last executing test programs:

10.457426694s ago: executing program 3 (id=483):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
select(0xc9, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, &(0x7f00000005c0))
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x100075, 0xffefffff, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r4}, 0x10)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r6 = fanotify_init(0x8, 0x80000)
fanotify_mark(r6, 0x105, 0x4800003a, r5, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
fcntl$setown(r2, 0x8, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40000, 0x100)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x3, 0x5, 0x8, 0x3, 0x1, {0x1, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080), 0x7f03)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x1, 0x4000000)
sendto$inet6(r0, 0x0, 0x0, 0x200cc0c5, &(0x7f0000000080)={0xa, 0x4c20, 0x0, @mcast2}, 0x1c)
sendto$inet6(r0, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0)

8.168493993s ago: executing program 0 (id=488):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbff, 0x1}, 0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast2, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x9}, {0x0, 0x3, 0x0, 0x5}, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in=@empty, 0x0, 0x3c}, 0xa, @in=@loopback, 0x3500, 0x3, 0x2, 0x7}}, 0xe8)
syz_open_procfs(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r3, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000010701040000000006000000000000000c0003400000000000000008371a414a93b47351e9b36763c4d23b4c46f532c45ed9c2009e370500"], 0x20}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x0, 0x0, 0x122236002})
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.controllers\x00', 0x275a, 0x0)

8.019578248s ago: executing program 3 (id=490):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x285a}, 0x94)
setresgid(0xee00, 0xee01, 0x0)
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000200)='stack\x00')
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$GTP_CMD_DELPDP(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x7}}, {0x4}}]}]}, 0x48}}, 0x0)
readv(r2, &(0x7f0000000340)=[{&(0x7f0000000140)=""/95, 0x5f}], 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = inotify_init()
r9 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r10 = inotify_add_watch(r8, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r9, &(0x7f0000000040)=ANY=[@ANYRES64=r10], 0x69)
close(r9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r11 = getpid()
sched_setscheduler(r11, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

8.018940001s ago: executing program 4 (id=491):
syz_open_dev$video(&(0x7f0000000100), 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x18)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r3}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
socket$isdn(0x22, 0x2, 0x11)
socket$alg(0x26, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240))
r5 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x0, 0x40000335}, &(0x7f0000000500)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
symlinkat(&(0x7f0000000140)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r5, 0x847ba, 0x0, 0xc, 0x0, 0xd800)

7.638843201s ago: executing program 0 (id=492):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="08010000100001002dbd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0221000000000000140003006e657464657673696d3000000000400008000a00", @ANYRES32=0x0, @ANYBLOB="cc001680c80001800c0005"], 0x108}}, 0x24040800)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000080)={<r2=>0x0, 0x8, 0x1, 0x5}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000100)={r2, 0x3}, 0x8)

6.44747154s ago: executing program 0 (id=495):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000021c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff}) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r5, 0x0, r6, 0x0, 0x88000cc, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r8}, 0x10) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r9}, 0x10) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)

6.383959616s ago: executing program 1 (id=496):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write(r0, &(0x7f0000000180)="2cd889f0253e14f3d5ac", 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x8eff, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

6.277558785s ago: executing program 2 (id=497):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x0, 0x0}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={r1, 0x1}, 0x8)

6.203665655s ago: executing program 3 (id=498):
sched_setscheduler(0x0, 0x2, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0xffffffbe, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x48, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd4}}, 0x0)

6.197413115s ago: executing program 0 (id=499):
sched_setscheduler(0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0xffffffbe, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x48, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd4}}, 0x0)

6.080028001s ago: executing program 2 (id=500):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653", 0x5d}], 0x2, &(0x7f0000000380)}], 0x1, 0x40800)
recvmmsg$unix(r4, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000000a80)=""/14, 0xe}, {&(0x7f0000000cc0)=""/178, 0xb2}], 0x2}}], 0x1, 0x10000, 0x0)

5.95949227s ago: executing program 1 (id=501):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x440, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x103000, 0x8d)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYBLOB="9f0000005800efca69434f60bce0ea0e114acfd4c7d3c780407c56d7ebf2cfd9be230a5613329e40d2f5766109dcb91d1e01ab49b6da205e9f8e41ed"])
statx(r0, 0x0, 0x800, 0x0, &(0x7f0000000480))
sendto$rxrpc(r2, &(0x7f00000001c0)="aa854dfc8f2b8f7a9e9dfcd308759fb50ca0b63282ee765a092ba60ac4f8aed558f5d90d57f00100bd4e63814381932a1a00546c1ccb3c92b945c2aa87e358f024ec5a53b9e446d36856f5c279f59cac2f85fec07d378ca79dd3cf9fab763b890da6c52138da4b5e221548e87e9cc5c80cc7dd86c479671797c493933bfb7aea1d8655f45dc8dd42be8d84f976ed805c7c902d613ddf65f8ab", 0x99, 0xb78a4d8a6498d44d, &(0x7f0000000140)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e22, @broadcast}}, 0x24)
socket(0x22, 0x2, 0x24)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x224000, 0x0)
fsync(r4)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000080)={0xe2c1, 0x7, 0x9, 0x3, 0x12, "c052e4cc35a936f585c1843c6226153cbaacbb"})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYRES32, @ANYRES8=r4, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000300000200"/28], 0x50)
r6 = gettid()
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8)
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r6}, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
rt_sigprocmask(0x1, &(0x7f00000002c0)={[0x800]}, 0x0, 0x8)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000076000d0b00000000000000000300000000000000080001", @ANYRES64=r2, @ANYRESOCT=r5], 0x20}}, 0x0)
pread64(r4, &(0x7f0000000580)=""/127, 0xaa, 0x3)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x131682, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000180)={0x0, 0x4})

5.924259425s ago: executing program 3 (id=502):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$9p_unix(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x802ca2, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="ab", 0x1, 0x40008c4, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x2200000c)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000380)={0x2, 'vcan0\x00', {0x3}, 0x2})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), 0x0)
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000702, 0xee00, 0x0)
r2 = socket$inet(0x10, 0x3, 0xfffffffd)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7020000c3000000bf230000000000002703000000fefeff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400011000000404000001007d60b7030000000000006a0a00fe800000008500000026000000b7000000000000009500001000000000acaa8e53a53cb864c300094c07000000000000d94cf0987b00a749a8e53b5c9491cd1f2b94a64f1de23d03a8f0362ebfc44c77511e60070e25510070f7778d3e77ad85319f0113abbac795f8c24abca246150226eb93fe39233add8f68f87699162334343befce832cb8075c5f0ae30cde221371ff00000067e4b75da95370ae6fd2b99ac18f98403494d4a94e95fb8dcd813487b2bdb006c6465c15f04485a9f8c8e49d00000097184c8e9d34b1e382b25e9614634e8e09194f7b83138f5275d9ab463797a2f6dcb45d5f278cd4fb74559575da3560c01cdf1eaa3fc7a3fb4f1689dfd5b626174770e4dfd1c82a694efc62f9ef9c8c0ea1efa5b949ce22827f6fd1dfc69d03482d8ec264e3d96ad19a0c99a234b4b71b0bc22573f8594b91781cd8ff7f000000000000299ebf94588e60abe9a565c5bbdc0358226f8580dc1a83c6a44408de23475a74ef0deda8da4089269ccb4e728dee6320444576c87cc576291e5367a5f1a5d5a12f8313ffff0b7f73335279aa2b68c9f045831119881764c71bb65b5138c50e06024e80fd9656bc077e4e259695748989335ba9eeef288de73815f20fefd4acfb6813ffff00000b971aec1a3e618a08a94ecbd401c8109c87ee3f5c0501857538d2a766bfcf4128fbe726903aca577aa8943af747760718dee5a21396dce6f61c6f3c7e000000cb0868b48719e47296f2299df3ecfb5f3f0e42f6f1eb1dc64dcc8e397366d12033f6288edbda3b838100000000000000000000800000edd4e1266dc9d73223fe614f025a7f284de76b3b676a13c57a0ed24f6270c4cbbf93472eb8093d8296c68dfbb03ddedc3e029b08959b145a7b110068ba071e75d75716243052ad24b624fddc2f0f3a018c0085c2319c248d643cd09fa855b20a6d453f2e954ff0e55c010000008547c5a0ecefcc44cc9532f729167f215937357a4bb9746193c1ec000000000000dd43c108c2109d221b7b26b7c9c209000005b7918a6cd856b8fa806c85480443159c6bed51a0e021f05f7caa1b99cdb4d08d9031210ac00e67d8c40a18503cb7aabcc066dfbfd7f87abe1122f00e5454bec3563a19582e0000000000000000000000000084b27fc6a3f95bf02b4eb5f1599dd46edcad432cc216316fe07afe27649c89cf022a90d895a2d70fcde7a9c37ede0c47c27f44595ab4b1fb1ed5b1d91314b2d50f94a768fb605679485041a6376b8344a39af68aed2be39794dd86ae82f9660cf4f935255d71f9fab2e430ac42bba1f54141cf39d4d50c4ded504beacb0de210d7a3716dca7362c134b91cef3efc514fbcb4747e6814ac16449ac02a43d9d4151697b4b7890ec6b481c5f0ca8c52a6322f34a796fa5941d23409ecf73458223baaffb94a89ee2884df000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x36}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32=r3, @ANYRES32=r3, @ANYBLOB='.\x00\x00\x00  \x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="ade38b256a6f4ff642f7d75c3048bbc641", @ANYRES64=0x0], 0x20)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x2}, 0x14)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
listen(r5, 0x0)
unshare(0x22020600)
ppoll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x8000}, {}], 0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@gettaction={0x90, 0x32, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x4}, @action_gd=@TCA_ACT_TAB={0x6c, 0x1, [{0xc, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x400}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

5.751354774s ago: executing program 0 (id=503):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x7})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)="5802009400140091d491323b478925458db45602117fffefd7ff8100", 0x1c}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r0])
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x38, 0x71, 0x78, 0x8, 0x1964, 0x1, 0x916f, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0xd0, 0x0, [{{0x9, 0x4, 0xc8, 0x0, 0x0, 0x9d, 0x38, 0xef}}]}}]}}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000340)={0x2c, &(0x7f0000000940)=ANY=[@ANYBLOB="090a0e"], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x1}}, './file0\x00'})
ioctl$HIDIOCGDEVINFO(r3, 0x801c4803, &(0x7f0000000100)=""/108)
syz_usb_control_io(r2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
getdents(0xffffffffffffffff, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r6=>0x0})
socket$can_bcm(0x1d, 0x2, 0x2)
sendto$packet(r5, &(0x7f0000000080)="18", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0xc, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
close_range(r4, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

5.018482837s ago: executing program 2 (id=504):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
fsetxattr$smack_xattr_label(r1, &(0x7f00000003c0)='security.SMACK64IPIN\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="3bb1db241d43a242c894c358fd00b1"], 0x2, 0x1)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
write$vhost_msg(r4, &(0x7f0000000840)={0x796e6564, {0x0, 0x0, 0x0}}, 0x7)
syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r4)
read$FUSE(r3, &(0x7f0000000300)={0x2020, 0x0, <r5=>0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
lseek(r3, 0xfffffffffffffff5, 0x1)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@allocspi={0x100, 0x16, 0x1, 0x70bd28, 0x25dfdbfb, {{{@in6=@local, @in=@local, 0x4e23, 0xf, 0x4e23, 0xe, 0x2, 0xa0, 0xb0, 0x5e}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d6, 0x6c}, @in=@private=0xa010100, {0x8, 0x100, 0x5, 0x7, 0x1000, 0x1, 0x0, 0x10000}, {0x2, 0x9, 0x3, 0x195d}, {0x9, 0x6, 0x81}, 0x70bd25, 0x3501, 0xa, 0x1, 0xda, 0xec}, 0x3, 0x32b}, [@XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x8001}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x24000014)
r8 = socket(0x1e, 0x4, 0x0)
r9 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f00000001c0)=@req={0xfffffffe, 0x7fffffff, 0x0, 0xa}, 0x10)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
recvmmsg(r9, &(0x7f0000002840)=[{{0x0, 0xfd53, &(0x7f0000001600)=[{&(0x7f0000000480)=""/4085, 0xff5}]}, 0xbe58}], 0x1, 0x7ffeedc1, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002340)=ANY=[@ANYRES32=r5, @ANYRES16=r0, @ANYRESOCT=r7, @ANYRES8=r6, @ANYRESHEX], 0x48)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MTU={0x8, 0x3}]}, 0x3c}}, 0x0)

3.807691619s ago: executing program 1 (id=505):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce070200"/62, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\\'], 0x0) (async)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068", 0x9, 0xfffffffffffffffe) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020200008500000072000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x0, &(0x7f0000000000)="9b352e98d1dc0621a18bc4c5a6c1db5c", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/18, @ANYBLOB="ebffffffffffffff280012800b00010065"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r2, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) (async)
r3 = socket(0x1d, 0x2, 0x6)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r3, 0x6a, 0x5, 0x20000000, 0x3) (async)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r3)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
r7 = socket(0x21, 0x4, 0x3)
setsockopt$packet_int(r7, 0x107, 0x13, &(0x7f00000001c0), 0x4) (async)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r5, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

3.600168709s ago: executing program 2 (id=506):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x161200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
ioctl$FIONREAD(r0, 0x541b, 0x0)
io_uring_setup(0x6c27, &(0x7f00000000c0)={0x0, 0x257f, 0x400, 0x0, 0x6})
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
getrlimit(0xb, &(0x7f00000006c0))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r4, 0xae80, 0x1800)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x4, 0x0, 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r1, r1, r1}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

3.557497449s ago: executing program 3 (id=507):
r0 = creat(&(0x7f0000000380)='./file0\x00', 0xecf86c37d5304961)
syz_open_dev$MSR(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, 0xffffffffffffffff, 0x0)
close(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="020000000000000091000040"])
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r7=>0x0], &(0x7f0000000040), 0x2, r6})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r6], &(0x7f0000000180)=[0xfb], &(0x7f0000000400)=[r7, r7], &(0x7f0000000340)})
syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x3a, 0x37, 0x5, 0x20, 0x781, 0x5, 0x5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xe6, 0x2, 0x2, 0x5b, 0xbd, 0x97, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)

3.505021322s ago: executing program 4 (id=508):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000005000000000000711238000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d}, 0x94)

3.186631368s ago: executing program 4 (id=509):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000002c0), 0x111}}, 0x20)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r4, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)=""/4090, 0xffa}], 0x1}, 0xacd2}], 0x1, 0x12040, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000700200a1400fdff130a010300000000000000000a000006140000001100010000000000000000000300000a"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000001)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x9, @loopback, 0xaa}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)

2.768555877s ago: executing program 1 (id=510):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x0, 0x0}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={r1, 0x1}, 0x8)

1.767379111s ago: executing program 1 (id=511):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
dup2(r1, r0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, 0x0}, 0x80d1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x20)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0xfd7f)

