last executing test programs:

2m44.839828325s ago: executing program 1 (id=1795):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x82, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xff7fff01, 0x6, 0x3, 0x7, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0x7, 0x3, 0x7, 0x3, 0x8, 0x4c74, 0xffff, 0x242, 0x100003, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8e, 0x5, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x400002, 0x7, 0x9, 0x8, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x800100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x400, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x9, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x5, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9622, 0x20007, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x0, 0x30b1d693, 0xa1f, 0x3, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mount(0x0, 0x0, 0x0, 0x400080, &(0x7f00000001c0)='discard')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x4b, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000340)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x83, &(0x7f0000000080), 0x8)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x119c01, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000180)=0x2)
r5 = dup(r3)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000480)=ANY=[@ANYBLOB="73000000000000008b"])
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, &(0x7f0000000040)={0x808, r1}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0xfffffffc, 0x10, 0xff, 0xff})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[], 0xb4}, 0x1, 0x0, 0x0, 0x40800}, 0x4002001)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x7}, 0x1, 0x0, 0x0, 0xff8d}, 0x9884)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
quotactl$Q_SETINFO(0xffffffff80000602, 0x0, 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)

2m44.6704552s ago: executing program 1 (id=1796):
openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="010000004100fcdbdf2501000000100002800600018008000100000000000c00018008000100", @ANYRES32], 0x30}}, 0x2000c050)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)
syz_open_dev$video(0x0, 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800195032303030"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000b40)="6a848a56cb010f072f021946747e160aa05db010b4a5e901b5411d46459a81", &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)

2m43.520528106s ago: executing program 1 (id=1798):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x5, 0x6}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1d, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fffffc, @void, @value}, 0x94)
r3 = dup3(r1, r2, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4095, 0xfff, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffecd, 0x0, 0x0}, &(0x7f0000001380)=0x40)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$keyring(&(0x7f0000004f40), 0x0, 0x0, 0x0, 0xfffffffffffffffd)

2m36.775285148s ago: executing program 3 (id=1813):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073114100000000008510f3ff000000004000009500c200000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0x7, &(0x7f0000000380)={0xc, 0x7f}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f0000907000/0x1000)=nil, 0x1000, 0xb)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4f5d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
r7 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x10)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
close(r9)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r0, 0x0, 0x0}, 0x10)

2m36.362306369s ago: executing program 1 (id=1815):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f00000000c0)=0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$netlink(0x10, 0x3, 0xf)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x21}, 0x10000}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @dev={0xfe, 0x80, '\x00', 0x10}, 0x3a}, 0x1c)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000040)=0x7b65, 0x4)
r6 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x1, 0x1, 0x4})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x5}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2m35.13657788s ago: executing program 1 (id=1817):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text32={0x20, &(0x7f00000000c0)="0f20c035000000400f22c0c4c262f78e00100000673e360f3566baf80cb87cec6181ef66bafc0ced0f7535cd1f0000f30fc7733f0f01cf66b865000f00d866baf80cb8a84a108fef66bafc0cb800880000ef0fae04f6", 0x56}], 0x1, 0x70, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000070000000800000000000000", @ANYRES32, @ANYBLOB="00009a00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000440)={0x7, 0x0, [{0xa9c, 0x0, 0x100000001}, {0x9bf, 0x0, 0x7}, {0xb3e, 0x0, 0x8}, {0x820, 0x0, 0x9}, {0x873}, {0x0, 0x0, 0x7}, {0xa2a, 0x0, 0x8}]}) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000faffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="30000000020301020000000000000000000000000900020000000047020000000800034000000000080001"], 0x30}}, 0x20000000) (async, rerun: 64)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x74, &(0x7f0000000000)=[{&(0x7f0000000140)="89000000120081ae08060cdc016b3f087f03e3520000000000e2ffca1b1f000000000cc00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120800030004010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) (async)
connect$inet6(r5, &(0x7f00000004c0)={0xa, 0x0, 0x0, @loopback, 0x800}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x2, 0x2ff7afedf}, 0xc) (async)
bind$netlink(r6, &(0x7f0000514ff4), 0xc)
setsockopt$SO_BINDTODEVICE_wg(r5, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000300)=@gcm_128={{0x303}, "fc67d0794e26f8f7", "c5991ee20139b401046a89606ffcf92e", "2c5be7c6", "a0ca05c0707e52f4"}, 0x28) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m35.063313832s ago: executing program 3 (id=1818):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x100000, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x20000253)

