276.586797][ T7843]  ? do_syscall_64+0x100/0x230
[  276.586835][ T7843]  ? do_syscall_64+0xb6/0x230
[  276.586872][ T7843]  do_syscall_64+0xf3/0x230
[  276.586906][ T7843]  ? clear_bhb_loop+0x35/0x90
[  276.586942][ T7843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.586974][ T7843] RIP: 0033:0x7f430b98d169
[  276.586995][ T7843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.587013][ T7843] RSP: 002b:00007f430c71d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.587036][ T7843] RAX: ffffffffffffffda RBX: 00007f430bba6080 RCX: 00007f430b98d169
[  276.587054][ T7843] RDX: 0000000000000000 RSI: 00004000000001c0 RDI: 0000000000000009
[  276.587068][ T7843] RBP: 00007f430c71d090 R08: 0000000000000000 R09: 0000000000000000
[  276.587082][ T7843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.587095][ T7843] R13: 0000000000000000 R14: 00007f430bba6080 R15: 00007ffc47b07a48
[  276.587129][ T7843]  </TASK>
[  278.675223][ T7870] siw: device registration error -23
[  278.909340][ T5839] Bluetooth: hci5: command 0x0406 tx timeout
[  282.325831][ T7903] netlink: 12 bytes leftover after parsing attributes in process `syz.6.448'.
[  284.114340][ T5839] Bluetooth: hci6: command 0x0405 tx timeout
[  284.868405][ T7925] random: crng reseeded on system resumption
[  286.105719][ T7941] FAULT_INJECTION: forcing a failure.
[  286.105719][ T7941] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.177886][ T7941] CPU: 1 UID: 0 PID: 7941 Comm: syz.3.455 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  286.177917][ T7941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  286.177931][ T7941] Call Trace:
[  286.177938][ T7941]  <TASK>
[  286.177947][ T7941]  dump_stack_lvl+0x241/0x360
[  286.177976][ T7941]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.177997][ T7941]  ? __pfx__printk+0x10/0x10
[  286.178031][ T7941]  ? __pfx_lock_release+0x10/0x10
[  286.178070][ T7941]  should_fail_ex+0x40a/0x550
[  286.178106][ T7941]  _copy_from_user+0x2d/0xb0
[  286.178136][ T7941]  copy_msghdr_from_user+0xae/0x680
[  286.178171][ T7941]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  286.178198][ T7941]  ? __fget_files+0x2a/0x410
[  286.178224][ T7941]  ? __fget_files+0x2a/0x410
[  286.178254][ T7941]  __sys_sendmsg+0x209/0x350
[  286.178282][ T7941]  ? __pfx___sys_sendmsg+0x10/0x10
[  286.178317][ T7941]  ? do_sys_openat2+0x17a/0x1d0
[  286.178366][ T7941]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  286.178398][ T7941]  ? do_syscall_64+0x100/0x230
[  286.178434][ T7941]  ? do_syscall_64+0xb6/0x230
[  286.178468][ T7941]  do_syscall_64+0xf3/0x230
[  286.178498][ T7941]  ? clear_bhb_loop+0x35/0x90
[  286.178531][ T7941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.178559][ T7941] RIP: 0033:0x7f482af8d169
[  286.178577][ T7941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.178595][ T7941] RSP: 002b:00007f482bd8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  286.178622][ T7941] RAX: ffffffffffffffda RBX: 00007f482b1a5fa0 RCX: 00007f482af8d169
[  286.178637][ T7941] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000003
[  286.178650][ T7941] RBP: 00007f482bd8f090 R08: 0000000000000000 R09: 0000000000000000
[  286.178662][ T7941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.178674][ T7941] R13: 0000000000000000 R14: 00007f482b1a5fa0 R15: 00007ffe0d1b06d8
[  286.178702][ T7941]  </TASK>
[  290.161782][ T7993] fuse: Bad value for 'fd'
[  291.430809][ T8014] FAULT_INJECTION: forcing a failure.