1.670550163s ago: executing program 4 (id=512):
r0 = syz_open_procfs$userns(0x0, &(0x7f00000001c0))
setns(r0, 0x0)
prctl$PR_SCHED_CORE(0x42, 0x4, 0x0, 0x0, 0x0)

1.629555581s ago: executing program 2 (id=513):
sched_setscheduler(0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0xffffffbe, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x48, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd4}}, 0x0)

1.364930166s ago: executing program 4 (id=514):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892", 0x60}], 0x2, &(0x7f0000000380)}], 0x1, 0x40800)
recvmmsg$unix(r4, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000000a80)=""/14, 0xe}, {&(0x7f0000000cc0)=""/178, 0xb2}], 0x2}}], 0x1, 0x10000, 0x0)

1.335409558s ago: executing program 2 (id=515):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
r0 = open(0x0, 0xe5000, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d000701000000000000"], 0x528}}, 0xc000)
r2 = socket(0x2a, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0xffffffffffffff5b, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000002600), 0x101840, 0x0)
ioctl$RTC_AIE_ON(r5, 0x7001)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r2, 0x0, 0x20000014)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r3, @ANYBLOB="0000000003120100500012800b0001006272696467650000400002800800050001000000"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000000), &(0x7f0000000140)=ANY=[@ANYBLOB="04"], 0x2, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = syz_io_uring_setup(0xcf, &(0x7f0000000480)={0x0, 0x5afa, 0x100, 0x22, 0x335}, &(0x7f0000000400)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_SHUTDOWN={0x22, 0x12, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r6, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.211535402s ago: executing program 1 (id=516):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
fsetxattr$smack_xattr_label(r1, &(0x7f00000003c0)='security.SMACK64IPIN\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="3bb1db241d43a242c894c358fd00b1"], 0x2, 0x1)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
write$vhost_msg(r4, &(0x7f0000000840)={0x796e6564, {0x0, 0x0, 0x0}}, 0x7)
syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r4)
read$FUSE(r3, &(0x7f0000000300)={0x2020}, 0x2020)
lseek(r3, 0xfffffffffffffff5, 0x1)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@allocspi={0x100, 0x16, 0x1, 0x70bd28, 0x25dfdbfb, {{{@in6=@local, @in=@local, 0x4e23, 0xf, 0x4e23, 0xe, 0x2, 0xa0, 0xb0, 0x5e}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d6, 0x6c}, @in=@private=0xa010100, {0x8, 0x100, 0x5, 0x7, 0x1000, 0x1, 0x0, 0x10000}, {0x2, 0x9, 0x3, 0x195d}, {0x9, 0x6, 0x81}, 0x70bd25, 0x3501, 0xa, 0x1, 0xda, 0xec}, 0x3, 0x32b}, [@XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x8001}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x24000014)
r6 = socket(0x1e, 0x4, 0x0)
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f00000001c0)=@req={0xfffffffe, 0x7fffffff, 0x0, 0xa}, 0x10)
openat(r6, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
recvmmsg(r7, &(0x7f0000002840)=[{{0x0, 0xfd53, &(0x7f0000001600)=[{&(0x7f0000000480)=""/4085, 0xff5}]}, 0xbe58}], 0x1, 0x7ffeedc1, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x40, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MTU={0x8, 0x3}]}, 0x3c}}, 0x0)

382.916662ms ago: executing program 4 (id=517):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x6f4dad00}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs2/binder1\x00', 0x802, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000480), 0x101400, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000840)={0xffffffffffffffff, 0x7, 0x3, 0x0, 0x0, [{{r0}, 0x7f}, {{r1}, 0x4}, {{r2}, 0xfffffffffffffffd}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000800), 0x161200, 0x0)
ioctl$int_in(r4, 0x5452, &(0x7f0000000040)=0x7fffffffffffffff)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0xc001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xf1, 0xfffffffffffffffd)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0x4, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x3c}}, 0x44040)
sendmmsg$alg(r6, &(0x7f00000063c0)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000c40)="97b5ee06edbce480b6bdc020061952fd2661e171449c341cf2c2c9b0e932aaba977ec145d6fb273c392cc3e58c475aaf210dcba48c28560822d204bff6c6c885", 0x40}], 0x1, &(0x7f00000003c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x14}], 0x1, 0x800)
recvmsg$can_raw(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000080)=""/30, 0x1e}, {&(0x7f00000009c0)=""/170, 0xaa}], 0x2}, 0x10081)

41.714667ms ago: executing program 3 (id=518):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x1, 0x5, 0x7}}, 0x30)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000000000", @ANYRES16], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])
pipe2$9p(&(0x7f0000000240), 0x0) (async)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) (async)
dup(r1) (async)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) (async)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) (async)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x1, 0x5, 0x7}}, 0x30) (async)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000000000", @ANYRES16], 0xb0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl']) (async)