2m33.959295154s ago: executing program 1 (id=1821):
r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0xb, 0x8, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket(0x1, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000240), &(0x7f0000000180)=@tcp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000440), &(0x7f00000002c0)=@tcp6=r2}, 0x20)
read(r0, &(0x7f0000000080)=""/116, 0xfffffeb2)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5800000010000300"/20, @ANYRES32=r5, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028005000400010000001c001a8018000a8014000700"], 0x58}, 0x1, 0x2}, 0x0)

2m33.41854439s ago: executing program 32 (id=1821):
r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0xb, 0x8, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket(0x1, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000240), &(0x7f0000000180)=@tcp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000440), &(0x7f00000002c0)=@tcp6=r2}, 0x20)
read(r0, &(0x7f0000000080)=""/116, 0xfffffeb2)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5800000010000300"/20, @ANYRES32=r5, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028005000400010000001c001a8018000a8014000700"], 0x58}, 0x1, 0x2}, 0x0)

2m33.401488242s ago: executing program 3 (id=1823):
r0 = gettid()
prctl$PR_SCHED_CORE(0x41555856, 0xfffff7ffffffffff, r0, 0x2, 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009a65d0860040800dee20102030109021b0500000000000904"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

2m32.011277453s ago: executing program 3 (id=1827):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f00000000c0)=0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$netlink(0x10, 0x3, 0xf)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x21}, 0x10000}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @dev={0xfe, 0x80, '\x00', 0x10}, 0x3a}, 0x1c)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000040)=0x7b65, 0x4)
r6 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x1, 0x1, 0x4})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x5}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2m31.004391608s ago: executing program 3 (id=1828):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000800)={0xa0, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x3c, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x2c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MAX]}, @CTA_NAT_PROTO={0x31, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6}]}]}]}, 0xa0}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f00001e9000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000353000/0x4000)=nil, 0x4000)
mlock(&(0x7f00007b0000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f000026f000/0x2000)=nil)
openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
dup(r1)
socket$rxrpc(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@host})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m30.435301336s ago: executing program 3 (id=1831):
syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r0, 0x0}])

2m29.040764127s ago: executing program 33 (id=1831):
syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r0, 0x0}])

30.178378558s ago: executing program 4 (id=2173):
io_uring_setup(0x2d58, &(0x7f0000000380)={0x0, 0x62cc, 0x400, 0x8000002, 0x3f7})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x8400, 0x0)
r0 = socket(0x1e, 0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10)
socket(0x1e, 0x4, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
r1 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
setns(r1, 0x4000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x2, 0x8800)
creat(&(0x7f00000002c0)='./file0\x00', 0x31)
read$usbmon(r3, &(0x7f0000000100)=""/113, 0x71)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f040000000400000000000000000031af5c932a7400000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
keyctl$session_to_parent(0x12)
r4 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x4}, &(0x7f0000001200)=<r5=>0x0, &(0x7f0000001040)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x1e, 0x0, 0xffffffffffffffff, &(0x7f0000000000)={0x80, 0x8, 0x6}, 0x0, 0x18, 0x0, 0x23456})
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0)

28.006973747s ago: executing program 4 (id=2178):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x2, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}, {0xd9, 0x97, 0x4, 0xffff}]}) (async)
fsopen(&(0x7f0000000100)='msdos\x00', 0x0) (async)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0) (async, rerun: 32)
r0 = getpid() (rerun: 32)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async)
syz_open_procfs(r0, &(0x7f0000000080)='statm\x00') (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c000000120005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0094000000000000140012800400010076657468000000040400028808000a00", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async, rerun: 64)
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x40004)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid() (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (rerun: 64)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@gettclass={0x24, 0x2a, 0x400, 0x70bd2b, 0x35dfdbff, {0x0, 0x0, 0x0, 0x0, {0x4, 0xffff}, {0xd, 0xa}, {0x3, 0xf}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="043e7522"], 0x24)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) (async)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)