[  291.430809][ T8014] name failslab, interval 1, probability 0, space 0, times 0
[  291.444480][ T8014] CPU: 1 UID: 0 PID: 8014 Comm: syz.4.469 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  291.444507][ T8014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  291.444520][ T8014] Call Trace:
[  291.444528][ T8014]  <TASK>
[  291.444536][ T8014]  dump_stack_lvl+0x241/0x360
[  291.444565][ T8014]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.444586][ T8014]  ? __pfx__printk+0x10/0x10
[  291.444619][ T8014]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  291.444640][ T8014]  ? __pfx___might_resched+0x10/0x10
[  291.444669][ T8014]  should_fail_ex+0x40a/0x550
[  291.444705][ T8014]  should_failslab+0xac/0x100
[  291.444740][ T8014]  __kmalloc_node_noprof+0xe1/0x4d0
[  291.444761][ T8014]  ? __kvmalloc_node_noprof+0x72/0x190
[  291.444785][ T8014]  ? seq_read_iter+0xb4/0xd70
[  291.444818][ T8014]  __kvmalloc_node_noprof+0x72/0x190
[  291.444844][ T8014]  traverse+0xd6/0x550
[  291.444882][ T8014]  seq_read_iter+0xc8c/0xd70
[  291.444910][ T8014]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  291.444957][ T8014]  seq_read+0x3a9/0x4f0
[  291.444987][ T8014]  ? __pfx_seq_read+0x10/0x10
[  291.445030][ T8014]  ? rw_verify_area+0x1ed/0x630
[  291.445054][ T8014]  ? __pfx_seq_read+0x10/0x10
[  291.445096][ T8014]  vfs_readv+0x6bc/0xa80
[  291.445127][ T8014]  ? __pfx_seq_read+0x10/0x10
[  291.445154][ T8014]  ? __pfx_vfs_readv+0x10/0x10
[  291.445191][ T8014]  ? __fget_files+0x2a/0x410
[  291.445215][ T8014]  ? __fget_files+0x395/0x410
[  291.445236][ T8014]  ? __fget_files+0x2a/0x410
[  291.445268][ T8014]  __x64_sys_preadv+0x1b7/0x2d0
[  291.445301][ T8014]  ? __pfx___x64_sys_preadv+0x10/0x10
[  291.445343][ T8014]  do_syscall_64+0xf3/0x230
[  291.445376][ T8014]  ? clear_bhb_loop+0x35/0x90
[  291.445410][ T8014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.445438][ T8014] RIP: 0033:0x7f2a4738d169
[  291.445457][ T8014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.445474][ T8014] RSP: 002b:00007f2a471d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  291.445495][ T8014] RAX: ffffffffffffffda RBX: 00007f2a475a6080 RCX: 00007f2a4738d169
[  291.445510][ T8014] RDX: 0000000000000001 RSI: 0000400000000280 RDI: 000000000000000a
[  291.445523][ T8014] RBP: 00007f2a471d8090 R08: 0000000000000004 R09: 0000000000000000
[  291.445535][ T8014] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  291.445548][ T8014] R13: 0000000000000000 R14: 00007f2a475a6080 R15: 00007ffffca05f58
[  291.445590][ T8014]  </TASK>
[  291.688693][    C1] vkms_vblank_simulate: vblank timer overrun
[  292.387151][ T8019] virtio-fs: tag <(null)> not found
[  294.831891][ T8067] IPVS: set_ctl: invalid protocol: 50 224.0.0.2:20004
[  295.685956][ T8077] netlink: 'syz.4.483': attribute type 39 has an invalid length.
[  295.850797][ T8081] input input9: cannot allocate more than FF_MAX_EFFECTS effects
[  295.932733][ T8085] netlink: 8 bytes leftover after parsing attributes in process `syz.5.484'.
[  296.051363][ T8084] netlink: 12 bytes leftover after parsing attributes in process `syz.4.483'.
[  296.076661][ T8085] netlink: 24 bytes leftover after parsing attributes in process `syz.5.484'.
[  298.595181][ T8123] netlink: 8 bytes leftover after parsing attributes in process `syz.3.491'.
[  298.638931][ T8123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.491'.
[  298.685183][ T8123] netlink: 'syz.3.491': attribute type 1 has an invalid length.
[  298.728157][ T8123] netlink: 10 bytes leftover after parsing attributes in process `syz.3.491'.
[  298.758300][ T8127] netlink: 64 bytes leftover after parsing attributes in process `syz.4.492'.