0s ago: executing program 0 (id=519):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
select(0xc9, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, &(0x7f00000005c0))
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x100075, 0xffefffff, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f00000004c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r7 = fanotify_init(0x8, 0x80000)
fanotify_mark(r7, 0x105, 0x4800003a, r6, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
fcntl$setown(r2, 0x8, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40000, 0x100)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x3, 0x5, 0x8, 0x3, 0x1, {0x1, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080), 0x7f03)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x1, 0x4000000)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
sendto$inet6(r0, 0x0, 0x0, 0x200cc0c5, &(0x7f0000000080)={0xa, 0x4c20, 0x0, @mcast2}, 0x1c)
sendto$inet6(r0, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.111' (ED25519) to the list of known hosts.
[   85.017764][ T5804] cgroup: Unknown subsys name 'net'
[   85.131458][ T5804] cgroup: Unknown subsys name 'cpuset'
[   85.140759][ T5804] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   86.899688][ T5804] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.627086][ T5817] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   89.635679][ T5817] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   89.647083][ T5817] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   89.656124][ T5817] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   89.666984][ T5817] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.746363][ T5817] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.757912][ T5817] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.765808][ T5817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.775753][ T5817] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.783834][ T5817] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.822739][ T5138] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   89.844818][ T5138] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   89.857776][ T5138] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   89.867644][ T5138] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   89.875557][ T5138] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   89.900784][ T5828] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.915234][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   89.923271][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.932081][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   89.940282][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.949046][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.957011][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   89.964276][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   90.016102][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   90.024198][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   90.345861][ T5819] chnl_net:caif_netlink_parms(): no params data found
[   90.568622][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.576352][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.584653][ T5819] bridge_slave_0: entered allmulticast mode
[   90.593250][ T5819] bridge_slave_0: entered promiscuous mode
[   90.628342][ T5815] chnl_net:caif_netlink_parms(): no params data found
[   90.640626][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.648000][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.655213][ T5819] bridge_slave_1: entered allmulticast mode
[   90.663088][ T5819] bridge_slave_1: entered promiscuous mode
[   90.797084][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.881807][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.978642][ T5825] chnl_net:caif_netlink_parms(): no params data found
[   91.014539][ T5819] team0: Port device team_slave_0 added
[   91.021323][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   91.057243][ T5819] team0: Port device team_slave_1 added
[   91.098034][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.105339][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.112729][ T5815] bridge_slave_0: entered allmulticast mode
[   91.120103][ T5815] bridge_slave_0: entered promiscuous mode
[   91.156861][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   91.177454][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.184673][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.192469][ T5815] bridge_slave_1: entered allmulticast mode
[   91.199913][ T5815] bridge_slave_1: entered promiscuous mode
[   91.287077][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.302062][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.309178][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.335645][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.355392][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.362841][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.390071][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.425283][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.540702][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.548078][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.555323][ T5825] bridge_slave_0: entered allmulticast mode
[   91.563818][ T5825] bridge_slave_0: entered promiscuous mode
[   91.582161][ T5815] team0: Port device team_slave_0 added
[   91.591287][ T5815] team0: Port device team_slave_1 added
[   91.599992][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.607293][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.614468][ T5822] bridge_slave_0: entered allmulticast mode
[   91.623210][ T5822] bridge_slave_0: entered promiscuous mode
[   91.630997][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.639149][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.646926][ T5825] bridge_slave_1: entered allmulticast mode
[   91.654198][ T5825] bridge_slave_1: entered promiscuous mode
[   91.708671][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.715921][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.723658][ T5822] bridge_slave_1: entered allmulticast mode
[   91.731953][ T5822] bridge_slave_1: entered promiscuous mode
[   91.787518][   T51] Bluetooth: hci0: command tx timeout
[   91.804228][ T5819] hsr_slave_0: entered promiscuous mode
[   91.811291][ T5819] hsr_slave_1: entered promiscuous mode
[   91.819867][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.827073][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.853586][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.866917][   T51] Bluetooth: hci1: command tx timeout
[   91.908490][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.915741][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.923478][ T5827] bridge_slave_0: entered allmulticast mode
[   91.932445][ T5827] bridge_slave_0: entered promiscuous mode
[   91.941310][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.948776][   T51] Bluetooth: hci2: command tx timeout
[   91.952665][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.961687][ T5827] bridge_slave_1: entered allmulticast mode
[   91.969959][ T5827] bridge_slave_1: entered promiscuous mode
[   91.978018][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.985042][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.011190][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.032457][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.044425][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.058220][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.108491][   T51] Bluetooth: hci3: command tx timeout
[   92.108498][ T5828] Bluetooth: hci4: command tx timeout
[   92.125513][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.138744][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.206754][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.240988][ T5825] team0: Port device team_slave_0 added
[   92.250764][ T5825] team0: Port device team_slave_1 added
[   92.288721][ T5822] team0: Port device team_slave_0 added
[   92.341010][ T5815] hsr_slave_0: entered promiscuous mode
[   92.347675][ T5815] hsr_slave_1: entered promiscuous mode
[   92.353929][ T5815] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.362056][ T5815] Cannot create hsr debugfs directory
[   92.385780][ T5822] team0: Port device team_slave_1 added
[   92.397380][ T5827] team0: Port device team_slave_0 added
[   92.463148][ T5827] team0: Port device team_slave_1 added
[   92.490369][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.497517][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.523741][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.593742][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.601715][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.627885][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.646275][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.653838][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.680000][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.691897][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.699236][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.726173][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.760579][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.768344][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.794773][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.813826][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.821053][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.848530][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.001551][ T5825] hsr_slave_0: entered promiscuous mode
[   93.008819][ T5825] hsr_slave_1: entered promiscuous mode
[   93.015125][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.023097][ T5825] Cannot create hsr debugfs directory
[   93.046078][ T5822] hsr_slave_0: entered promiscuous mode
[   93.053421][ T5822] hsr_slave_1: entered promiscuous mode
[   93.059938][ T5822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.067778][ T5822] Cannot create hsr debugfs directory
[   93.110707][ T5827] hsr_slave_0: entered promiscuous mode
[   93.118339][ T5827] hsr_slave_1: entered promiscuous mode
[   93.124583][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.132593][ T5827] Cannot create hsr debugfs directory
[   93.472453][ T5819] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   93.486367][ T5819] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   93.512723][ T5819] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   93.557092][ T5819] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   93.711785][ T5815] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.724531][ T5815] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.762357][ T5815] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.799745][ T5815] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.868559][ T5828] Bluetooth: hci0: command tx timeout
[   93.887146][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   93.899321][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   93.929695][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   93.940925][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   93.948004][ T5828] Bluetooth: hci1: command tx timeout
[   94.029915][ T5828] Bluetooth: hci2: command tx timeout
[   94.048010][ T5822] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   94.063522][ T5822] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   94.075777][ T5822] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   94.088389][ T5822] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   94.186961][ T5828] Bluetooth: hci3: command tx timeout
[   94.186972][   T51] Bluetooth: hci4: command tx timeout
[   94.271149][ T5827] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   94.285232][ T5827] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   94.306138][ T5827] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   94.318103][ T5827] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   94.371453][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.413237][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.471977][ T5819] 8021q: adding VLAN 0 to HW filter on device team0
[   94.499151][ T5815] 8021q: adding VLAN 0 to HW filter on device team0
[   94.524860][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.538932][ T1009] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.546359][ T1009] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.558606][ T1009] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.565847][ T1009] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.587822][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.613803][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.621030][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.647671][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.654856][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.706376][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   94.731821][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[   94.765830][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.773117][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.783540][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.790779][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.846067][ T1009] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.853304][ T1009] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.866063][ T1009] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.873282][ T1009] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.102134][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.193607][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   95.245419][ T1009] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.252783][ T1009] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.282957][ T1009] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.290242][ T1009] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.494255][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.668870][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.695726][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.791557][ T5819] veth0_vlan: entered promiscuous mode
[   95.851026][ T5819] veth1_vlan: entered promiscuous mode
[   95.863960][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.953128][ T5828] Bluetooth: hci0: command tx timeout
[   95.978542][ T5822] veth0_vlan: entered promiscuous mode
[   96.011751][ T5815] veth0_vlan: entered promiscuous mode
[   96.029429][ T5828] Bluetooth: hci1: command tx timeout
[   96.035994][ T5819] veth0_macvtap: entered promiscuous mode
[   96.051167][ T5822] veth1_vlan: entered promiscuous mode
[   96.063680][ T5819] veth1_macvtap: entered promiscuous mode
[   96.075763][ T5815] veth1_vlan: entered promiscuous mode
[   96.108055][ T5828] Bluetooth: hci2: command tx timeout
[   96.136056][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.157886][ T5825] veth0_vlan: entered promiscuous mode
[   96.179859][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.197228][ T5819] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.206083][ T5819] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.218776][ T5819] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.227702][ T5819] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.241196][ T5825] veth1_vlan: entered promiscuous mode
[   96.261726][ T5815] veth0_macvtap: entered promiscuous mode
[   96.268599][ T5828] Bluetooth: hci4: command tx timeout
[   96.276933][ T5828] Bluetooth: hci3: command tx timeout
[   96.287133][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.328563][ T5815] veth1_macvtap: entered promiscuous mode
[   96.369479][ T5822] veth0_macvtap: entered promiscuous mode
[   96.425231][ T5822] veth1_macvtap: entered promiscuous mode
[   96.471828][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.481583][ T5825] veth0_macvtap: entered promiscuous mode
[   96.520135][ T5825] veth1_macvtap: entered promiscuous mode
[   96.547511][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.572455][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.586037][ T5815] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.588232][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.598255][ T5815] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.622583][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.632875][ T5815] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.642151][ T5815] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.684651][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.704652][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.744750][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.780579][ T1009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.802343][ T5825] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.811997][ T1009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.817752][ T5825] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.828937][ T5825] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.837949][ T5825] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.852393][ T5822] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.862926][ T5822] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.871790][ T5822] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.884907][ T5822] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.959201][ T5819] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.119827][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.131161][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.184388][  T976] cfg80211: failed to load regulatory.db
[   97.203679][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.221390][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.248397][ T5827] veth0_vlan: entered promiscuous mode
[   97.279414][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.293696][ T5827] veth1_vlan: entered promiscuous mode
[   97.302021][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.364063][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.390683][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.410319][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.437907][ T5876] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   97.456149][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.486080][ T5827] veth0_macvtap: entered promiscuous mode
[   97.505637][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.529648][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.571359][ T5827] veth1_macvtap: entered promiscuous mode
[   97.622712][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.631280][ T5876] usb 2-1: Using ep0 maxpacket: 16
[   97.644118][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[   97.686477][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 115, changing to 7
[   97.702057][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.740140][ T5827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.749328][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 26216, setting to 1024
[   97.806983][ T5827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.826519][ T5876] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   97.852790][ T5944] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4'.
[   97.852867][ T5827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.869472][ T5944] fuse: Unknown parameter 'r000000000000r_id'
[   97.879602][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.884828][ T5944] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4'.
[   97.898515][ T5876] usb 2-1: Product: syz
[   97.903359][ T5876] usb 2-1: Manufacturer: syz
[   97.909462][ T5876] usb 2-1: SerialNumber: syz
[   97.918382][ T5827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.960517][ T5876] usb 2-1: config 0 descriptor??
[   97.987652][ T5876] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[   98.012291][ T5876] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[   98.040964][ T5828] Bluetooth: hci0: command tx timeout
[   98.107799][ T5828] Bluetooth: hci1: command tx timeout
[   98.186772][ T5828] Bluetooth: hci2: command tx timeout
[   98.256767][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   98.347044][ T5828] Bluetooth: hci4: command tx timeout
[   98.357398][ T5828] Bluetooth: hci3: command tx timeout
[   98.482780][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.496636][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   98.687586][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.716717][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   98.892396][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.976709][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   99.016731][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   99.097146][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   99.146606][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   99.410794][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.430974][ T5876] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[   99.467547][ T5876] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[   99.486745][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.503701][ T5876] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[   99.556647][ T5876] em28xx 2-1:0.0: No AC97 audio processor