27.816279177s ago: executing program 4 (id=2180):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1000}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x4, 0x230001)
r2 = syz_usb_connect(0x2, 0x24, &(0x7f00000001c0)=ANY=[], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000780)={0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="00000100000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000180))
getpid() (async)
r3 = getpid()
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$int_in(r4, 0x5421, &(0x7f0000000100)=0x4) (async)
ioctl$int_in(r4, 0x5421, &(0x7f0000000100)=0x4)
bind$bt_sco(r4, &(0x7f0000000000)={0x1f, @none}, 0x8)
listen(r4, 0x0) (async)
listen(r4, 0x0)
accept(r4, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000280), 0x0) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000280), 0x0)
syz_emit_vhci(0x0, 0x10) (async)
syz_emit_vhci(0x0, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r7}, 0x10)
execveat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x100)
mount$nfs(&(0x7f0000000040)='@\a', &(0x7f0000000000)='./file1\x00', 0x0, 0x28, 0x0) (async)
mount$nfs(&(0x7f0000000040)='@\a', &(0x7f0000000000)='./file1\x00', 0x0, 0x28, 0x0)
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)

24.594872164s ago: executing program 4 (id=2189):
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x268, 0xffffffff, 0xffffffff, 0x268, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast1, @local, [], [], 'gretap0\x00', 'nr0\x00'}, 0x0, 0xa8, 0xf0, 0x60030000, {0x0, 0xff000000}}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'macvlan1\x00'}}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0xffffffff, 0xfffffe00}}, @common=@hbh={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x8, &(0x7f0000000240)={[{@nfs_export_on}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off}]})

24.392800502s ago: executing program 4 (id=2191):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x37, 0x301, 0x270bd24, 0x25dfdbfc, {0x10}}, 0x14}}, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

24.272946278s ago: executing program 4 (id=2192):
syz_io_uring_setup(0x5169, 0x0, 0x0, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
rt_sigaction(0x8, 0x0, 0x0, 0x8, &(0x7f0000000300))
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001200)=ANY=[@ANYBLOB="1c000000220001062abd"], 0x1c}], 0x1}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x70bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r8, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff3, 0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x4, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0002, 0x5, 0x36, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x2, 0x114b6000, 0xfffffffb, 0x2a70, 0xffff73d0, 0x5, 0x5, 0x0, 0xa, 0x45, 0x0, 0x8, 0x5, 0xba44, 0x3, 0x60b, 0x80000000, 0x7, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xfffffff8, 0x5, 0x6, 0x1a0055ee, 0x1, 0x1, 0xffff4226, 0x6, 0x0, 0x5, 0x100, 0x4, 0x1, 0x2, 0x800, 0xf9, 0x400, 0x9, 0x2, 0x8, 0x2f, 0xfffffff8, 0x0, 0x101, 0x9, 0x7, 0x0, 0x5, 0x5, 0x3, 0x6, 0x10000, 0x5, 0x8, 0x2, 0x9b58, 0x5, 0xb, 0x4be, 0xe, 0xef, 0xa, 0xcaa, 0x9fa7, 0xfffeffff, 0x38, 0x400004, 0x0, 0x9, 0x44d, 0x6, 0x161f, 0x8, 0xfffffff5, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x6, 0x9, 0x3, 0x7, 0x4, 0x6, 0x7, 0x8002, 0x7, 0x7, 0x7, 0xc3c, 0x3, 0x28000000, 0x8, 0x30c7, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x7, 0x401, 0xa97, 0x4, 0x422dd3f4, 0x4, 0x8, 0x2, 0x8, 0x10000, 0x8c1, 0x0, 0x45ba, 0x9, 0x864b, 0x0, 0x7, 0x7, 0x1, 0x0, 0x81, 0x3, 0x800, 0x6, 0xffffff80, 0x41, 0xc22, 0x1, 0x6, 0x9, 0x9, 0x7fffffff, 0x2, 0xfff, 0x6, 0xfffffffd, 0x7c1, 0x136, 0x6, 0x5, 0x5, 0x3ff, 0x4, 0xb, 0xfffffffe, 0x10001, 0x0, 0x5, 0x3, 0x404, 0x101, 0xffffffff, 0x1b, 0xd589, 0xffffff81, 0xffff0001, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd39, 0x0, 0xfffffffe, 0x0, 0x4, 0x2, 0x55, 0x4000004, 0xbc6, 0x2, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b9, 0xb, 0x4, 0x9, 0x7, 0x4, 0x8, 0x3, 0x2, 0x180000, 0x3, 0x7, 0x4, 0x9, 0x7, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff00, 0x894, 0x7, 0xe, 0x6, 0x6, 0x2, 0x6, 0x10001, 0xa, 0x4, 0x8, 0x5c, 0x1000000, 0x807, 0x1, 0x8, 0x7ffffffd, 0x384, 0x9, 0x58a, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0x7, 0x0, 0x6, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xfe, 0x1, 0x6, 0x5, 0x5e1d, 0x8}, 0x3ff, 0xa0, 0x99}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x4000050}, 0x20008840)