[  299.548321][ T5838] block nbd0: Receive control failed (result -32)
[  299.588687][ T5920] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  299.748885][ T5920] usb 7-1: Using ep0 maxpacket: 16
[  299.755913][ T5920] usb 7-1: config 0 has an invalid interface number: 76 but max is 0
[  299.774807][ T5920] usb 7-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  299.789078][ T5920] usb 7-1: config 0 has no interface number 0
[  299.830076][ T5920] usb 7-1: config 0 interface 76 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  299.858747][ T5920] usb 7-1: config 0 interface 76 altsetting 0 endpoint 0x9 has an invalid bInterval 64, changing to 10
[  299.898304][ T5920] usb 7-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[  299.974709][ T5920] usb 7-1: config 0 interface 76 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  299.983912][ T8141] netlink: 'syz.1.494': attribute type 1 has an invalid length.
[  299.995055][ T8141] netlink: 224 bytes leftover after parsing attributes in process `syz.1.494'.
[  300.006766][ T5920] usb 7-1: config 0 interface 76 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  300.570993][ T5920] usb 7-1: New USB device found, idVendor=093a, idProduct=260f, bcdDevice=14.d3
[  300.764308][ T5920] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.788906][ T5920] usb 7-1: Product: syz
[  300.793148][ T5920] usb 7-1: Manufacturer: syz
[  300.797793][ T5920] usb 7-1: SerialNumber: syz
[  300.818573][ T5920] usb 7-1: config 0 descriptor??
[  300.826374][ T8146] input input10: cannot allocate more than FF_MAX_EFFECTS effects
[  300.836712][ T5920] gspca_main: pac7311-2.14.0 probing 093a:260f
[  302.115350][ T5920] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -110
[  303.122167][ T5920] pac7311 7-1:0.76: probe with driver pac7311 failed with error -110
[  304.325878][  T839] usb 7-1: USB disconnect, device number 8
[  304.589120][ T5876] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  304.768906][ T5876] usb 6-1: Using ep0 maxpacket: 16
[  304.932969][ T5876] usb 6-1: device descriptor read/all, error -71
[  305.196398][ T8180] siw: device registration error -23
[  305.358796][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  306.702593][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  306.722678][    T9] usb 2-1: unable to read config index 0 descriptor/start: -71
[  306.736666][    T9] usb 2-1: can't read configurations, error -71
[  308.550373][ T8222] input input11: cannot allocate more than FF_MAX_EFFECTS effects
[  310.134208][ T8235] input: syz1 as /devices/virtual/input/input12
[  310.588739][ T5834] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  310.841257][ T5834] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  310.877754][ T5834] usb 6-1: New USB device found, idVendor=1bc7, idProduct=9010, bcdDevice=36.53
[  310.931887][ T5834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.980470][ T5834] usb 6-1: config 0 descriptor??
[  311.007701][ T5834] option 6-1:0.0: GSM modem (1-port) converter detected
[  311.588890][ T8268] netlink: 24 bytes leftover after parsing attributes in process `syz.4.520'.
[  311.904451][ T8279] netlink: 16 bytes leftover after parsing attributes in process `syz.1.519'.
[  312.653620][ T8268] netlink: 16 bytes leftover after parsing attributes in process `syz.4.520'.
[  312.673783][ T8285] syzkaller1: entered promiscuous mode
[  312.691956][ T8285] syzkaller1: entered allmulticast mode
[  312.730173][ T8277] netlink: 'syz.4.520': attribute type 10 has an invalid length.
[  312.745037][ T8267] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 324
[  313.694751][ T8277] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.702311][ T8277] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.731287][ T8277] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.738520][ T8277] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.746118][ T8277] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.753315][ T8277] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.130454][ T8291] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[  314.354578][ T8277] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  314.527631][   T13] 
[  314.530606][   T13] =============================
[  314.535560][   T13] WARNING: suspicious RCU usage
[  314.540709][   T13] 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0 Not tainted
[  314.547853][   T13] -----------------------------
[  314.552974][   T13] net/sched/sch_generic.c:1251 suspicious rcu_dereference_protected() usage!