[   99.665436][ T5876] usb 2-1: USB disconnect, device number 2
[   99.688536][ T5876] em28xx 2-1:0.0: Disconnecting em28xx
[   99.721779][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.748256][ T5876] em28xx 2-1:0.0: Freeing device
[   99.770599][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.871134][ T5975] FAULT_INJECTION: forcing a failure.
[  100.871134][ T5975] name failslab, interval 1, probability 0, space 0, times 1
[  100.897012][ T5975] CPU: 0 UID: 0 PID: 5975 Comm: syz.0.13 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  100.897046][ T5975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.897065][ T5975] Call Trace:
[  100.897077][ T5975]  <TASK>
[  100.897088][ T5975]  dump_stack_lvl+0x189/0x250
[  100.897136][ T5975]  ? __pfx____ratelimit+0x10/0x10
[  100.897181][ T5975]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.897214][ T5975]  ? __pfx__printk+0x10/0x10
[  100.897239][ T5975]  ? __pfx___might_resched+0x10/0x10
[  100.897271][ T5975]  ? fs_reclaim_acquire+0x7d/0x100
[  100.897307][ T5975]  should_fail_ex+0x414/0x560
[  100.897344][ T5975]  should_failslab+0xa8/0x100
[  100.897374][ T5975]  kmem_cache_alloc_noprof+0x73/0x3c0
[  100.897400][ T5975]  ? security_file_alloc+0x34/0x330
[  100.897432][ T5975]  security_file_alloc+0x34/0x330
[  100.897461][ T5975]  init_file+0x93/0x2f0
[  100.897496][ T5975]  alloc_empty_file+0x6e/0x1d0
[  100.897529][ T5975]  path_openat+0x107/0x3830
[  100.897549][ T5975]  ? arch_stack_walk+0xfc/0x150
[  100.897614][ T5975]  ? kasan_save_track+0x4f/0x80
[  100.897635][ T5975]  ? kasan_save_track+0x3e/0x80
[  100.897656][ T5975]  ? __kasan_slab_alloc+0x6c/0x80
[  100.897679][ T5975]  ? getname_flags+0xb8/0x540
[  100.897710][ T5975]  ? __pfx_path_openat+0x10/0x10
[  100.897729][ T5975]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.897772][ T5975]  do_filp_open+0x1fa/0x410
[  100.897793][ T5975]  ? __lock_acquire+0xab9/0xd20
[  100.897825][ T5975]  ? __pfx_do_filp_open+0x10/0x10
[  100.897874][ T5975]  ? _raw_spin_unlock+0x28/0x50
[  100.897901][ T5975]  ? alloc_fd+0x64c/0x6c0
[  100.897942][ T5975]  do_sys_openat2+0x121/0x1c0
[  100.897979][ T5975]  ? __pfx_do_sys_openat2+0x10/0x10
[  100.898014][ T5975]  ? ksys_write+0x22a/0x250
[  100.898041][ T5975]  ? __pfx_ksys_write+0x10/0x10
[  100.898063][ T5975]  ? rcu_is_watching+0x15/0xb0
[  100.898100][ T5975]  __x64_sys_openat+0x138/0x170
[  100.898141][ T5975]  do_syscall_64+0xfa/0x3b0
[  100.898180][ T5975]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.898210][ T5975]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.898231][ T5975]  ? clear_bhb_loop+0x60/0xb0
[  100.898258][ T5975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.898280][ T5975] RIP: 0033:0x7f26b438d290
[  100.898305][ T5975] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  100.898323][ T5975] RSP: 002b:00007f26b51d4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  100.898347][ T5975] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f26b438d290
[  100.898363][ T5975] RDX: 0000000000000002 RSI: 00007f26b51d4fa0 RDI: 00000000ffffff9c
[  100.898377][ T5975] RBP: 00007f26b51d4fa0 R08: 0000000000000000 R09: 0000000000000000
[  100.898390][ T5975] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  100.898403][ T5975] R13: 0000000000000000 R14: 00007f26b45b5fa0 R15: 00007ffdbb0d5b88
[  100.898436][ T5975]  </TASK>
[  103.768857][ T6001] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  105.516101][ T6017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23'.
[  105.525282][ T6017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23'.
[  105.542320][ T6017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'.
[  108.176756][   T51] Bluetooth: hci5: sending frame failed (-49)
[  108.183992][ T5828] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  108.475543][ T6042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.31'.
[  109.208372][ T6042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.31'.
[  109.297174][ T6042] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.330913][ T6042] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.372248][ T6042] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.400287][ T6042] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.569822][ T6050] capability: warning: `syz.4.33' uses deprecated v2 capabilities in a way that may be insecure
[  109.876986][ T6053] netlink: 104 bytes leftover after parsing attributes in process `syz.0.34'.
[  111.650571][ T6067] overlayfs: failed to resolve './file0': -2
[  116.689730][ T6094] netlink: 48 bytes leftover after parsing attributes in process `syz.3.47'.
[  116.722109][ T6094] netlink: 44 bytes leftover after parsing attributes in process `syz.3.47'.
[  117.247314][ T6101] netlink: 4 bytes leftover after parsing attributes in process `syz.4.46'.
[  117.398741][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.4.46'.
[  117.469838][ T6103] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.568250][ T6103] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.578238][ T6107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.617382][ T6107] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.722929][ T6103] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.748191][   T43] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  117.760255][ T6103] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.606739][ T5877] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  118.747068][   T51] Bluetooth: hci5: command 0x1003 tx timeout
[  118.765808][ T5828] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  119.796943][ T5877] usb 1-1: Using ep0 maxpacket: 8
[  119.808895][ T5877] usb 1-1: config 2 has an invalid interface number: 31 but max is 0
[  119.822184][ T5877] usb 1-1: config 2 has no interface number 0
[  120.443144][ T6129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.54'.
[  120.452015][ T6129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.54'.
[  120.462285][ T6129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.54'.
[  120.479015][ T5877] usb 1-1: config 2 interface 31 has no altsetting 0
[  120.493204][ T5877] usb 1-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  120.743251][ T5877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.846664][ T5877] usb 1-1: Product: syz
[  120.850934][ T5877] usb 1-1: Manufacturer: syz
[  120.855588][ T5877] usb 1-1: SerialNumber: syz
[  121.057724][ T5877] usb 1-1: can't set config #2, error -71
[  121.090105][ T5877] usb 1-1: USB disconnect, device number 2
[  124.710517][ T6161] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  124.958448][ T6155] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  124.965164][ T6155] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  125.394188][ T6155] vhci_hcd vhci_hcd.0: Device attached
[  125.569040][ T6157] vhci_hcd: connection closed
[  125.579783][ T5913] vhci_hcd: stop threads
[  125.645416][ T5913] vhci_hcd: release socket
[  125.661922][ T5913] vhci_hcd: disconnect device
[  129.414707][ T6215] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.442245][ T5901] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  130.242927][ T6215] syz_tun: entered allmulticast mode
[  130.795193][ T5901] usb 5-1: config 2 has an invalid interface number: 45 but max is 0
[  130.826806][ T5901] usb 5-1: config 2 has no interface number 0
[  130.840295][ T5901] usb 5-1: config 2 interface 45 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 10
[  130.889750][ T5901] usb 5-1: config 2 interface 45 altsetting 0 endpoint 0x1 has invalid maxpacket 255, setting to 64
[  130.936934][ T5901] usb 5-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=82.d2
[  130.963447][ T5901] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.003770][ T5901] usb 5-1: Product: syz
[  131.008537][ T5901] usb 5-1: Manufacturer: syz
[  131.013195][ T5901] usb 5-1: SerialNumber: syz
[  131.079175][ T6211] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  131.123094][ T5901] kobil_sct 5-1:2.45: KOBIL USB smart card terminal converter detected
[  131.176468][ T5901] usb 5-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  132.156493][   T24] usb 5-1: USB disconnect, device number 2
[  132.237869][   T24] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  132.284741][ T6237] FAULT_INJECTION: forcing a failure.
[  132.284741][ T6237] name failslab, interval 1, probability 0, space 0, times 0
[  132.296440][   T24] kobil_sct 5-1:2.45: device disconnected
[  132.547295][ T6237] CPU: 0 UID: 0 PID: 6237 Comm: syz.2.82 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  132.547327][ T6237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.547341][ T6237] Call Trace:
[  132.547350][ T6237]  <TASK>
[  132.547359][ T6237]  dump_stack_lvl+0x189/0x250
[  132.547397][ T6237]  ? __pfx____ratelimit+0x10/0x10
[  132.547429][ T6237]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.547461][ T6237]  ? __pfx__printk+0x10/0x10
[  132.547485][ T6237]  ? __pfx___might_resched+0x10/0x10
[  132.547516][ T6237]  ? fs_reclaim_acquire+0x7d/0x100
[  132.547552][ T6237]  should_fail_ex+0x414/0x560
[  132.547582][ T6237]  should_failslab+0xa8/0x100
[  132.547612][ T6237]  __kmalloc_noprof+0xcb/0x4f0
[  132.547637][ T6237]  ? tomoyo_encode+0x28b/0x550
[  132.547672][ T6237]  tomoyo_encode+0x28b/0x550
[  132.547710][ T6237]  tomoyo_realpath_from_path+0x58d/0x5d0
[  132.547753][ T6237]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  132.547779][ T6237]  tomoyo_path_number_perm+0x1e8/0x5a0
[  132.547808][ T6237]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  132.547853][ T6237]  ? __lock_acquire+0xab9/0xd20
[  132.547911][ T6237]  ? __fget_files+0x2a/0x420
[  132.547941][ T6237]  ? __fget_files+0x2a/0x420
[  132.547966][ T6237]  ? __fget_files+0x3a0/0x420
[  132.547992][ T6237]  ? __fget_files+0x2a/0x420
[  132.548022][ T6237]  security_file_ioctl+0xcb/0x2d0
[  132.548052][ T6237]  __se_sys_ioctl+0x47/0x170
[  132.548095][ T6237]  do_syscall_64+0xfa/0x3b0
[  132.548125][ T6237]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.548154][ T6237]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.548174][ T6237]  ? clear_bhb_loop+0x60/0xb0
[  132.548200][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.548220][ T6237] RIP: 0033:0x7f705078e929
[  132.548239][ T6237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.548256][ T6237] RSP: 002b:00007f705155a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  132.548278][ T6237] RAX: ffffffffffffffda RBX: 00007f70509b5fa0 RCX: 00007f705078e929
[  132.548293][ T6237] RDX: 0000200000000600 RSI: 0000000000003b87 RDI: 0000000000000003
[  132.548306][ T6237] RBP: 00007f705155a090 R08: 0000000000000000 R09: 0000000000000000
[  132.548319][ T6237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.548331][ T6237] R13: 0000000000000000 R14: 00007f70509b5fa0 R15: 00007ffd9b092418
[  132.548364][ T6237]  </TASK>
[  132.551728][ T6237] ERROR: Out of memory at tomoyo_realpath_from_path.
[  132.626423][ T6217] syz_tun: left allmulticast mode
[  132.706944][ T6238] netlink: 104 bytes leftover after parsing attributes in process `syz.3.81'.
[  133.135145][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  133.141875][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  134.831880][ T6266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.838281][   T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  135.035390][   T24] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  135.060736][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.069790][ T5902] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  135.097453][   T24] usb 4-1: config 0 descriptor??
[  135.376714][ T5902] usb 2-1: device descriptor read/64, error -71
[  135.563453][   T24] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  135.637233][ T5902] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  135.972513][ T5902] usb 2-1: device descriptor read/64, error -71
[  136.112476][ T6284] Driver unsupported XDP return value 0 on prog  (id 20) dev N/A, expect packet loss!
[  136.153000][ T5902] usb usb2-port1: attempt power cycle
[  136.257415][ T5877] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  136.288762][ T6288] netlink: 4 bytes leftover after parsing attributes in process `syz.2.95'.
[  136.403741][ T6292] netlink: 104 bytes leftover after parsing attributes in process `syz.0.94'.
[  136.508469][ T5902] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  136.525730][ T5877] usb 5-1: config 2 has an invalid interface number: 45 but max is 0
[  136.534400][ T5877] usb 5-1: config 2 has no interface number 0
[  136.545307][ T5877] usb 5-1: config 2 interface 45 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 10
[  136.556856][ T5877] usb 5-1: config 2 interface 45 altsetting 0 endpoint 0x1 has invalid maxpacket 255, setting to 64
[  136.629331][ T5902] usb 2-1: device descriptor read/8, error -71
[  136.853866][ T5877] usb 5-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=82.d2
[  136.887162][ T5877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.895659][ T5877] usb 5-1: Product: syz
[  136.900321][ T5877] usb 5-1: Manufacturer: syz
[  136.906613][ T5877] usb 5-1: SerialNumber: syz
[  136.967195][ T5902] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  137.037255][ T6276] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  137.080301][ T5877] kobil_sct 5-1:2.45: KOBIL USB smart card terminal converter detected
[  137.097843][ T5902] usb 2-1: device descriptor read/8, error -71
[  137.097914][ T5877] usb 5-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  137.261262][ T5902] usb usb2-port1: unable to enumerate USB device
[  137.328255][ T5877] usb 5-1: USB disconnect, device number 3
[  137.364039][ T5877] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  137.375940][ T5877] kobil_sct 5-1:2.45: device disconnected
[  137.415828][ T6298] netlink: 'syz.0.97': attribute type 16 has an invalid length.
[  137.446652][ T6298] netlink: 63370 bytes leftover after parsing attributes in process `syz.0.97'.
[  137.810240][   T24] [drm:udl_init] *ERROR* Selecting channel failed
[  137.980710][ T6307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.99'.
[  137.989700][ T6307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.99'.
[  138.007478][ T6307] netlink: 4 bytes leftover after parsing attributes in process `syz.2.99'.
[  138.645663][   T24] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  138.704587][   T24] [drm] Initialized udl on minor 2
[  138.795925][   T24] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  138.847499][ T6310] Zero length message leads to an empty skb
[  138.890292][ T6310] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  138.903128][   T24] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  139.080306][ T5902] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  139.089928][   T24] usb 4-1: USB disconnect, device number 2
[  139.095988][ T6318] FAULT_INJECTION: forcing a failure.
[  139.095988][ T6318] name failslab, interval 1, probability 0, space 0, times 0
[  139.115015][ T5902] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  139.216728][ T6318] CPU: 1 UID: 0 PID: 6318 Comm: syz.1.103 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  139.216761][ T6318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.216774][ T6318] Call Trace:
[  139.216785][ T6318]  <TASK>
[  139.216795][ T6318]  dump_stack_lvl+0x189/0x250
[  139.216834][ T6318]  ? __pfx____ratelimit+0x10/0x10
[  139.216865][ T6318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.216897][ T6318]  ? __pfx__printk+0x10/0x10
[  139.216926][ T6318]  ? ref_tracker_alloc+0x318/0x460
[  139.216957][ T6318]  should_fail_ex+0x414/0x560
[  139.216987][ T6318]  should_failslab+0xa8/0x100
[  139.217017][ T6318]  kmem_cache_alloc_noprof+0x73/0x3c0
[  139.217042][ T6318]  ? skb_clone+0x212/0x3a0
[  139.217074][ T6318]  skb_clone+0x212/0x3a0
[  139.217104][ T6318]  __netlink_deliver_tap+0x404/0x850
[  139.217142][ T6318]  ? netlink_deliver_tap+0x2e/0x1b0
[  139.217167][ T6318]  netlink_deliver_tap+0x19c/0x1b0
[  139.217191][ T6318]  netlink_unicast+0x72f/0x8d0
[  139.217245][ T6318]  netlink_sendmsg+0x805/0xb30
[  139.217280][ T6318]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.217313][ T6318]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  139.217339][ T6318]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.217363][ T6318]  __sock_sendmsg+0x21c/0x270
[  139.217399][ T6318]  ____sys_sendmsg+0x505/0x830
[  139.217431][ T6318]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.217467][ T6318]  ? import_iovec+0x74/0xa0
[  139.217504][ T6318]  ___sys_sendmsg+0x21f/0x2a0
[  139.217532][ T6318]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.217598][ T6318]  ? __fget_files+0x2a/0x420
[  139.217626][ T6318]  ? __fget_files+0x3a0/0x420
[  139.217666][ T6318]  __x64_sys_sendmsg+0x19b/0x260
[  139.217695][ T6318]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  139.217732][ T6318]  ? __pfx_ksys_write+0x10/0x10
[  139.217754][ T6318]  ? rcu_is_watching+0x15/0xb0
[  139.217791][ T6318]  ? do_syscall_64+0xbe/0x3b0
[  139.217827][ T6318]  do_syscall_64+0xfa/0x3b0
[  139.217857][ T6318]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.217886][ T6318]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.217907][ T6318]  ? clear_bhb_loop+0x60/0xb0
[  139.217934][ T6318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.217954][ T6318] RIP: 0033:0x7f763ad8e929
[  139.217973][ T6318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.217991][ T6318] RSP: 002b:00007f763bb38038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.218014][ T6318] RAX: ffffffffffffffda RBX: 00007f763afb5fa0 RCX: 00007f763ad8e929
[  139.218029][ T6318] RDX: 0000000000000880 RSI: 0000200000000300 RDI: 0000000000000003
[  139.218043][ T6318] RBP: 00007f763bb38090 R08: 0000000000000000 R09: 0000000000000000
[  139.218056][ T6318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.218069][ T6318] R13: 0000000000000000 R14: 00007f763afb5fa0 R15: 00007fffecf51598
[  139.218102][ T6318]  </TASK>
[  139.881095][ T5809] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  139.929260][ T6327] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  139.953946][ T6327] overlayfs: failed to set xattr on upper
[  139.984704][ T6333] delete_channel: no stack
[  139.995234][ T6327] overlayfs: ...falling back to redirect_dir=nofollow.
[  140.016676][ T5809] usb 3-1: device descriptor read/64, error -71
[  140.029765][ T6327] overlayfs: ...falling back to index=off.
[  140.036178][ T6327] overlayfs: ...falling back to uuid=null.
[  140.256879][ T5809] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  140.406825][ T5809] usb 3-1: device descriptor read/64, error -71
[  140.822215][ T5809] usb usb3-port1: attempt power cycle
[  141.378634][ T6353] netlink: 'syz.1.113': attribute type 16 has an invalid length.
[  141.404963][ T5809] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  141.406480][ T6353] netlink: 63370 bytes leftover after parsing attributes in process `syz.1.113'.
[  141.445705][ T5809] usb 3-1: device descriptor read/8, error -71
[  141.617935][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.112'.
[  141.626912][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.112'.
[  141.643591][ T6358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.112'.
[  141.796820][ T5809] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  142.251829][ T5809] usb 3-1: device descriptor read/8, error -71
[  142.407033][ T5809] usb usb3-port1: unable to enumerate USB device
[  143.854706][ T6375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.120'.
[  144.908784][ T6375] netlink: 16 bytes leftover after parsing attributes in process `syz.1.120'.
[  144.989836][ T6381] netlink: 12 bytes leftover after parsing attributes in process `syz.3.121'.
[  145.772903][ T6390] netlink: 'syz.3.125': attribute type 16 has an invalid length.
[  145.792097][ T6390] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.125'.
[  146.248683][ T6399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.128'.
[  146.257742][ T6399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.128'.
[  146.275195][ T6399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.128'.
[  146.919322][ T6397] netlink: 'syz.1.124': attribute type 10 has an invalid length.
[  147.203808][ T6397] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.263549][ T6397] team0: Port device bond0 added
[  148.700583][ T6397] syz.1.124 (6397) used greatest stack depth: 20168 bytes left
[  149.416383][ T6419] netdevsim netdevsim2: Direct firmware load for 
 failed with error -2
[  149.465432][ T6419] netdevsim netdevsim2: Falling back to sysfs fallback for: 