10.738709107s ago: executing program 6 (id=2234):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0})
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000240)=""/203, 0xcb)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @tick=0x4})
tkill(r0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000380)={0x9, 0x2, {0x1, 0x0, 0x8, 0x9eca272b51463f4, 0x7}})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000340)='syz1\x00', 0x200002, 0x0)
openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000380), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102384, 0x18ff0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000840))
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r6, 0xc06c4124, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})
socket$kcm(0x10, 0x2, 0x0)

8.623334497s ago: executing program 34 (id=2192):
syz_io_uring_setup(0x5169, 0x0, 0x0, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
rt_sigaction(0x8, 0x0, 0x0, 0x8, &(0x7f0000000300))
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001200)=ANY=[@ANYBLOB="1c000000220001062abd"], 0x1c}], 0x1}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x70bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r8, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff3, 0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x4, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0002, 0x5, 0x36, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x2, 0x114b6000, 0xfffffffb, 0x2a70, 0xffff73d0, 0x5, 0x5, 0x0, 0xa, 0x45, 0x0, 0x8, 0x5, 0xba44, 0x3, 0x60b, 0x80000000, 0x7, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xfffffff8, 0x5, 0x6, 0x1a0055ee, 0x1, 0x1, 0xffff4226, 0x6, 0x0, 0x5, 0x100, 0x4, 0x1, 0x2, 0x800, 0xf9, 0x400, 0x9, 0x2, 0x8, 0x2f, 0xfffffff8, 0x0, 0x101, 0x9, 0x7, 0x0, 0x5, 0x5, 0x3, 0x6, 0x10000, 0x5, 0x8, 0x2, 0x9b58, 0x5, 0xb, 0x4be, 0xe, 0xef, 0xa, 0xcaa, 0x9fa7, 0xfffeffff, 0x38, 0x400004, 0x0, 0x9, 0x44d, 0x6, 0x161f, 0x8, 0xfffffff5, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x6, 0x9, 0x3, 0x7, 0x4, 0x6, 0x7, 0x8002, 0x7, 0x7, 0x7, 0xc3c, 0x3, 0x28000000, 0x8, 0x30c7, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x7, 0x401, 0xa97, 0x4, 0x422dd3f4, 0x4, 0x8, 0x2, 0x8, 0x10000, 0x8c1, 0x0, 0x45ba, 0x9, 0x864b, 0x0, 0x7, 0x7, 0x1, 0x0, 0x81, 0x3, 0x800, 0x6, 0xffffff80, 0x41, 0xc22, 0x1, 0x6, 0x9, 0x9, 0x7fffffff, 0x2, 0xfff, 0x6, 0xfffffffd, 0x7c1, 0x136, 0x6, 0x5, 0x5, 0x3ff, 0x4, 0xb, 0xfffffffe, 0x10001, 0x0, 0x5, 0x3, 0x404, 0x101, 0xffffffff, 0x1b, 0xd589, 0xffffff81, 0xffff0001, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd39, 0x0, 0xfffffffe, 0x0, 0x4, 0x2, 0x55, 0x4000004, 0xbc6, 0x2, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b9, 0xb, 0x4, 0x9, 0x7, 0x4, 0x8, 0x3, 0x2, 0x180000, 0x3, 0x7, 0x4, 0x9, 0x7, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff00, 0x894, 0x7, 0xe, 0x6, 0x6, 0x2, 0x6, 0x10001, 0xa, 0x4, 0x8, 0x5c, 0x1000000, 0x807, 0x1, 0x8, 0x7ffffffd, 0x384, 0x9, 0x58a, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0x7, 0x0, 0x6, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xfe, 0x1, 0x6, 0x5, 0x5e1d, 0x8}, 0x3ff, 0xa0, 0x99}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x4000050}, 0x20008840)