[  314.561963][   T13] 
[  314.561963][   T13] other info that might help us debug this:
[  314.561963][   T13] 
[  314.572329][   T13] 
[  314.572329][   T13] rcu_scheduler_active = 2, debug_locks = 1
[  314.580562][   T13] 3 locks held by kworker/u8:1/13:
[  314.585704][   T13]  #0: ffff88805f742948 ((wq_completion)bond0#5){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  314.597235][   T13]  #1: ffffc90000127c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  314.610465][   T13]  #2: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  314.620268][   T13] 
[  314.620268][   T13] stack backtrace:
[  314.626191][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  314.626218][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  314.626232][   T13] Workqueue: bond0 bond_mii_monitor
[  314.626259][   T13] Call Trace:
[  314.626267][   T13]  <TASK>
[  314.626283][   T13]  dump_stack_lvl+0x241/0x360
[  314.626310][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.626332][   T13]  ? __pfx__printk+0x10/0x10
[  314.626378][   T13]  lockdep_rcu_suspicious+0x226/0x340
[  314.626417][   T13]  dev_activate+0xf8/0x1240
[  314.626443][   T13]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  314.626471][   T13]  ? lockdep_hardirqs_on+0x99/0x150
[  314.626502][   T13]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  314.626529][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  314.626558][   T13]  ? __pfx_dev_activate+0x10/0x10
[  314.626581][   T13]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  314.626608][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  314.626639][   T13]  ? rfc2863_policy+0x10e/0x3f0
[  314.626675][   T13]  linkwatch_do_dev+0xfb/0x170
[  314.626710][   T13]  ethtool_op_get_link+0x15/0x60
[  314.626736][   T13]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  314.626761][   T13]  bond_check_dev_link+0x1eb/0x4a0
[  314.626787][   T13]  ? __pfx_bond_check_dev_link+0x10/0x10
[  314.626827][   T13]  bond_mii_monitor+0x49a/0x3170
[  314.626860][   T13]  ? __lock_acquire+0x1397/0x2100
[  314.626890][   T13]  ? bond_mii_monitor+0x174/0x3170
[  314.626916][   T13]  ? do_raw_spin_unlock+0x13c/0x8b0
[  314.626949][   T13]  ? __pfx_bond_mii_monitor+0x10/0x10
[  314.626987][   T13]  ? __pfx_lock_acquire+0x10/0x10
[  314.627017][   T13]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  314.627051][   T13]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  314.627095][   T13]  ? process_scheduled_works+0x9c6/0x18e0
[  314.627121][   T13]  process_scheduled_works+0xabe/0x18e0
[  314.627178][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  314.627214][   T13]  ? assign_work+0x364/0x3d0
[  314.627245][   T13]  worker_thread+0x870/0xd30
[  314.627298][   T13]  ? __kthread_parkme+0x169/0x1d0
[  314.627331][   T13]  ? __pfx_worker_thread+0x10/0x10
[  314.627358][   T13]  kthread+0x7a9/0x920
[  314.627387][   T13]  ? __pfx_kthread+0x10/0x10
[  314.627419][   T13]  ? __pfx_worker_thread+0x10/0x10
[  314.627447][   T13]  ? __pfx_kthread+0x10/0x10
[  314.627475][   T13]  ? __pfx_kthread+0x10/0x10
[  314.627509][   T13]  ? __pfx_kthread+0x10/0x10
[  314.627538][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  314.627564][   T13]  ? lockdep_hardirqs_on+0x99/0x150
[  314.627592][   T13]  ? __pfx_kthread+0x10/0x10
[  314.627624][   T13]  ret_from_fork+0x4b/0x80
[  314.627650][   T13]  ? __pfx_kthread+0x10/0x10
[  314.627681][   T13]  ret_from_fork_asm+0x1a/0x30
[  314.627722][   T13]  </TASK>
[  315.065310][   T13] 
[  315.067742][   T13] =============================
[  315.072826][   T13] WARNING: suspicious RCU usage
[  315.077719][   T13] 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0 Not tainted
[  315.085015][   T13] -----------------------------
[  315.090014][   T13] net/sched/sch_generic.c:1229 suspicious rcu_dereference_protected() usage!