[  149.508245][ T6426] netdevsim netdevsim2: Direct firmware load for 
 failed with error -2
[  149.563402][ T6426] netdevsim netdevsim2: Falling back to sysfs fallback for: 

[  150.060144][ T6428] netlink: 8 bytes leftover after parsing attributes in process `syz.4.133'.
[  150.752179][ T6437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.828133][ T6437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.234745][ T6447] netlink: 8 bytes leftover after parsing attributes in process `syz.1.140'.
[  151.243758][ T6447] netlink: 8 bytes leftover after parsing attributes in process `syz.1.140'.
[  151.262500][ T6447] netlink: 4 bytes leftover after parsing attributes in process `syz.1.140'.
[  151.891321][   T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  152.804184][   T10] usb 1-1: device descriptor read/64, error -71
[  152.888307][ T6452] netlink: 'syz.1.142': attribute type 16 has an invalid length.
[  152.912927][ T6452] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.142'.
[  153.086888][   T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  154.248744][   T10] usb 1-1: device descriptor read/64, error -71
[  154.737715][   T10] usb usb1-port1: attempt power cycle
[  155.484970][ T6471] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  156.821361][   T34] Bluetooth: Error in BCSP hdr checksum
[  157.050295][ T6477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.148'.
[  157.352120][ T6491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.148'.
[  158.616488][ T5828] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  159.256159][ T6504] netlink: 12 bytes leftover after parsing attributes in process `syz.2.155'.
[  159.730550][ T6525] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  161.946851][ T6557] Bluetooth: MGMT ver 1.23
[  162.185700][ T6564] syz.1.172 uses obsolete (PF_INET,SOCK_PACKET)
[  163.817332][ T6579] FAULT_INJECTION: forcing a failure.
[  163.817332][ T6579] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  163.830535][ T6579] CPU: 1 UID: 0 PID: 6579 Comm: syz.4.180 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  163.830563][ T6579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.830576][ T6579] Call Trace:
[  163.830584][ T6579]  <TASK>
[  163.830594][ T6579]  dump_stack_lvl+0x189/0x250
[  163.830630][ T6579]  ? __pfx____ratelimit+0x10/0x10
[  163.830660][ T6579]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.830690][ T6579]  ? __pfx__printk+0x10/0x10
[  163.830712][ T6579]  ? __might_fault+0xb0/0x130
[  163.830749][ T6579]  should_fail_ex+0x414/0x560
[  163.830779][ T6579]  _copy_from_iter+0x1db/0x16f0
[  163.830813][ T6579]  ? rcu_is_watching+0x15/0xb0
[  163.830845][ T6579]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  163.830872][ T6579]  ? __pfx__copy_from_iter+0x10/0x10
[  163.830903][ T6579]  ? __build_skb_around+0x257/0x3e0
[  163.830928][ T6579]  ? netlink_sendmsg+0x642/0xb30
[  163.830949][ T6579]  ? skb_put+0x11b/0x210
[  163.830975][ T6579]  netlink_sendmsg+0x6b2/0xb30
[  163.831006][ T6579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.831036][ T6579]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  163.831061][ T6579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.831085][ T6579]  __sock_sendmsg+0x21c/0x270
[  163.831119][ T6579]  ____sys_sendmsg+0x505/0x830
[  163.831150][ T6579]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.831192][ T6579]  ? import_iovec+0x74/0xa0
[  163.831228][ T6579]  ___sys_sendmsg+0x21f/0x2a0
[  163.831255][ T6579]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.831320][ T6579]  ? __fget_files+0x2a/0x420
[  163.831346][ T6579]  ? __fget_files+0x3a0/0x420
[  163.831386][ T6579]  __x64_sys_sendmsg+0x19b/0x260
[  163.831413][ T6579]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  163.831449][ T6579]  ? __pfx_ksys_write+0x10/0x10
[  163.831479][ T6579]  ? do_syscall_64+0xbe/0x3b0
[  163.831514][ T6579]  do_syscall_64+0xfa/0x3b0
[  163.831543][ T6579]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.831571][ T6579]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.831592][ T6579]  ? clear_bhb_loop+0x60/0xb0
[  163.831618][ T6579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.831638][ T6579] RIP: 0033:0x7f7f36d8e929
[  163.831658][ T6579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.831676][ T6579] RSP: 002b:00007f7f37bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.831698][ T6579] RAX: ffffffffffffffda RBX: 00007f7f36fb5fa0 RCX: 00007f7f36d8e929
[  163.831713][ T6579] RDX: 0000000002000000 RSI: 0000200000000400 RDI: 0000000000000008
[  163.831727][ T6579] RBP: 00007f7f37bd5090 R08: 0000000000000000 R09: 0000000000000000
[  163.831740][ T6579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.831752][ T6579] R13: 0000000000000000 R14: 00007f7f36fb5fa0 R15: 00007ffc5b3e3b18
[  163.831785][ T6579]  </TASK>
[  164.949316][   T30] audit: type=1804 audit(1751133004.687:2): pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.186" name="/newroot/31/file0" dev="tmpfs" ino=183 res=1 errno=0
[  164.988620][ T6597] binder: 6596:6597 ioctl c0306201 200000000340 returned -14
[  165.067769][ T6597] tipc: Started in network mode
[  165.073759][ T6597] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  165.085898][ T6597] tipc: Enabled bearer <udp:s>, priority 10
[  165.214855][ T6604] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  165.331206][ T6602] netlink: 'syz.2.189': attribute type 11 has an invalid length.
[  165.405774][ T6606] can0: slcan on ttyS3.
[  165.465676][ T6612] bridge0: port 3(syz_tun) entered blocking state
[  165.472549][ T6612] bridge0: port 3(syz_tun) entered disabled state
[  165.479420][ T6612] syz_tun: entered allmulticast mode
[  165.488622][ T6606] can0 (unregistered): slcan off ttyS3.
[  165.491304][ T6612] syz_tun: entered promiscuous mode
[  165.500982][ T6612] bridge0: port 3(syz_tun) entered blocking state
[  165.508671][ T6612] bridge0: port 3(syz_tun) entered forwarding state
[  165.537556][ T6606] xt_CT: You must specify a L4 protocol and not use inversions on it
[  165.772716][ T6616] warning: `syz.0.191' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  166.788263][ T1218] tipc: Node number set to 4269801488
[  168.915713][ T5877] hid-generic 0000:0004:0034.0001: unknown main item tag 0x0
[  168.924183][ T5877] hid-generic 0000:0004:0034.0001: unknown main item tag 0x0
[  169.740994][ T5877] hid-generic 0000:0004:0034.0001: unknown main item tag 0x0
[  169.754953][ T5877] hid-generic 0000:0004:0034.0001: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  169.820835][ T6609] syz_tun: entered allmulticast mode
[  169.877386][ T6607] syz_tun: left allmulticast mode
[  169.895271][ T6629] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[  170.725740][ T6639] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  171.051494][ T6641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.201'.
[  171.093162][ T6643] 9pnet_fd: Insufficient options for proto=fd
[  171.261679][ T6634] fido_id[6634]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  171.375526][ T6634] fido_id (6634) used greatest stack depth: 19168 bytes left
[  173.083386][ T6666] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  174.230289][   T30] audit: type=1326 audit(1751133013.887:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6671 comm="syz.2.210" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f705078e929 code=0x0
[  174.543422][ T6686] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  174.875993][ T6678] netlink: 4 bytes leftover after parsing attributes in process `syz.1.212'.
[  175.787653][ T6696] tmpfs: Unknown parameter 'usrquota%½p'
[  176.279902][   T30] audit: type=1326 audit(1751133016.007:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6697 comm="syz.1.218" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f763ad8e929 code=0x0
[  176.464627][ T6703] FAULT_INJECTION: forcing a failure.
[  176.464627][ T6703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.483151][ T6703] CPU: 0 UID: 0 PID: 6703 Comm: syz.1.218 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  176.483174][ T6703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  176.483183][ T6703] Call Trace:
[  176.483190][ T6703]  <TASK>
[  176.483196][ T6703]  dump_stack_lvl+0x189/0x250
[  176.483224][ T6703]  ? __pfx____ratelimit+0x10/0x10
[  176.483246][ T6703]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.483268][ T6703]  ? __pfx__printk+0x10/0x10
[  176.483292][ T6703]  should_fail_ex+0x414/0x560
[  176.483313][ T6703]  _copy_to_user+0x31/0xb0
[  176.483338][ T6703]  simple_read_from_buffer+0xe1/0x170
[  176.483361][ T6703]  proc_fail_nth_read+0x1df/0x250
[  176.483385][ T6703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.483408][ T6703]  ? rw_verify_area+0x258/0x650
[  176.483424][ T6703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.483446][ T6703]  vfs_read+0x1fd/0x980
[  176.483466][ T6703]  ? __pfx___mutex_lock+0x10/0x10
[  176.483489][ T6703]  ? __pfx_vfs_read+0x10/0x10
[  176.483506][ T6703]  ? __fget_files+0x2a/0x420
[  176.483529][ T6703]  ? __fget_files+0x3a0/0x420
[  176.483547][ T6703]  ? __fget_files+0x2a/0x420
[  176.483574][ T6703]  ksys_read+0x145/0x250
[  176.483592][ T6703]  ? __pfx_ksys_read+0x10/0x10
[  176.483612][ T6703]  ? do_syscall_64+0xbe/0x3b0
[  176.483637][ T6703]  do_syscall_64+0xfa/0x3b0
[  176.483657][ T6703]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.483677][ T6703]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.483691][ T6703]  ? clear_bhb_loop+0x60/0xb0
[  176.483710][ T6703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.483724][ T6703] RIP: 0033:0x7f763ad8d33c
[  176.483737][ T6703] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  176.483750][ T6703] RSP: 002b:00007f7638bf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  176.483766][ T6703] RAX: ffffffffffffffda RBX: 00007f763afb6160 RCX: 00007f763ad8d33c
[  176.483777][ T6703] RDX: 000000000000000f RSI: 00007f7638bf60a0 RDI: 0000000000000004
[  176.483786][ T6703] RBP: 00007f7638bf6090 R08: 0000000000000000 R09: 0000000000000000
[  176.483795][ T6703] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  176.483804][ T6703] R13: 0000000000000000 R14: 00007f763afb6160 R15: 00007fffecf51598
[  176.483826][ T6703]  </TASK>
[  179.167549][ T5902] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  179.219832][ T6729] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  179.366858][ T5902] usb 4-1: Using ep0 maxpacket: 32
[  179.402182][ T5902] usb 4-1: unable to get BOS descriptor or descriptor too short
[  179.458573][ T5902] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  179.486791][ T5902] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  179.519191][ T5902] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  179.790306][ T5902] usb 4-1: string descriptor 0 read error: -22
[  179.804478][ T5902] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  179.832717][ T5902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.909565][ T6742] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  182.610713][ T6743] tty tty20: ldisc open failed (-12), clearing slot 19
[  182.769965][ T5902] usb 4-1: can't set config #1, error -71
[  182.778155][ T5902] usb 4-1: USB disconnect, device number 3
[  183.611857][ T6753] loop2: detected capacity change from 0 to 7
[  183.692609][ T6753] Dev loop2: unable to read RDB block 7
[  183.698603][ T6753]  loop2: unable to read partition table
[  183.704604][ T6753] loop2: partition table beyond EOD, truncated
[  183.895938][ T6753] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  184.170720][ T6764] netlink: 116 bytes leftover after parsing attributes in process `syz.3.235'.
[  184.607614][ T6760] netlink: 'syz.4.234': attribute type 12 has an invalid length.
[  184.615429][ T6760] netlink: 'syz.4.234': attribute type 29 has an invalid length.
[  184.623242][ T6760] netlink: 148 bytes leftover after parsing attributes in process `syz.4.234'.
[  184.632301][ T6760] netlink: 'syz.4.234': attribute type 1 has an invalid length.
[  184.640061][ T6760] netlink: 47 bytes leftover after parsing attributes in process `syz.4.234'.
[  185.467021][ T6771] vlan2: entered promiscuous mode
[  185.472209][ T6771] bridge0: entered promiscuous mode
[  185.500082][ T6771] vlan2: entered allmulticast mode
[  185.505307][ T6771] bridge0: entered allmulticast mode
[  185.539433][ T6774] bridge_slave_0: left allmulticast mode
[  185.545951][ T6774] bridge_slave_0: left promiscuous mode
[  185.555365][ T6774] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.572589][ T6775] netlink: 'syz.2.239': attribute type 16 has an invalid length.
[  185.589817][ T6775] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.239'.
[  185.613952][ T6774] bridge_slave_1: left allmulticast mode
[  185.620349][ T6774] bridge_slave_1: left promiscuous mode
[  185.633843][ T6774] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.677356][ T6774] bond0: (slave bond_slave_0): Releasing backup interface
[  185.736796][ T6774] bond0: (slave bond_slave_1): Releasing backup interface
[  186.041568][ T6785] xt_connbytes: Forcing CT accounting to be enabled
[  186.048552][ T6785] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  186.060694][ T6785] xt_bpf: check failed: parse error
[  186.681440][ T6774] team0: Port device team_slave_0 removed
[  186.895879][ T6774] team0: Port device team_slave_1 removed
[  187.004213][ T6774] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.122682][ T6774] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.247876][ T6774] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.262409][ T6786] block device autoloading is deprecated and will be removed.
[  187.288107][ T6786] syz.2.241: attempt to access beyond end of device
[  187.288107][ T6786] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  187.301194][ T6774] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.383678][ T6789] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  187.436860][ T6789] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  188.103054][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.247'.
[  188.150186][ T6807] xt_TPROXY: Can be used only with -p tcp or -p udp
[  189.051057][ T6816] trusted_key: encrypted_key: insufficient parameters specified
[  189.117111][ T6816] mmap: syz.3.249 (6816) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  189.742157][ T6822] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  190.198824][ T6826] netlink: 'syz.3.252': attribute type 16 has an invalid length.
[  190.231426][ T6826] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.252'.
[  191.113382][ T6840] fuse: Bad value for 'rootmode'
[  191.150608][ T6840] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  191.158261][ T6840] IPv6: NLM_F_CREATE should be set when creating new route
[  191.165647][ T6840] IPv6: NLM_F_CREATE should be set when creating new route
[  192.424955][ T6848] overlayfs: conflicting lowerdir path
[  192.499800][ T6856] FAULT_INJECTION: forcing a failure.
[  192.499800][ T6856] name failslab, interval 1, probability 0, space 0, times 0
[  192.512797][ T6856] CPU: 0 UID: 0 PID: 6856 Comm: syz.1.259 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  192.512818][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.512827][ T6856] Call Trace:
[  192.512833][ T6856]  <TASK>
[  192.512839][ T6856]  dump_stack_lvl+0x189/0x250
[  192.512865][ T6856]  ? __pfx____ratelimit+0x10/0x10
[  192.512887][ T6856]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.512909][ T6856]  ? __pfx__printk+0x10/0x10
[  192.512926][ T6856]  ? __rt6_find_exception_rcu+0x127/0x4c0
[  192.512954][ T6856]  should_fail_ex+0x414/0x560
[  192.512974][ T6856]  should_failslab+0xa8/0x100
[  192.512993][ T6856]  ? __pfx_ip6_dst_gc+0x10/0x10
[  192.513015][ T6856]  kmem_cache_alloc_noprof+0x73/0x3c0
[  192.513031][ T6856]  ? dst_alloc+0x105/0x170
[  192.513050][ T6856]  ? __pfx_ip6_dst_gc+0x10/0x10
[  192.513079][ T6856]  dst_alloc+0x105/0x170
[  192.513110][ T6856]  ip6_pol_route+0xa21/0x1180
[  192.513130][ T6856]  ? ip6_pol_route+0x162/0x1180
[  192.513153][ T6856]  ? __pfx_ip6_pol_route+0x10/0x10
[  192.513171][ T6856]  ? ip6_addr_string+0x246/0x2e0
[  192.513203][ T6856]  ? __pfx_ip6_addr_string+0x10/0x10
[  192.513240][ T6856]  fib6_rule_lookup+0x1fc/0x6f0
[  192.513256][ T6856]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  192.513272][ T6856]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  192.513304][ T6856]  ip6_route_output_flags+0x364/0x5d0
[  192.513320][ T6856]  ? ip6_route_output_flags+0x2e/0x5d0
[  192.513337][ T6856]  ip6_dst_lookup_tail+0x1ae/0x1510
[  192.513360][ T6856]  ? bpf_lsm_capable+0x9/0x20