8.598039518s ago: executing program 0 (id=2239):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}}, 0x0, 0x0, 0x3b, 0x0, "6606ca7ce41b346ac33e74fc00d9165a44e86835fec0b518269fd4c21a897da3d787c09dcb8216a272aea67961649d1590065253e07bd0b461b349eb64746d76c42fb2623034078188f0009f9f10d5f0"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}}, 0x0, 0x0, 0x21, 0x0, "a0aad30a8b1350f2461250f9e5b2fc536fd0861c38349b6f6ad8c6f78a18d8576ba9bcd139acd078c1207e7b717cd1c8e723c17364efbae56931f838ecf65aba7e990fe8a4a01b3302b27fe7c991a9cb"}, 0xd8)
dup(r0)
r1 = socket(0x10, 0x3, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800a75ee39304008c0000000000000007000000321d00000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x40010)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000340)={<r3=>0x0, @multicast2, @local}, &(0x7f0000000380)=0xc)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'ip6tnl0\x00', <r4=>0x0, 0x2f, 0x0, 0x8, 0x544cd611, 0x4, @local, @mcast1, 0x700, 0x1, 0x7, 0x1ff}})
getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f00000004c0)=<r5=>0x0, &(0x7f0000000500)=0x4)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x70, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x14}, 0xc0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x15, 0x5, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002240)={{0x14}, [@NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_ID={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x8}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x7c}}, 0x0)

7.451297347s ago: executing program 5 (id=2241):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002840)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x20}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000040)='\b', 0x1}], 0x1}}], 0x1, 0x14018891)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r0], 0x1000f)

7.313168726s ago: executing program 6 (id=2242):
syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x101041)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
readlinkat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4004)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000d8349b280000010001000000000000000000000200000000000000000000000000000000000000000000000000000000000000fffffffffffffffffeffffffffffffff000000000000000000000000000000000000001db02552fbd85a6b6af0763cd80ac5f40514edd62cea1f3896bad7e51c007b47e8058d404f6210449251e8f0c1e722160a00c56a844dd642f00a4571c5d4c9e9ca981594b3b220badaa514fea8239517154c17d68974a83eba1d774382e4b666f3bc857cc6288427f4e9470cc524ccab17cf4f797930fef3fe83a0a1f0c6"], 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)