[  315.099142][   T13] 
[  315.099142][   T13] other info that might help us debug this:
[  315.099142][   T13] 
[  315.109522][   T13] 
[  315.109522][   T13] rcu_scheduler_active = 2, debug_locks = 1
[  315.117634][   T13] 3 locks held by kworker/u8:1/13:
[  315.122840][   T13]  #0: ffff88805f742948 ((wq_completion)bond0#5){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  315.134069][   T13]  #1: ffffc90000127c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  315.147120][   T13]  #2: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  315.157206][   T13] 
[  315.157206][   T13] stack backtrace:
[  315.163265][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  315.163292][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.163335][   T13] Workqueue: bond0 bond_mii_monitor
[  315.163365][   T13] Call Trace:
[  315.163372][   T13]  <TASK>
[  315.163381][   T13]  dump_stack_lvl+0x241/0x360
[  315.163409][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.163430][   T13]  ? __pfx__printk+0x10/0x10
[  315.163477][   T13]  lockdep_rcu_suspicious+0x226/0x340
[  315.163518][   T13]  transition_one_qdisc+0x8e/0x1c0
[  315.163555][   T13]  dev_activate+0x838/0x1240
[  315.163591][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  315.163622][   T13]  ? __pfx_dev_activate+0x10/0x10
[  315.163644][   T13]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  315.163672][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  315.163704][   T13]  ? rfc2863_policy+0x10e/0x3f0
[  315.163740][   T13]  linkwatch_do_dev+0xfb/0x170
[  315.163774][   T13]  ethtool_op_get_link+0x15/0x60
[  315.163801][   T13]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  315.163826][   T13]  bond_check_dev_link+0x1eb/0x4a0
[  315.163851][   T13]  ? __pfx_bond_check_dev_link+0x10/0x10
[  315.163891][   T13]  bond_mii_monitor+0x49a/0x3170
[  315.163925][   T13]  ? __lock_acquire+0x1397/0x2100
[  315.163955][   T13]  ? bond_mii_monitor+0x174/0x3170
[  315.163981][   T13]  ? do_raw_spin_unlock+0x13c/0x8b0
[  315.164011][   T13]  ? __pfx_bond_mii_monitor+0x10/0x10
[  315.164047][   T13]  ? __pfx_lock_acquire+0x10/0x10
[  315.164075][   T13]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  315.164106][   T13]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  315.164159][   T13]  ? process_scheduled_works+0x9c6/0x18e0
[  315.164186][   T13]  process_scheduled_works+0xabe/0x18e0
[  315.164243][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  315.164281][   T13]  ? assign_work+0x364/0x3d0
[  315.164313][   T13]  worker_thread+0x870/0xd30
[  315.164357][   T13]  ? __kthread_parkme+0x169/0x1d0
[  315.164389][   T13]  ? __pfx_worker_thread+0x10/0x10
[  315.164417][   T13]  kthread+0x7a9/0x920
[  315.164446][   T13]  ? __pfx_kthread+0x10/0x10
[  315.164479][   T13]  ? __pfx_worker_thread+0x10/0x10
[  315.164507][   T13]  ? __pfx_kthread+0x10/0x10
[  315.164536][   T13]  ? __pfx_kthread+0x10/0x10
[  315.164571][   T13]  ? __pfx_kthread+0x10/0x10
[  315.164599][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  315.164624][   T13]  ? lockdep_hardirqs_on+0x99/0x150
[  315.164653][   T13]  ? __pfx_kthread+0x10/0x10
[  315.164684][   T13]  ret_from_fork+0x4b/0x80
[  315.164709][   T13]  ? __pfx_kthread+0x10/0x10
[  315.164739][   T13]  ret_from_fork_asm+0x1a/0x30
[  315.164779][   T13]  </TASK>
[  315.164790][   T13] 
[  315.426822][   T13] =============================
[  315.431766][   T13] WARNING: suspicious RCU usage
[  315.436642][   T13] 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0 Not tainted
[  315.443862][   T13] -----------------------------
[  315.448788][   T13] ./include/linux/rtnetlink.h:162 suspicious rcu_dereference_protected() usage!