[  192.513382][ T6856]  ? security_capable+0x7e/0x2e0
[  192.513407][ T6856]  ? __pfx_ip6_dst_lookup_tail+0x10/0x10
[  192.513425][ T6856]  ? ip6_datagram_send_ctl+0x158a/0x17e0
[  192.513459][ T6856]  ip6_dst_lookup_flow+0x47/0xe0
[  192.513479][ T6856]  l2tp_ip6_sendmsg+0xfc6/0x17c0
[  192.513495][ T6856]  ? smack_ipv6host_label+0x81d/0x8e0
[  192.513528][ T6856]  ? __pfx_l2tp_ip6_sendmsg+0x10/0x10
[  192.513541][ T6856]  ? smack_socket_sendmsg+0x460/0x520
[  192.513580][ T6856]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[  192.513610][ T6856]  ? inet_sendmsg+0x2f4/0x370
[  192.513630][ T6856]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  192.513650][ T6856]  __sock_sendmsg+0x19c/0x270
[  192.513674][ T6856]  ____sys_sendmsg+0x52d/0x830
[  192.513695][ T6856]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.513720][ T6856]  ? import_iovec+0x74/0xa0
[  192.513745][ T6856]  ___sys_sendmsg+0x21f/0x2a0
[  192.513765][ T6856]  ? __pfx____sys_sendmsg+0x10/0x10
[  192.513810][ T6856]  ? __fget_files+0x2a/0x420
[  192.513829][ T6856]  ? __fget_files+0x3a0/0x420
[  192.513857][ T6856]  __sys_sendmmsg+0x227/0x430
[  192.513879][ T6856]  ? __pfx___sys_sendmmsg+0x10/0x10
[  192.513895][ T6856]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  192.513938][ T6856]  ? ksys_write+0x22a/0x250
[  192.513957][ T6856]  ? __pfx_ksys_write+0x10/0x10
[  192.513972][ T6856]  ? rcu_is_watching+0x15/0xb0
[  192.513999][ T6856]  __x64_sys_sendmmsg+0xa0/0xc0
[  192.514018][ T6856]  do_syscall_64+0xfa/0x3b0
[  192.514039][ T6856]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.514059][ T6856]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.514074][ T6856]  ? clear_bhb_loop+0x60/0xb0
[  192.514092][ T6856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.514107][ T6856] RIP: 0033:0x7f763ad8e929
[  192.514127][ T6856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.514139][ T6856] RSP: 002b:00007f763bb17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  192.514155][ T6856] RAX: ffffffffffffffda RBX: 00007f763afb6080 RCX: 00007f763ad8e929
[  192.514166][ T6856] RDX: 0000000000000001 RSI: 00002000000038c0 RDI: 0000000000000004
[  192.514175][ T6856] RBP: 00007f763bb17090 R08: 0000000000000000 R09: 0000000000000000
[  192.514184][ T6856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.514193][ T6856] R13: 0000000000000000 R14: 00007f763afb6080 R15: 00007fffecf51598
[  192.514216][ T6856]  </TASK>
[  193.652627][ T6863] sockfs: Unknown parameter 'grpquota'
[  193.904401][ T6869] netlink: 'syz.2.263': attribute type 16 has an invalid length.
[  193.915223][ T6869] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.263'.
[  194.076935][ T5877] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  194.146101][ T6872] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  194.237857][ T5877] usb 2-1: unable to get BOS descriptor or descriptor too short
[  194.262289][ T5877] usb 2-1: not running at top speed; connect to a high speed hub
[  194.341511][ T5877] usb 2-1: too many endpoints for config 1 interface 0 altsetting 3: 65, using maximum allowed: 30
[  194.371153][ T5877] usb 2-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  194.405372][ T5877] usb 2-1: config 1 interface 0 has no altsetting 0
[  194.432150][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.447901][ T5877] usb 2-1: string descriptor 0 read error: -22
[  194.454438][ T5877] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  194.486342][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.547103][ T6880] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  195.633553][ T5877] usb 2-1: USB disconnect, device number 7
[  195.846859][ T6889] netdevsim netdevsim1: Direct firmware load for ..€ failed with error -2
[  195.855745][ T6889] netdevsim netdevsim1: Falling back to sysfs fallback for: ..€
[  203.402311][ T6926] loop6: detected capacity change from 0 to 7
[  203.472314][ T6929] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  203.501125][ T6930] netlink: 12 bytes leftover after parsing attributes in process `syz.0.282'.
[  203.529670][ T6926] Dev loop6: unable to read RDB block 7
[  203.561023][ T6930] netlink: 44 bytes leftover after parsing attributes in process `syz.0.282'.
[  203.578321][ T6926]  loop6: unable to read partition table
[  203.595132][ T6926] loop6: partition table beyond EOD, truncated
[  203.638386][ T6926] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  207.253720][ T6975] ubi31: attaching mtd0
[  207.275166][ T6975] ubi31: scanning is finished
[  207.280185][ T6975] ubi31: empty MTD device detected
[  208.021990][ T6980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.295'.
[  208.169784][ T6975] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  208.662881][ T6980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.295'.
[  210.883801][ T7002] openvswitch: netlink: Message has 24 unknown bytes.
[  212.116822][ T5828] Bluetooth: hci0: command 0x0406 tx timeout
[  213.234225][ T5904] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  213.446812][ T5904] usb 1-1: Using ep0 maxpacket: 32
[  213.503557][ T5904] usb 1-1: config 0 has an invalid interface number: 78 but max is 0
[  213.574011][ T7022] loop6: detected capacity change from 0 to 63
[  213.582301][ T7022] Buffer I/O error on dev loop6, logical block 0, async page read
[  213.590526][ T7022] Buffer I/O error on dev loop6, logical block 1, async page read
[  213.598594][ T7022] Buffer I/O error on dev loop6, logical block 2, async page read
[  213.606510][ T7022] Buffer I/O error on dev loop6, logical block 3, async page read
[  213.615435][ T7023] Buffer I/O error on dev loop6, logical block 0, async page read
[  213.623389][ T7023] Buffer I/O error on dev loop6, logical block 1, async page read
[  213.631317][ T7023] Buffer I/O error on dev loop6, logical block 2, async page read
[  213.639286][ T7023] Buffer I/O error on dev loop6, logical block 3, async page read
[  213.647290][ T7023] Buffer I/O error on dev loop6, logical block 0, async page read
[  213.655371][ T7023] Buffer I/O error on dev loop6, logical block 1, async page read
[  213.683971][ T5904] usb 1-1: config 0 has no interface number 0
[  213.719370][ T5904] usb 1-1: config 0 interface 78 has no altsetting 0
[  213.762264][ T5904] usb 1-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=9b.26
[  213.810733][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.866799][ T5904] usb 1-1: Product: syz
[  213.881282][ T5904] usb 1-1: Manufacturer: syz
[  213.915705][ T5904] usb 1-1: SerialNumber: syz
[  213.953826][ T5904] usb 1-1: config 0 descriptor??
[  213.981001][ T5904]  (null): radio-mr800 - initialization failed
[  214.020026][ T5904] radio-mr800 1-1:0.78: probe with driver radio-mr800 failed with error -8
[  214.041721][ T5904] usbhid 1-1:0.78: couldn't find an input interrupt endpoint
[  214.292032][ T5904] usb 1-1: USB disconnect, device number 6
[  216.811432][ T7054] =======================================================
[  216.811432][ T7054] WARNING: The mand mount option has been deprecated and
[  216.811432][ T7054]          and is ignored by this kernel. Remove the mand
[  216.811432][ T7054]          option from the mount to silence this warning.
[  216.811432][ T7054] =======================================================
[  216.846773][ T7054] bpf: Bad value for 'uid'
[  216.851439][   T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  216.986757][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[  216.992983][ T5831] Bluetooth: hci1: command 0x0406 tx timeout
[  216.999369][ T5831] Bluetooth: hci2: command 0x0406 tx timeout
[  217.006144][ T5831] Bluetooth: hci3: command 0x0406 tx timeout
[  217.036728][   T24] usb 2-1: Using ep0 maxpacket: 16
[  217.059403][   T24] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  217.144793][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.177082][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  217.194778][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  217.205053][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.213598][   T24] usb 2-1: Product: syz
[  217.218551][   T24] usb 2-1: Manufacturer: syz
[  217.223677][   T24] usb 2-1: SerialNumber: syz
[  217.549328][   T24] usb 2-1: 0:2 : does not exist
[  217.571363][   T24] usb 2-1: 1:0: cannot get min/max values for control 4 (id 1)
[  217.618419][ T7071] netlink: 'syz.3.325': attribute type 1 has an invalid length.
[  217.636109][ T7071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.325'.
[  217.814525][   T24] usb 2-1: USB disconnect, device number 8
[  218.284816][ T7095] ubi31: attaching mtd0
[  218.297053][ T7095] ubi31: scanning is finished
[  218.466645][ T7102] FAULT_INJECTION: forcing a failure.
[  218.466645][ T7102] name failslab, interval 1, probability 0, space 0, times 0
[  218.479812][ T7102] CPU: 1 UID: 0 PID: 7102 Comm: syz.4.333 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  218.479840][ T7102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.479852][ T7102] Call Trace:
[  218.479861][ T7102]  <TASK>
[  218.479870][ T7102]  dump_stack_lvl+0x189/0x250
[  218.479907][ T7102]  ? __pfx____ratelimit+0x10/0x10
[  218.479936][ T7102]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.479967][ T7102]  ? __pfx__printk+0x10/0x10
[  218.479995][ T7102]  ? __pfx___might_resched+0x10/0x10
[  218.480036][ T7102]  should_fail_ex+0x414/0x560
[  218.480065][ T7102]  should_failslab+0xa8/0x100
[  218.480089][ T7102]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  218.480112][ T7102]  ? __get_vm_area_node+0x13f/0x300
[  218.480137][ T7102]  __get_vm_area_node+0x13f/0x300
[  218.480162][ T7102]  __vmalloc_node_range_noprof+0x301/0x12f0
[  218.480185][ T7102]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.480211][ T7102]  ? is_bpf_text_address+0x26/0x2b0
[  218.480255][ T7102]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  218.480277][ T7102]  ? __might_fault+0xb0/0x130
[  218.480298][ T7102]  ? _parse_integer_limit+0x1ae/0x1f0
[  218.480324][ T7102]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.480346][ T7102]  __vmalloc_noprof+0xb1/0xf0
[  218.480368][ T7102]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.480393][ T7102]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.480420][ T7102]  bpf_prog_alloc+0x3c/0x1a0
[  218.480445][ T7102]  bpf_prog_load+0x735/0x1930
[  218.480477][ T7102]  ? __pfx_bpf_prog_load+0x10/0x10
[  218.480519][ T7102]  ? bpf_lsm_bpf+0x9/0x20
[  218.480542][ T7102]  ? security_bpf+0x7e/0x300
[  218.480568][ T7102]  __sys_bpf+0x5f1/0x860
[  218.480590][ T7102]  ? __pfx___sys_bpf+0x10/0x10
[  218.480623][ T7102]  ? ksys_write+0x22a/0x250
[  218.480645][ T7102]  ? __pfx_ksys_write+0x10/0x10
[  218.480662][ T7102]  ? rcu_is_watching+0x15/0xb0
[  218.480694][ T7102]  __x64_sys_bpf+0x7c/0x90
[  218.480713][ T7102]  do_syscall_64+0xfa/0x3b0
[  218.480737][ T7102]  ? lockdep_hardirqs_on+0x9c/0x150
[  218.480762][ T7102]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.480782][ T7102]  ? clear_bhb_loop+0x60/0xb0
[  218.480807][ T7102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.480824][ T7102] RIP: 0033:0x7f7f36d8e929
[  218.480840][ T7102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.480855][ T7102] RSP: 002b:00007f7f37bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  218.480873][ T7102] RAX: ffffffffffffffda RBX: 00007f7f36fb6080 RCX: 00007f7f36d8e929
[  218.480886][ T7102] RDX: 0000000000000094 RSI: 0000200000000100 RDI: 0000000000000005
[  218.480897][ T7102] RBP: 00007f7f37bb4090 R08: 0000000000000000 R09: 0000000000000000
[  218.480907][ T7102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.480917][ T7102] R13: 0000000000000000 R14: 00007f7f36fb6080 R15: 00007ffc5b3e3b18
[  218.480942][ T7102]  </TASK>
[  218.481153][ T7102] syz.4.333: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[  218.723643][    C1] vkms_vblank_simulate: vblank timer overrun
[  218.795686][ T7102] ,cpuset=/,mems_allowed=0-1
[  218.800712][ T7102] CPU: 1 UID: 0 PID: 7102 Comm: syz.4.333 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  218.800741][ T7102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.800754][ T7102] Call Trace:
[  218.800763][ T7102]  <TASK>
[  218.800772][ T7102]  dump_stack_lvl+0x189/0x250
[  218.800813][ T7102]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.800845][ T7102]  ? __pfx__printk+0x10/0x10
[  218.800867][ T7102]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  218.800903][ T7102]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  218.800940][ T7102]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  218.800978][ T7102]  warn_alloc+0x214/0x310
[  218.801023][ T7102]  ? __pfx_warn_alloc+0x10/0x10
[  218.801054][ T7102]  ? __get_vm_area_node+0x13f/0x300
[  218.801085][ T7102]  ? __get_vm_area_node+0x2b5/0x300
[  218.801119][ T7102]  __vmalloc_node_range_noprof+0x326/0x12f0
[  218.801150][ T7102]  ? is_bpf_text_address+0x26/0x2b0
[  218.801207][ T7102]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  218.801234][ T7102]  ? __might_fault+0xb0/0x130
[  218.801261][ T7102]  ? _parse_integer_limit+0x1ae/0x1f0
[  218.801292][ T7102]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.801318][ T7102]  __vmalloc_noprof+0xb1/0xf0
[  218.801346][ T7102]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.801378][ T7102]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  218.801412][ T7102]  bpf_prog_alloc+0x3c/0x1a0
[  218.801443][ T7102]  bpf_prog_load+0x735/0x1930
[  218.801485][ T7102]  ? __pfx_bpf_prog_load+0x10/0x10
[  218.801537][ T7102]  ? bpf_lsm_bpf+0x9/0x20
[  218.801566][ T7102]  ? security_bpf+0x7e/0x300
[  218.801597][ T7102]  __sys_bpf+0x5f1/0x860
[  218.801626][ T7102]  ? __pfx___sys_bpf+0x10/0x10
[  218.801667][ T7102]  ? ksys_write+0x22a/0x250
[  218.801694][ T7102]  ? __pfx_ksys_write+0x10/0x10
[  218.801716][ T7102]  ? rcu_is_watching+0x15/0xb0
[  218.801756][ T7102]  __x64_sys_bpf+0x7c/0x90
[  218.801781][ T7102]  do_syscall_64+0xfa/0x3b0
[  218.801812][ T7102]  ? lockdep_hardirqs_on+0x9c/0x150
[  218.801841][ T7102]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.801862][ T7102]  ? clear_bhb_loop+0x60/0xb0
[  218.801888][ T7102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.801909][ T7102] RIP: 0033:0x7f7f36d8e929
[  218.801928][ T7102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.801950][ T7102] RSP: 002b:00007f7f37bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  218.801971][ T7102] RAX: ffffffffffffffda RBX: 00007f7f36fb6080 RCX: 00007f7f36d8e929
[  218.801998][ T7102] RDX: 0000000000000094 RSI: 0000200000000100 RDI: 0000000000000005
[  218.802011][ T7102] RBP: 00007f7f37bb4090 R08: 0000000000000000 R09: 0000000000000000
[  218.802023][ T7102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.802035][ T7102] R13: 0000000000000000 R14: 00007f7f36fb6080 R15: 00007ffc5b3e3b18
[  218.802068][ T7102]  </TASK>
[  218.803634][ T7102] Mem-Info:
[  219.096382][ T7102] active_anon:253 inactive_anon:13151 isolated_anon:0
[  219.096382][ T7102]  active_file:5763 inactive_file:45377 isolated_file:0
[  219.096382][ T7102]  unevictable:768 dirty:153 writeback:0
[  219.096382][ T7102]  slab_reclaimable:10236 slab_unreclaimable:97709
[  219.096382][ T7102]  mapped:37153 shmem:8388 pagetables:1322
[  219.096382][ T7102]  sec_pagetables:0 bounce:0
[  219.096382][ T7102]  kernel_misc_reclaimable:0
[  219.096382][ T7102]  free:1312886 free_pcp:13083 free_cma:0
[  219.141960][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.150306][ T7102] Node 0 active_anon:1012kB inactive_anon:52604kB active_file:22852kB inactive_file:181508kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:148612kB dirty:612kB writeback:0kB shmem:32016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12284kB pagetables:5156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  219.184480][ T7102] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  219.216862][ T7102] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  219.246744][ T7102] lowmem_reserve[]: 0 2501 2503 2503 2503
[  219.253836][ T7102] Node 0 DMA32 free:1330940kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1008kB inactive_anon:54660kB active_file:21100kB inactive_file:181440kB unevictable:1536kB writepending:612kB present:3129332kB managed:2561448kB mlocked:0kB bounce:0kB free_pcp:33592kB local_pcp:11712kB free_cma:0kB
[  219.287069][ T7102] lowmem_reserve[]: 0 0 1 1 1
[  219.291863][ T7102] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1752kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  219.322180][ T7102] lowmem_reserve[]: 0 0 0 0 0
[  219.327040][ T7102] Node 1 Normal free:3905024kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:16584kB local_pcp:8512kB free_cma:0kB