6.591120487s ago: executing program 0 (id=2243):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x220000, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x9, 0x0, 0x204}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x884}, 0x4000)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x28, 0x4, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x80, 0x0)
sendmsg$SOCK_DESTROY(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="70020000150020002bbd7000fedbdf251da4230001001d7262018037b17cd12df933af28a4c83a2b9b2d4e401f78db2dbe37e8a122007d00010021911faea1786d416189f53ef7cd88cb8160c50a50a700c9766174bc5c467b11510b573c10968538e64ac707e26ef5069e604e4909f1df1a42ec851379072039bca214e8ab3ae1717a36790f000f0b8f7b61a92a2cae5741f79f6a55a569c48148a16afc9961a0c0615eb5ce16091a09621022da63d5fd344b000000960001008347a0f1a2f0bba5bc3057e851430baacff630ddd31b7d0ed50ca2e7d532d64174669f5ea6b5efe89c266f2b932e27c2a477b9772efbe62fb6c2d2d381c917c1077ed9b43a6e2aeeb4eb8b6da71a58a2c38a4afdf57b850922d254ee0b85450209b9c1273a387cc20f927079e84cf9fc67fb879b763aa801d010a4779a48eb0412adda24b798c43f1f0c344f865b0e15da4800003d000100550b269532faf7755306e2c000cbecff45e308c38254adbd19974e82351f04682cc152c3d9ae1231ce4371fd324e9cfde4924eb6773fa77f930000003e0001003c18226dfbcb67c3cf37ac3bd651b502cdffcaf23f4764f5d3ae8fa177709b19dd773d55a8099a31fe771b24e354c8f52c183445464256142e72000059000100857ba7972f6560e34d798071193a2483f0cdb3675d63871aaca5ccbdf3438dac7b63a839b965da5e36318aa62b4c7791c812b1e52fe92a92695bed3de77b084b86b888476ad800d55f73ac8f59b3d67d3755d3a160000000410001002c25ab064ed555b0a45269fa1201408d57bf8e4200bc43c540df081c953a32318e891a44530806b6d9eaf56b797b6dc11b3853b9a022fffe592ab8f4380000000000"], 0x270}, 0x1, 0x0, 0x0, 0x8000}, 0x4004000)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
flistxattr(r3, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x13ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0})

6.404724206s ago: executing program 0 (id=2244):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c00000002000000f3ff00000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000c20000000000000000000000900000000000000000000000900000000000000000000000902"], 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x1, 0x0)
fchdir(r5)
r6 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r6, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x4, 0x1, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0xff, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r6, r6, &(0x7f0000000080)=0x2, 0x7f03)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x20)
ioctl$USBDEVFS_CLEAR_HALT(r5, 0x80045515, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x9}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.404212051s ago: executing program 5 (id=2245):
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000001680))
r4 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r4})
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000040)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)

6.28309103s ago: executing program 6 (id=2246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000101c1b021b00000000000109022400010000400009040000010300400009210000000122050009058103"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000380), 0x1, 0x2000)
ioctl$EVIOCGABS20(r6, 0x40044591, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0xe0002009})
ppoll(&(0x7f0000000100)=[{r7, 0x75467d0623a9d2a7}], 0x1, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x9, "0400"}]}}, 0x0}, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000063c0)=ANY=[@ANYBLOB="200000002c00010026bd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0xe, 0x0, 0x800}]}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@deltclass={0x24, 0x29, 0x200, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0x5, 0xfff1}, {0x3, 0xffe4}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x800)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)={0x5c, r1, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x2c, 0x51, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "e179e421a388f7b1ec2e9293f1"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac02}, @NL80211_KEY_IDX={0x5, 0x2, 0x1}]}]}]}, 0x5c}}, 0x0)
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r9, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r9, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r10, 0x0, &(0x7f0000ff7000/0x2000)=nil, 0x2000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r9, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r10, 0x0, <r11=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_IOAS_MAP$PAGES(r9, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r10, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xa})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
iopl(0x3)
times(&(0x7f0000000100))
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r9, 0x3ba0, &(0x7f0000000280)={0x48, 0x7, r11, 0x0, 0x10001, 0x0, 0x4, 0x1b9bb5, 0x243bab})

5.202593534s ago: executing program 0 (id=2248):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000ca85000000ae000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000015"], 0x50) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000280)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) (async)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) (async)
r8 = fanotify_init(0x0, 0x1) (async)
r9 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r8, 0x641, 0x4800003a, r9, 0x0) (async)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r8, 0x61, 0x40001013, r10, 0x0) (async)
r11 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000b5000040"]) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3, <r13=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r13}, &(0x7f0000000000), &(0x7f00000000c0)=r1}, 0x20) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000008c0)='percpu_alloc_percpu\x00', r0}, 0x10)