[  315.457837][   T13] 
[  315.457837][   T13] other info that might help us debug this:
[  315.457837][   T13] 
[  315.468193][   T13] 
[  315.468193][   T13] rcu_scheduler_active = 2, debug_locks = 1
[  315.476394][   T13] 3 locks held by kworker/u8:1/13:
[  315.481605][   T13]  #0: ffff88805f742948 ((wq_completion)bond0#5){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  315.492975][   T13]  #1: ffffc90000127c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  315.505984][   T13]  #2: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  315.515934][   T13] 
[  315.515934][   T13] stack backtrace:
[  315.522046][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  315.522073][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.522087][   T13] Workqueue: bond0 bond_mii_monitor
[  315.522115][   T13] Call Trace:
[  315.522123][   T13]  <TASK>
[  315.522132][   T13]  dump_stack_lvl+0x241/0x360
[  315.522158][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.522180][   T13]  ? __pfx__printk+0x10/0x10
[  315.522228][   T13]  lockdep_rcu_suspicious+0x226/0x340
[  315.522266][   T13]  dev_activate+0x925/0x1240
[  315.522302][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  315.522333][   T13]  ? __pfx_dev_activate+0x10/0x10
[  315.522362][   T13]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  315.522390][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  315.522422][   T13]  ? rfc2863_policy+0x10e/0x3f0
[  315.522459][   T13]  linkwatch_do_dev+0xfb/0x170
[  315.522493][   T13]  ethtool_op_get_link+0x15/0x60
[  315.522520][   T13]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  315.522546][   T13]  bond_check_dev_link+0x1eb/0x4a0
[  315.522571][   T13]  ? __pfx_bond_check_dev_link+0x10/0x10
[  315.522612][   T13]  bond_mii_monitor+0x49a/0x3170
[  315.522645][   T13]  ? __lock_acquire+0x1397/0x2100
[  315.522676][   T13]  ? bond_mii_monitor+0x174/0x3170
[  315.522702][   T13]  ? do_raw_spin_unlock+0x13c/0x8b0
[  315.522735][   T13]  ? __pfx_bond_mii_monitor+0x10/0x10
[  315.522773][   T13]  ? __pfx_lock_acquire+0x10/0x10
[  315.522804][   T13]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  315.522838][   T13]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  315.522882][   T13]  ? process_scheduled_works+0x9c6/0x18e0
[  315.522908][   T13]  process_scheduled_works+0xabe/0x18e0
[  315.522965][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  315.523002][   T13]  ? assign_work+0x364/0x3d0
[  315.523033][   T13]  worker_thread+0x870/0xd30
[  315.523077][   T13]  ? __kthread_parkme+0x169/0x1d0
[  315.523110][   T13]  ? __pfx_worker_thread+0x10/0x10
[  315.523138][   T13]  kthread+0x7a9/0x920
[  315.523166][   T13]  ? __pfx_kthread+0x10/0x10
[  315.523199][   T13]  ? __pfx_worker_thread+0x10/0x10
[  315.523225][   T13]  ? __pfx_kthread+0x10/0x10
[  315.523254][   T13]  ? __pfx_kthread+0x10/0x10
[  315.523288][   T13]  ? __pfx_kthread+0x10/0x10
[  315.523317][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  315.523343][   T13]  ? lockdep_hardirqs_on+0x99/0x150
[  315.523380][   T13]  ? __pfx_kthread+0x10/0x10
[  315.523412][   T13]  ret_from_fork+0x4b/0x80
[  315.523438][   T13]  ? __pfx_kthread+0x10/0x10
[  315.523470][   T13]  ret_from_fork_asm+0x1a/0x30
[  315.523510][   T13]  </TASK>
[  315.902795][ T5920] usb 6-1: USB disconnect, device number 6
[  315.910483][ T5920] option 6-1:0.0: device disconnected
[  316.002223][   T13] ------------[ cut here ]------------
[  316.007750][   T13] RTNL: assertion failed at net/core/dev.c (2197)
[  316.018011][   T13] WARNING: CPU: 1 PID: 13 at net/core/dev.c:2197 call_netdevice_notifiers_info+0x106/0x110
[  316.028397][   T13] Modules linked in:
[  316.032793][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  316.043611][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  316.053871][   T13] Workqueue: bond0 bond_mii_monitor
[  316.059209][   T13] RIP: 0010:call_netdevice_notifiers_info+0x106/0x110