[  219.358401][ T7102] lowmem_reserve[]: 0 0 0 0 0
[  219.363187][ T7102] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  219.375993][ T7102] Node 0 DMA32: 0*4kB 5*8kB (ME) 356*16kB (UM) 222*32kB (UME) 177*64kB (UME) 12*128kB (UM) 12*256kB (UME) 7*512kB (UM) 6*1024kB (M) 7*2048kB (UME) 312*4096kB (UM) = 1330792kB
[  219.393754][ T7102] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  219.406190][ T7102] Node 1 Normal: 212*4kB (UM) 56*8kB (UME) 45*16kB (UME) 99*32kB (UME) 31*64kB (UM) 8*128kB (UM) 4*256kB (UME) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 949*4096kB (M) = 3905024kB
[  219.425359][ T7102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  219.435020][ T7102] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  219.444392][ T7102] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  219.454041][ T7102] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  219.463629][ T7102] 60274 total pagecache pages
[  219.468429][ T7102] 0 pages in swap cache
[  219.472636][ T7102] Free swap  = 124996kB
[  219.476904][ T7102] Total swap = 124996kB
[  219.481111][ T7102] 2097051 pages RAM
[  219.484966][ T7102] 0 pages HighMem/MovableOnly
[  219.489737][ T7102] 424582 pages reserved
[  219.493928][ T7102] 0 pages cma reserved
[  219.606668][ T7095] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  220.244264][ T7110] netlink: 'syz.1.327': attribute type 4 has an invalid length.
[  220.826771][ T5904] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  220.838312][ T7124] netlink: 12 bytes leftover after parsing attributes in process `syz.1.327'.
[  220.868895][ T7124] openvswitch: netlink: Flow key attr not present in new flow.
[  221.009607][ T5904] usb 5-1: Using ep0 maxpacket: 8
[  221.033719][ T5904] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  221.063648][ T5904] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.096210][ T5904] usb 5-1: Product: syz
[  221.167641][ T5904] usb 5-1: Manufacturer: syz
[  221.175580][ T5904] usb 5-1: SerialNumber: syz
[  221.217352][ T5904] usb 5-1: config 0 descriptor??
[  221.332362][ T5904] usb 5-1: selecting invalid altsetting 3
[  221.368869][ T5904] comedi comedi0: could not set alternate setting 3 in high speed
[  221.404450][ T5904] usbdux 5-1:0.0: driver 'usbdux' failed to auto-configure device.
[  221.427814][ T7117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.448066][ T7117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.485894][ T5904] usbdux 5-1:0.0: probe with driver usbdux failed with error -22
[  221.543514][ T5904] usb 5-1: USB disconnect, device number 4
[  222.780261][ T7151] netlink: 52 bytes leftover after parsing attributes in process `syz.0.343'.
[  222.795487][ T7151] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.805234][ T7151] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.886978][ T5809] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  224.091433][ T5809] usb 3-1: Using ep0 maxpacket: 16
[  224.296726][ T5809] usb 3-1: config 252 has an invalid interface number: 15 but max is 0
[  224.305102][ T5809] usb 3-1: config 252 has no interface number 0
[  224.400121][ T5809] usb 3-1: config 252 interface 15 altsetting 0 endpoint 0x83 has invalid maxpacket 255, setting to 64
[  224.641512][ T5809] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29
[  224.651029][ T5809] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.659291][ T5809] usb 3-1: Product: syz
[  224.663608][ T5809] usb 3-1: Manufacturer: syz
[  224.702298][ T5809] usb 3-1: SerialNumber: syz
[  224.778421][ T5809] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  224.956901][ T6181] usb 3-1: Failed to submit usb control message: -71
[  224.966494][ T5809] usb 3-1: USB disconnect, device number 7
[  224.976047][ T6181] usb 3-1: unable to send the bmi data to the device: -71
[  224.992729][ T6181] usb 3-1: unable to get target info from device
[  225.002140][ T6181] usb 3-1: could not get target info (-71)
[  225.009872][ T6181] usb 3-1: could not probe fw (-71)
[  226.236701][ T5902] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  226.598385][ T5902] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  226.759861][ T5902] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 217
[  226.812498][ T5902] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  226.939528][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.992888][ T5902] usb 4-1: config 0 descriptor??
[  227.029704][ T7174] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  227.413752][ T7205] netlink: 24 bytes leftover after parsing attributes in process `syz.2.353'.
[  227.490169][ T7208] netlink: 12 bytes leftover after parsing attributes in process `syz.1.354'.
[  227.538514][ T7208] netlink: 44 bytes leftover after parsing attributes in process `syz.1.354'.
[  227.863371][ T7211] netlink: 12 bytes leftover after parsing attributes in process `syz.0.357'.
[  227.881881][ T7211] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  228.416558][    C1] hrtimer: interrupt took 49998 ns
[  228.866812][ T5902] ath6kl: Failed to submit usb control message: -110
[  228.873629][ T5902] ath6kl: unable to send the bmi data to the device: -110
[  228.968933][ T5902] ath6kl: Unable to send get target info: -110
[  228.996425][ T5902] ath6kl: Failed to init ath6kl core: -110
[  229.264433][ T5902] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -110
[  230.007727][ T5902] usb 4-1: USB disconnect, device number 4
[  231.705864][ T7237] veth1_to_bond: entered allmulticast mode
[  231.959126][ T7237] veth1_to_bond: entered promiscuous mode
[  233.814360][ T5809] libceph: connect (1)[c::]:6789 error -22
[  233.834924][ T5809] libceph: mon0 (1)[c::]:6789 connect error
[  233.926296][ T7257] ceph: No mds server is up or the cluster is laggy
[  234.110480][ T7239] veth1_to_bond: left promiscuous mode
[  234.116222][ T7239] veth1_to_bond: left allmulticast mode
[  234.507458][ T5877] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  234.951393][ T5877] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  234.967226][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.039809][ T5877] usb 4-1: config 0 descriptor??
[  235.108433][ T5877] cp210x 4-1:0.0: cp210x converter detected
[  235.688651][ T7277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.373'.
[  235.697602][ T7277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.373'.
[  235.709918][ T7277] netlink: 4 bytes leftover after parsing attributes in process `syz.0.373'.
[  235.973520][ T5877] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71
[  235.988496][ T5877] cp210x 4-1:0.0: GPIO initialisation failed: -71
[  236.054039][ T5877] usb 4-1: cp210x converter now attached to ttyUSB0
[  236.108994][ T5877] usb 4-1: USB disconnect, device number 5
[  236.129451][ T7286] batadv0: entered promiscuous mode
[  236.135051][ T7286] vlan3: entered promiscuous mode
[  236.148088][ T7287] netlink: 40 bytes leftover after parsing attributes in process `syz.1.374'.
[  236.171990][ T5877] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  236.203226][ T5877] cp210x 4-1:0.0: device disconnected
[  241.616154][ T7337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.388'.
[  241.625149][ T7337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.388'.
[  241.643087][ T7337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.388'.
[  241.660325][   T24] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  241.967114][   T24] usb 1-1: device descriptor read/64, error -71
[  242.320719][   T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  242.547187][ T7352] netlink: 52 bytes leftover after parsing attributes in process `syz.4.393'.
[  242.557416][ T7352] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.566013][   T24] usb 1-1: device descriptor read/64, error -71
[  242.567286][ T7352] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.679049][   T24] usb usb1-port1: attempt power cycle
[  242.830650][ T5809] usb 3-1: new low-speed USB device number 8 using dummy_hcd
[  243.067020][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  243.207472][   T24] usb 1-1: device descriptor read/8, error -71
[  243.216830][ T5809] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  243.252845][ T5809] usb 3-1: config 0 has no interface number 0
[  243.661974][ T5809] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  243.796614][ T5809] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  243.814735][ T5809] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  243.824027][ T5809] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.873029][   T24] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  243.916503][ T5809] usb 3-1: config 0 descriptor??
[  243.924355][ T7351] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  243.927462][   T24] usb 1-1: device descriptor read/8, error -71
[  243.971409][ T5809] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  244.048316][   T24] usb usb1-port1: unable to enumerate USB device
[  244.606478][ T7351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.766198][ T7351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.708903][   T24] usb 3-1: USB disconnect, device number 8
[  251.461004][ T7409] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  251.469755][ T7409] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  251.480972][ T7409] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  251.489030][ T7409] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  252.766202][ T7418] ubi31: attaching mtd0
[  252.772334][ T7418] ubi31: scanning is finished
[  252.870979][ T7418] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  252.878831][ T7418] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  252.886179][ T7418] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  252.893530][ T7418] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  252.902880][ T7418] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  252.909930][ T7418] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  252.918329][ T7418] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2093780265
[  252.928586][ T7418] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  252.948627][ T7422] ubi31: background thread "ubi_bgt31d" started, PID 7422
[  255.873281][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  256.196467][ T7447] netlink: 'syz.0.413': attribute type 4 has an invalid length.
[  256.329800][ T7450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.413'.
[  256.351732][ T7450] openvswitch: netlink: Flow key attr not present in new flow.
[  256.450752][ T7455] FAULT_INJECTION: forcing a failure.
[  256.450752][ T7455] name failslab, interval 1, probability 0, space 0, times 0
[  256.481792][ T7455] CPU: 1 UID: 0 PID: 7455 Comm: syz.1.421 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  256.481825][ T7455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  256.481853][ T7455] Call Trace:
[  256.481861][ T7455]  <TASK>
[  256.481870][ T7455]  dump_stack_lvl+0x189/0x250
[  256.481906][ T7455]  ? __pfx____ratelimit+0x10/0x10
[  256.481936][ T7455]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.481966][ T7455]  ? __pfx__printk+0x10/0x10
[  256.481987][ T7455]  ? crng_make_state+0x3fc/0x700
[  256.482014][ T7455]  ? crng_make_state+0x13a/0x700
[  256.482044][ T7455]  should_fail_ex+0x414/0x560
[  256.482074][ T7455]  should_failslab+0xa8/0x100
[  256.482104][ T7455]  __kmalloc_cache_noprof+0x70/0x3d0
[  256.482129][ T7455]  ? sctp_add_bind_addr+0x8c/0x370
[  256.482167][ T7455]  sctp_add_bind_addr+0x8c/0x370
[  256.482205][ T7455]  sctp_copy_local_addr_list+0x30b/0x4e0
[  256.482241][ T7455]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  256.482274][ T7455]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  256.482316][ T7455]  ? sctp_v6_is_any+0x64/0x80
[  256.482339][ T7455]  ? sctp_copy_one_addr+0x93/0x360
[  256.482375][ T7455]  sctp_bind_addr_copy+0xb3/0x3c0
[  256.482409][ T7455]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  256.482442][ T7455]  sctp_connect_new_asoc+0x2e0/0x690
[  256.482471][ T7455]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  256.482493][ T7455]  ? __local_bh_enable_ip+0x12d/0x1c0
[  256.482531][ T7455]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  256.482558][ T7455]  ? security_sctp_bind_connect+0x7e/0x2e0
[  256.482588][ T7455]  sctp_sendmsg+0x155c/0x2810
[  256.482626][ T7455]  ? __pfx_sctp_sendmsg+0x10/0x10
[  256.482672][ T7455]  ? sock_rps_record_flow+0x19/0x410
[  256.482707][ T7455]  ? inet_sendmsg+0x2f4/0x370
[  256.482742][ T7455]  __sock_sendmsg+0x19c/0x270
[  256.482777][ T7455]  ____sys_sendmsg+0x52d/0x830
[  256.482808][ T7455]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.482844][ T7455]  ? import_iovec+0x74/0xa0
[  256.482880][ T7455]  ___sys_sendmsg+0x21f/0x2a0
[  256.482907][ T7455]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.482974][ T7455]  ? __fget_files+0x2a/0x420
[  256.483001][ T7455]  ? __fget_files+0x3a0/0x420
[  256.483040][ T7455]  __sys_sendmmsg+0x227/0x430
[  256.483072][ T7455]  ? __pfx___sys_sendmmsg+0x10/0x10
[  256.483093][ T7455]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  256.483153][ T7455]  ? ksys_write+0x22a/0x250
[  256.483180][ T7455]  ? __pfx_ksys_write+0x10/0x10
[  256.483201][ T7455]  ? rcu_is_watching+0x15/0xb0
[  256.483239][ T7455]  __x64_sys_sendmmsg+0xa0/0xc0
[  256.483264][ T7455]  do_syscall_64+0xfa/0x3b0
[  256.483294][ T7455]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.483329][ T7455]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.483349][ T7455]  ? clear_bhb_loop+0x60/0xb0
[  256.483375][ T7455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.483395][ T7455] RIP: 0033:0x7f763ad8e929
[  256.483415][ T7455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.483432][ T7455] RSP: 002b:00007f763bb38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  256.483455][ T7455] RAX: ffffffffffffffda RBX: 00007f763afb5fa0 RCX: 00007f763ad8e929
[  256.483470][ T7455] RDX: 0000000000000001 RSI: 0000200000003d80 RDI: 0000000000000003
[  256.483483][ T7455] RBP: 00007f763bb38090 R08: 0000000000000000 R09: 0000000000000000
[  256.483495][ T7455] R10: 0000000000008004 R11: 0000000000000246 R12: 0000000000000001
[  256.483508][ T7455] R13: 0000000000000000 R14: 00007f763afb5fa0 R15: 00007fffecf51598
[  256.483541][ T7455]  </TASK>
[  257.543300][ T7466] capability: warning: `syz.2.424' uses 32-bit capabilities (legacy support in use)
[  257.733234][ T7468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.425'.
[  257.760642][ T7468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.425'.
[  257.796178][ T7468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.425'.
[  259.560499][ T7490] FAULT_INJECTION: forcing a failure.
[  259.560499][ T7490] name failslab, interval 1, probability 0, space 0, times 0
[  259.560552][ T7490] CPU: 0 UID: 0 PID: 7490 Comm: syz.3.432 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  259.560578][ T7490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.560590][ T7490] Call Trace:
[  259.560598][ T7490]  <TASK>
[  259.560608][ T7490]  dump_stack_lvl+0x189/0x250
[  259.560645][ T7490]  ? __pfx____ratelimit+0x10/0x10
[  259.560675][ T7490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.560707][ T7490]  ? __pfx__printk+0x10/0x10
[  259.560735][ T7490]  ? __pfx___might_resched+0x10/0x10
[  259.560765][ T7490]  ? fs_reclaim_acquire+0x7d/0x100
[  259.560801][ T7490]  should_fail_ex+0x414/0x560
[  259.560832][ T7490]  should_failslab+0xa8/0x100
[  259.560862][ T7490]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  259.560889][ T7490]  ? ovs_flow_alloc+0x103/0x1f0
[  259.560924][ T7490]  ovs_flow_alloc+0x103/0x1f0
[  259.560964][ T7490]  ovs_flow_cmd_new+0x1ee/0xd80
[  259.560993][ T7490]  ? netlink_sendmsg+0x731/0xb30
[  259.561016][ T7490]  ? ___sys_sendmsg+0x21f/0x2a0
[  259.561047][ T7490]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  259.561136][ T7490]  ? __nla_parse+0x40/0x60
[  259.561169][ T7490]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  259.561209][ T7490]  genl_family_rcv_msg_doit+0x212/0x300
[  259.561248][ T7490]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  259.561294][ T7490]  ? bpf_lsm_capable+0x9/0x20
[  259.561325][ T7490]  ? security_capable+0x7e/0x2e0
[  259.561364][ T7490]  genl_rcv_msg+0x60e/0x790
[  259.561402][ T7490]  ? __pfx_genl_rcv_msg+0x10/0x10
[  259.561428][ T7490]  ? ref_tracker_free+0x63a/0x7d0
[  259.561454][ T7490]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  259.561486][ T7490]  ? __pfx_ref_tracker_free+0x10/0x10
[  259.561526][ T7490]  netlink_rcv_skb+0x208/0x470
[  259.561550][ T7490]  ? __pfx_genl_rcv_msg+0x10/0x10
[  259.561581][ T7490]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  259.561624][ T7490]  ? down_read+0x1ad/0x2e0