[  316.066030][   T13] Code: cc cc cc cc e8 cb e8 ff f7 c6 05 0a 03 64 06 01 90 48 c7 c7 40 87 2d 8d 48 c7 c6 20 87 2d 8d ba 95 08 00 00 e8 cb a4 bf f7 90 <0f> 0b 90 90 e9 73 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90
[  316.085935][   T13] RSP: 0018:ffffc90000127638 EFLAGS: 00010246
[  316.092139][   T13] RAX: 35182d9e8ab3d900 RBX: ffff88805f288000 RCX: ffff88801d6c0000
[  316.100219][   T13] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  316.108236][   T13] RBP: 0000000000000000 R08: ffffffff81819d62 R09: fffffbfff1d3a69c
[  316.116500][   T13] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: dffffc0000000000
[  316.124734][   T13] R13: 1ffff92000024ecc R14: 0000000000000004 R15: ffffc90000127680
[  316.132923][   T13] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  316.141984][   T13] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.148634][   T13] CR2: 00007ffe7ed35218 CR3: 000000002fb10000 CR4: 00000000003526f0
[  316.156644][   T13] DR0: 000000000000000e DR1: 000000000000000c DR2: 000000000000000e
[  316.164715][   T13] DR3: 00000000000000b5 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  316.172784][   T13] Call Trace:
[  316.176100][   T13]  <TASK>
[  316.179139][   T13]  ? __warn+0x165/0x4d0
[  316.183343][   T13]  ? call_netdevice_notifiers_info+0x106/0x110
[  316.189781][   T13]  ? report_bug+0x2b3/0x500
[  316.194339][   T13]  ? call_netdevice_notifiers_info+0x106/0x110
[  316.200732][   T13]  ? handle_bug+0x60/0x90
[  316.205101][   T13]  ? exc_invalid_op+0x1a/0x50
[  316.209846][   T13]  ? asm_exc_invalid_op+0x1a/0x20
[  316.214933][   T13]  ? __warn_printk+0x292/0x360
[  316.219812][   T13]  ? call_netdevice_notifiers_info+0x106/0x110
[  316.226182][   T13]  ? call_netdevice_notifiers_info+0x105/0x110
[  316.232625][   T13]  netdev_state_change+0x11f/0x1a0
[  316.237787][   T13]  ? __pfx_netdev_state_change+0x10/0x10
[  316.243531][   T13]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  316.249529][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  316.255898][   T13]  ? rfc2863_policy+0x10e/0x3f0
[  316.260870][   T13]  linkwatch_do_dev+0x112/0x170
[  316.265777][   T13]  ethtool_op_get_link+0x15/0x60
[  316.270795][   T13]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  316.276471][   T13]  bond_check_dev_link+0x1eb/0x4a0
[  316.281688][   T13]  ? __pfx_bond_check_dev_link+0x10/0x10
[  316.287377][   T13]  bond_mii_monitor+0x49a/0x3170
[  316.292477][   T13]  ? __lock_acquire+0x1397/0x2100
[  316.297550][   T13]  ? bond_mii_monitor+0x174/0x3170
[  316.302789][   T13]  ? do_raw_spin_unlock+0x13c/0x8b0
[  316.308035][   T13]  ? __pfx_bond_mii_monitor+0x10/0x10
[  316.313510][   T13]  ? __pfx_lock_acquire+0x10/0x10
[  316.318582][   T13]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  316.324701][   T13]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  316.331430][   T13]  ? process_scheduled_works+0x9c6/0x18e0
[  316.337193][   T13]  process_scheduled_works+0xabe/0x18e0
[  316.343034][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  316.349114][   T13]  ? assign_work+0x364/0x3d0
[  316.353764][   T13]  worker_thread+0x870/0xd30
[  316.358503][   T13]  ? __kthread_parkme+0x169/0x1d0
[  316.363636][   T13]  ? __pfx_worker_thread+0x10/0x10
[  316.368832][   T13]  kthread+0x7a9/0x920
[  316.372950][   T13]  ? __pfx_kthread+0x10/0x10
[  316.377590][   T13]  ? __pfx_worker_thread+0x10/0x10
[  316.382839][   T13]  ? __pfx_kthread+0x10/0x10
[  316.387471][   T13]  ? __pfx_kthread+0x10/0x10
[  316.392177][   T13]  ? __pfx_kthread+0x10/0x10
[  316.396806][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  316.402223][   T13]  ? lockdep_hardirqs_on+0x99/0x150
[  316.407473][   T13]  ? __pfx_kthread+0x10/0x10
[  316.412205][   T13]  ret_from_fork+0x4b/0x80
[  316.416671][   T13]  ? __pfx_kthread+0x10/0x10
[  316.421385][   T13]  ret_from_fork_asm+0x1a/0x30
[  316.426210][   T13]  </TASK>
[  316.430148][   T13] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  316.437460][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0
[  316.448160][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  316.458242][   T13] Workqueue: bond0 bond_mii_monitor
[  316.463494][   T13] Call Trace:
[  316.466796][   T13]  <TASK>
[  316.469752][   T13]  dump_stack_lvl+0x241/0x360
[  316.474465][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.479700][   T13]  ? __pfx__printk+0x10/0x10
[  316.484340][   T13]  ? vscnprintf+0x5d/0x90
[  316.488714][   T13]  panic+0x349/0x880
[  316.492651][   T13]  ? __warn+0x174/0x4d0
[  316.496847][   T13]  ? __pfx_panic+0x10/0x10
[  316.501309][   T13]  ? ret_from_fork_asm+0x1a/0x30
[  316.506290][   T13]  __warn+0x344/0x4d0
[  316.510313][   T13]  ? call_netdevice_notifiers_info+0x106/0x110
[  316.516509][   T13]  report_bug+0x2b3/0x500
[  316.520874][   T13]  ? call_netdevice_notifiers_info+0x106/0x110
[  316.527079][   T13]  handle_bug+0x60/0x90
[  316.531275][   T13]  exc_invalid_op+0x1a/0x50
[  316.535811][   T13]  asm_exc_invalid_op+0x1a/0x20
[  316.540701][   T13] RIP: 0010:call_netdevice_notifiers_info+0x106/0x110
[  316.547502][   T13] Code: cc cc cc cc e8 cb e8 ff f7 c6 05 0a 03 64 06 01 90 48 c7 c7 40 87 2d 8d 48 c7 c6 20 87 2d 8d ba 95 08 00 00 e8 cb a4 bf f7 90 <0f> 0b 90 90 e9 73 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90
[  316.567142][   T13] RSP: 0018:ffffc90000127638 EFLAGS: 00010246
[  316.573250][   T13] RAX: 35182d9e8ab3d900 RBX: ffff88805f288000 RCX: ffff88801d6c0000
[  316.581268][   T13] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  316.589355][   T13] RBP: 0000000000000000 R08: ffffffff81819d62 R09: fffffbfff1d3a69c
[  316.597355][   T13] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: dffffc0000000000
[  316.605354][   T13] R13: 1ffff92000024ecc R14: 0000000000000004 R15: ffffc90000127680
[  316.613363][   T13]  ? __warn_printk+0x292/0x360
[  316.618209][   T13]  ? call_netdevice_notifiers_info+0x105/0x110
[  316.624407][   T13]  netdev_state_change+0x11f/0x1a0
[  316.629570][   T13]  ? __pfx_netdev_state_change+0x10/0x10
[  316.635252][   T13]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  316.641191][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  316.647559][   T13]  ? rfc2863_policy+0x10e/0x3f0
[  316.652457][   T13]  linkwatch_do_dev+0x112/0x170
[  316.657357][   T13]  ethtool_op_get_link+0x15/0x60
[  316.662334][   T13]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  316.667999][   T13]  bond_check_dev_link+0x1eb/0x4a0
[  316.673142][   T13]  ? __pfx_bond_check_dev_link+0x10/0x10
[  316.678914][   T13]  bond_mii_monitor+0x49a/0x3170
[  316.683990][   T13]  ? __lock_acquire+0x1397/0x2100
[  316.689072][   T13]  ? bond_mii_monitor+0x174/0x3170
[  316.694223][   T13]  ? do_raw_spin_unlock+0x13c/0x8b0
[  316.699467][   T13]  ? __pfx_bond_mii_monitor+0x10/0x10
[  316.704885][   T13]  ? __pfx_lock_acquire+0x10/0x10
[  316.709959][   T13]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  316.715984][   T13]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  316.722361][   T13]  ? process_scheduled_works+0x9c6/0x18e0
[  316.728113][   T13]  process_scheduled_works+0xabe/0x18e0
[  316.733730][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  316.739756][   T13]  ? assign_work+0x364/0x3d0
[  316.744388][   T13]  worker_thread+0x870/0xd30
[  316.749033][   T13]  ? __kthread_parkme+0x169/0x1d0
[  316.754103][   T13]  ? __pfx_worker_thread+0x10/0x10
[  316.759256][   T13]  kthread+0x7a9/0x920
[  316.763391][   T13]  ? __pfx_kthread+0x10/0x10
[  316.768017][   T13]  ? __pfx_worker_thread+0x10/0x10
[  316.773158][   T13]  ? __pfx_kthread+0x10/0x10
[  316.777781][   T13]  ? __pfx_kthread+0x10/0x10
[  316.782410][   T13]  ? __pfx_kthread+0x10/0x10
[  316.787035][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  316.792272][   T13]  ? lockdep_hardirqs_on+0x99/0x150
[  316.797503][   T13]  ? __pfx_kthread+0x10/0x10
[  316.802130][   T13]  ret_from_fork+0x4b/0x80
[  316.806587][   T13]  ? __pfx_kthread+0x10/0x10
[  316.811232][   T13]  ret_from_fork_asm+0x1a/0x30
[  316.816060][   T13]  </TASK>
[  316.819444][   T13] Kernel Offset: disabled
[  316.823865][   T13] Rebooting in 86400 seconds..