[  259.561648][ T7490]  genl_rcv+0x28/0x40
[  259.561674][ T7490]  netlink_unicast+0x75b/0x8d0
[  259.561721][ T7490]  netlink_sendmsg+0x805/0xb30
[  259.561756][ T7490]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.561790][ T7490]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  259.561815][ T7490]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.561840][ T7490]  __sock_sendmsg+0x21c/0x270
[  259.561875][ T7490]  ____sys_sendmsg+0x505/0x830
[  259.561907][ T7490]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.561951][ T7490]  ? import_iovec+0x74/0xa0
[  259.561989][ T7490]  ___sys_sendmsg+0x21f/0x2a0
[  259.562017][ T7490]  ? __pfx____sys_sendmsg+0x10/0x10
[  259.562085][ T7490]  ? __fget_files+0x2a/0x420
[  259.562113][ T7490]  ? __fget_files+0x3a0/0x420
[  259.562155][ T7490]  __x64_sys_sendmsg+0x19b/0x260
[  259.562183][ T7490]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  259.562221][ T7490]  ? __pfx_ksys_write+0x10/0x10
[  259.562243][ T7490]  ? rcu_is_watching+0x15/0xb0
[  259.562282][ T7490]  ? do_syscall_64+0xbe/0x3b0
[  259.562319][ T7490]  do_syscall_64+0xfa/0x3b0
[  259.562349][ T7490]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.562378][ T7490]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.562400][ T7490]  ? clear_bhb_loop+0x60/0xb0
[  259.562427][ T7490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.562448][ T7490] RIP: 0033:0x7f059918e929
[  259.562468][ T7490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.562486][ T7490] RSP: 002b:00007f0596ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.562508][ T7490] RAX: ffffffffffffffda RBX: 00007f05993b5fa0 RCX: 00007f059918e929
[  259.562524][ T7490] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000004
[  259.562537][ T7490] RBP: 00007f0596ff6090 R08: 0000000000000000 R09: 0000000000000000
[  259.562550][ T7490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.562563][ T7490] R13: 0000000000000000 R14: 00007f05993b5fa0 R15: 00007ffe76cd2728
[  259.562597][ T7490]  </TASK>
[  259.775861][ T7497] trusted_key: encrypted_key: insufficient parameters specified
[  265.247444][ T7506] tty tty1: ldisc open failed (-12), clearing slot 0
[  265.931245][ T7536] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  266.971294][ T7546] netlink: 'syz.3.444': attribute type 4 has an invalid length.
[  267.044954][ T7547] netlink: 12 bytes leftover after parsing attributes in process `syz.3.444'.
[  267.062205][ T5902] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  267.090211][ T7547] openvswitch: netlink: Flow key attr not present in new flow.
[  267.226813][ T5902] usb 3-1: Using ep0 maxpacket: 16
[  267.252688][ T5902] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.276328][ T5902] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.375051][ T5902] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  267.518272][ T5902] usb 3-1: config 0 interface 0 has no altsetting 0
[  267.528753][ T5902] usb 3-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  267.549583][ T5902] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.589969][ T5902] usb 3-1: config 0 descriptor??
[  268.660609][ T7544] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.904818][ T7544] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.959818][ T5902] hid (null): bogus close delimiter
[  269.899193][ T5902] hid-generic 0003:045E:05DA.0002: unknown main item tag 0x5
[  269.909590][ T5902] hid-generic 0003:045E:05DA.0002: bogus close delimiter
[  269.916833][ T5902] hid-generic 0003:045E:05DA.0002: item 0 0 2 10 parsing failed
[  269.930764][ T5902] hid-generic 0003:045E:05DA.0002: probe with driver hid-generic failed with error -22
[  270.705364][ T1218] usb 3-1: USB disconnect, device number 9
[  270.901750][ T7572] netlink: 52 bytes leftover after parsing attributes in process `syz.2.455'.
[  270.914028][ T7572] bridge0: port 3(syz_tun) entered disabled state
[  270.922544][ T7572] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.931757][ T7572] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.139304][ T7584] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  272.627965][ T7581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.460'.
[  272.924578][ T7592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.460'.
[  276.395792][ T7628] use of bytesused == 0 is deprecated and will be removed in the future,
[  276.405265][ T7628] use the actual size instead.
[  276.687313][ T7628] futex_wake_op: syz.0.468 tries to shift op by 535; fix this program
[  280.929691][ T7669] overlayfs: failed to resolve './control': -2
[  283.552225][ T7683] evm: overlay not supported
[  283.618017][ T7685] netlink: 24 bytes leftover after parsing attributes in process `syz.3.490'.
[  283.630069][ T7688] netlink: 60 bytes leftover after parsing attributes in process `syz.2.487'.
[  283.639638][ T7688] netlink: 60 bytes leftover after parsing attributes in process `syz.2.487'.
[  284.650716][ T7703] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  284.680368][ T7703] netlink: 184 bytes leftover after parsing attributes in process `syz.0.492'.
[  284.696671][ T7703] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  284.827001][ T7690] delete_channel: no stack
[  285.285953][ T7722] netlink: 12 bytes leftover after parsing attributes in process `syz.3.498'.
[  285.318284][ T7723] netlink: 12 bytes leftover after parsing attributes in process `syz.0.499'.
[  285.336993][ T7722] netlink: 44 bytes leftover after parsing attributes in process `syz.3.498'.
[  285.364917][ T7723] netlink: 44 bytes leftover after parsing attributes in process `syz.0.499'.
[  286.784031][ T7739] program syz.0.503 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.207845][ T5809] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  287.467315][ T7726] delete_channel: no stack
[  287.583923][ T5809] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  287.663666][ T5809] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  287.708945][ T5809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.782748][ T5809] usb 1-1: config 0 descriptor??
[  287.822963][ T7739] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  287.991171][ T7751] can0: slcan on ttyS3.
[  288.068725][ T7739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.087315][ T7739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.345473][  T976] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  288.566288][ T5809] elan 0003:04F3:0755.0003: unknown main item tag 0x0
[  288.652892][  T976] usb 4-1: Using ep0 maxpacket: 32
[  288.667976][ T5809] elan 0003:04F3:0755.0003: unknown main item tag 0x0
[  288.726835][ T5809] elan 0003:04F3:0755.0003: unknown main item tag 0x0
[  288.746685][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  288.760351][  T976] usb 4-1: config 0 has an invalid interface number: 230 but max is 0
[  288.776754][ T5809] elan 0003:04F3:0755.0003: unknown main item tag 0x0
[  288.783663][ T5809] elan 0003:04F3:0755.0003: unknown main item tag 0x0
[  288.791398][  T976] usb 4-1: config 0 has no interface number 0
[  288.800108][  T976] usb 4-1: config 0 interface 230 has no altsetting 0
[  288.809934][  T976] usb 4-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  288.832354][  T976] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.857721][ T5809] elan 0003:04F3:0755.0003: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[  289.331366][  T976] usb 4-1: Product: syz
[  289.348842][  T976] usb 4-1: Manufacturer: syz
[  289.365340][  T976] usb 4-1: SerialNumber: syz
[  289.387724][  T976] usb 4-1: config 0 descriptor??
[  289.411319][  T976] ums-usbat 4-1:0.230: USB Mass Storage device detected
[  289.492153][  T976] ums-usbat 4-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  289.650899][ T7749] can0 (unregistered): slcan off ttyS3.
[  289.804010][  T976] ums-usbat 4-1:0.230: probe with driver ums-usbat failed with error -5
[  289.879992][  T976] usb 4-1: USB disconnect, device number 6
[  289.909564][ T7777] netlink: 12 bytes leftover after parsing attributes in process `syz.2.513'.
[  289.941427][ T7777] netlink: 44 bytes leftover after parsing attributes in process `syz.2.513'.
[  291.118628][ T7788] netlink: 52 bytes leftover after parsing attributes in process `syz.2.515'.
[  291.234953][ T5904] usb 1-1: USB disconnect, device number 11
[  292.318733][ T7796] ------------[ cut here ]------------
[  292.324529][ T7796] WARNING: CPU: 0 PID: 7796 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x2c8/0x370
[  292.335763][ T7796] Modules linked in:
[  292.340678][ T7796] CPU: 0 UID: 0 PID: 7796 Comm: syz.3.518 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  292.352733][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.362939][ T7796] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[  292.369697][ T7796] Code: 74 10 4c 89 e7 89 54 24 0c e8 54 14 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 56 43 75 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  292.389477][ T7796] RSP: 0000:ffffc90003ecf9c0 EFLAGS: 00010246
[  292.395597][ T7796] RAX: ffffc90003ecfa00 RBX: 000000000000001c RCX: 0000000000000000
[  292.404584][ T7796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003ecfa28
[  292.413738][ T7796] RBP: ffffc90003ecfaa8 R08: ffffc90003ecfa27 R09: 0000000000000000
[  292.422347][ T7796] R10: ffffc90003ecfa00 R11: fffff520007d9f45 R12: 0000000000000000
[  292.431732][ T7796] R13: 1ffff920007d9f3c R14: 0000000000040d40 R15: dffffc0000000000
[  292.440459][ T7796] FS:  00007f0596ff66c0(0000) GS:ffff888125c84000(0000) knlGS:0000000000000000
[  292.449748][ T7796] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  292.456372][ T7796] CR2: 0000200000001000 CR3: 0000000078898000 CR4: 00000000003526f0
[  292.464501][ T7796] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  292.472585][ T7796] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  292.480751][ T7796] Call Trace:
[  292.484056][ T7796]  <TASK>
[  292.487060][ T7796]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  292.493427][ T7796]  ? v9fs_fid_xattr_get+0x237/0x2e0
[  292.498687][ T7796]  __alloc_pages_noprof+0xa/0x30
[  292.503649][ T7796]  ___kmalloc_large_node+0x85/0x210
[  292.508968][ T7796]  __kmalloc_large_node_noprof+0x18/0x90
[  292.514621][ T7796]  __kmalloc_noprof+0x36f/0x4f0
[  292.519524][ T7796]  ? v9fs_fid_get_acl+0x4f/0x100
[  292.524477][ T7796]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[  292.531496][ T7796]  v9fs_fid_get_acl+0x4f/0x100
[  292.536300][ T7796]  v9fs_get_acl+0x11b/0x360
[  292.541274][ T7796]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[  292.546898][ T7796]  v9fs_mount+0x6cb/0xa10
[  292.551253][ T7796]  ? __pfx_v9fs_mount+0x10/0x10
[  292.556198][ T7796]  ? rcu_is_watching+0x15/0xb0
[  292.561032][ T7796]  ? cap_capable+0x11f/0x460
[  292.565667][ T7796]  legacy_get_tree+0xfa/0x1a0
[  292.570430][ T7796]  ? __pfx_v9fs_mount+0x10/0x10
[  292.575299][ T7796]  vfs_get_tree+0x8f/0x2b0
[  292.579777][ T7796]  do_new_mount+0x24a/0xa40
[  292.584326][ T7796]  __se_sys_mount+0x317/0x410
[  292.589114][ T7796]  ? __pfx___se_sys_mount+0x10/0x10
[  292.594363][ T7796]  ? rcu_is_watching+0x15/0xb0
[  292.599261][ T7796]  ? do_syscall_64+0xbe/0x3b0
[  292.604010][ T7796]  ? __x64_sys_mount+0x20/0xc0
[  292.608923][ T7796]  do_syscall_64+0xfa/0x3b0
[  292.613498][ T7796]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.619762][ T7796]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  292.625471][ T7796]  ? clear_bhb_loop+0x60/0xb0
[  292.630311][ T7796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.636972][ T7796] RIP: 0033:0x7f059918e929
[  292.641462][ T7796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.661726][ T7796] RSP: 002b:00007f0596ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  292.670348][ T7796] RAX: ffffffffffffffda RBX: 00007f05993b5fa0 RCX: 00007f059918e929
[  292.678404][ T7796] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[  292.686402][ T7796] RBP: 00007f0599210b39 R08: 0000200000000580 R09: 0000000000000000
[  292.694429][ T7796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  292.702481][ T7796] R13: 0000000000000000 R14: 00007f05993b5fa0 R15: 00007ffe76cd2728
[  292.710586][ T7796]  </TASK>
[  292.713643][ T7796] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  292.720956][ T7796] CPU: 0 UID: 0 PID: 7796 Comm: syz.3.518 Not tainted 6.16.0-rc3-syzkaller-00233-g35e261cd95dd #0 PREEMPT(full) 
[  292.732864][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.742951][ T7796] Call Trace:
[  292.746248][ T7796]  <TASK>
[  292.749194][ T7796]  dump_stack_lvl+0x99/0x250
[  292.753815][ T7796]  ? __asan_memcpy+0x40/0x70
[  292.758428][ T7796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.763668][ T7796]  ? __pfx__printk+0x10/0x10
[  292.768284][ T7796]  panic+0x2db/0x790
[  292.772208][ T7796]  ? __pfx_panic+0x10/0x10
[  292.776649][ T7796]  ? show_trace_log_lvl+0x4fb/0x550
[  292.781896][ T7796]  __warn+0x31b/0x4b0
[  292.785900][ T7796]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  292.791912][ T7796]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  292.797931][ T7796]  report_bug+0x2be/0x4f0
[  292.802291][ T7796]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  292.808344][ T7796]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  292.814379][ T7796]  ? __alloc_frozen_pages_noprof+0x2ca/0x370
[  292.820392][ T7796]  handle_bug+0x84/0x160
[  292.824667][ T7796]  exc_invalid_op+0x1a/0x50
[  292.829186][ T7796]  asm_exc_invalid_op+0x1a/0x20
[  292.834049][ T7796] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[  292.840675][ T7796] Code: 74 10 4c 89 e7 89 54 24 0c e8 54 14 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 56 43 75 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  292.860304][ T7796] RSP: 0000:ffffc90003ecf9c0 EFLAGS: 00010246
[  292.866392][ T7796] RAX: ffffc90003ecfa00 RBX: 000000000000001c RCX: 0000000000000000
[  292.874381][ T7796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003ecfa28
[  292.882382][ T7796] RBP: ffffc90003ecfaa8 R08: ffffc90003ecfa27 R09: 0000000000000000
[  292.890389][ T7796] R10: ffffc90003ecfa00 R11: fffff520007d9f45 R12: 0000000000000000
[  292.898473][ T7796] R13: 1ffff920007d9f3c R14: 0000000000040d40 R15: dffffc0000000000
[  292.906482][ T7796]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  292.912869][ T7796]  ? v9fs_fid_xattr_get+0x237/0x2e0
[  292.918092][ T7796]  __alloc_pages_noprof+0xa/0x30
[  292.923051][ T7796]  ___kmalloc_large_node+0x85/0x210
[  292.928278][ T7796]  __kmalloc_large_node_noprof+0x18/0x90
[  292.933930][ T7796]  __kmalloc_noprof+0x36f/0x4f0
[  292.938797][ T7796]  ? v9fs_fid_get_acl+0x4f/0x100
[  292.943756][ T7796]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[  292.950109][ T7796]  v9fs_fid_get_acl+0x4f/0x100
[  292.954897][ T7796]  v9fs_get_acl+0x11b/0x360
[  292.959428][ T7796]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[  292.965024][ T7796]  v9fs_mount+0x6cb/0xa10
[  292.969414][ T7796]  ? __pfx_v9fs_mount+0x10/0x10
[  292.974319][ T7796]  ? rcu_is_watching+0x15/0xb0
[  292.979147][ T7796]  ? cap_capable+0x11f/0x460
[  292.983793][ T7796]  legacy_get_tree+0xfa/0x1a0
[  292.988535][ T7796]  ? __pfx_v9fs_mount+0x10/0x10
[  292.993432][ T7796]  vfs_get_tree+0x8f/0x2b0
[  292.997892][ T7796]  do_new_mount+0x24a/0xa40
[  293.002430][ T7796]  __se_sys_mount+0x317/0x410
[  293.007136][ T7796]  ? __pfx___se_sys_mount+0x10/0x10
[  293.012375][ T7796]  ? rcu_is_watching+0x15/0xb0
[  293.017217][ T7796]  ? do_syscall_64+0xbe/0x3b0
[  293.021933][ T7796]  ? __x64_sys_mount+0x20/0xc0
[  293.026750][ T7796]  do_syscall_64+0xfa/0x3b0
[  293.031287][ T7796]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.037388][ T7796]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  293.043094][ T7796]  ? clear_bhb_loop+0x60/0xb0
[  293.047824][ T7796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.053757][ T7796] RIP: 0033:0x7f059918e929
[  293.058209][ T7796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.077844][ T7796] RSP: 002b:00007f0596ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  293.086282][ T7796] RAX: ffffffffffffffda RBX: 00007f05993b5fa0 RCX: 00007f059918e929
[  293.094293][ T7796] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[  293.102312][ T7796] RBP: 00007f0599210b39 R08: 0000200000000580 R09: 0000000000000000
[  293.110310][ T7796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  293.118297][ T7796] R13: 0000000000000000 R14: 00007f05993b5fa0 R15: 00007ffe76cd2728
[  293.126332][ T7796]  </TASK>
[  293.129656][ T7796] Kernel Offset: disabled
[  293.134029][ T7796] Rebooting in 86400 seconds..