4.663000068s ago: executing program 0 (id=2250):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c00000004060300000000000000000000000000050001"], 0x5c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000dc0)={&(0x7f0000000c80)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000000000000000000a000000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r2, 0x20, &(0x7f0000000140)={0xfffffffffffffffd, 0x0, 0x0, &(0x7f0000000100)=""/47, 0x2f}}, 0x10)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
read$dsp(r4, &(0x7f0000003200)=""/4105, 0x1009)
write$dsp(r3, &(0x7f0000002200)="44e211a38542", 0x6)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SYNC(r3, 0x5001, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r6, 0xc0745645, &(0x7f0000000100)={0x6, [0xbe, 0x800, 0x4, 0x9, 0x7, 0xc, 0x9, 0x400, 0x8001, 0x1, 0x9, 0x2, 0x800, 0x6, 0x4, 0x5, 0x1, 0xffe0, 0x9, 0xf6d1, 0x4, 0x3, 0x2, 0x5, 0x2, 0x3, 0x400, 0x9, 0x8, 0x3ff, 0x0, 0x7, 0xf, 0x6, 0x6, 0xe62, 0x1, 0x9, 0x3b08, 0x4, 0x7, 0x0, 0x8000, 0x2, 0x12, 0x8, 0x800], 0x4})
r7 = accept4(r5, 0x0, 0x0, 0xc0800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="b800000019000100000000f7ffffff00e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000029000000", @ANYRESHEX=r2, @ANYBLOB="000000000000000000000000000000000700000000000000000000000000000000000000000000000200000000000000ffffffffffffff"], 0xb8}}, 0x4004)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYBLOB="010100000000000000", @ANYRES32, @ANYBLOB="0400460005003400c4000000080026006c09"], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e000000200"/32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffffffffffff00000000000000000000000000000000b2a7ddbdb45325aee75805b3bab9ef5ed69068d1ecc77ef29abc29933d69009f09a64c4aa9829e4b5a4e8f923a58be5e1461923130c494db22b241e519f62f428f5d8e75a338ba40a27d8356b96ebc05550cedaaea23b42b64bb5deba607ed49e75f952b956e1cd04cc0ad4315577e37419f139c387fe13750ffa1ad495ba4ee76d4ae812abae8dcf30403d8527dafdf"], 0xb8}}, 0x0)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000009c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000001701000003000000000000000000000088000000000000001701000002000000720000005ed3bacedebd25dd95d4f4dfcbb502c4971bcb469c8bfef009257e8cb28ae484b6c9b93887eee319ff7e93ec10ecaf5e34de66f50bb5280eecb7e3ee587080c9115650aa063ea6fad0e7f5a86f4512ee4bfa5a1c54c3725bbb11c8781c416eb0284288e84f4be7069237ee1b0415df111e92000018000000000000001701000004000000ff00000000a2f3de292d2ec7ce1e0038653eb700000018000000000000001701c2ade3bccb4f89498361dd46b8b05a1527524dc4d2845032f92c26c57d3973059ba00b3c873a6e71db01fb1bea96898873a76a23f7e05fb498b74d57d71ed2e3ec1cf1c3f475dd76861b59349d75d4ec94e6777f1df885f417b547314babdf4aa4cb8ded811ba7b68378"], 0xd0}], 0x1, 0x40800)
r8 = syz_open_dev$sg(&(0x7f0000000380), 0x100000000006, 0x109d01)
ioctl$SG_SET_KEEP_ORPHAN(r8, 0x2287, &(0x7f0000000400)=0x87)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r9 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r9, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffc, 0x5, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f00000000c0)="008d7acda0", 0x0, 0x0, 0x0, 0x0, 0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
rseq(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x1, 0x0)

4.409769856s ago: executing program 5 (id=2251):
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0xfffffffc, 0x0, 0x0, 0x0, 0xff, "db73d6f099fdb908806981acf8805944823a7f"})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x50, r2, 0xb2e26000)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xed, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040055}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.277616681s ago: executing program 2 (id=2252):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='rcu_utilization\x00', r3, 0x0, 0x1}, 0x18)
socket(0x8, 0x5, 0x80001)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) (fail_nth: 2)

3.275151699s ago: executing program 2 (id=2253):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e24, 0x4000000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}, 0x1c)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0xa69, &(0x7f0000000240)='\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000000)='(/\x00')
fcntl$notify(r1, 0x402, 0x80000000)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
landlock_create_ruleset(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, &(0x7f0000000180)=0x1c3, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000180000000000000000000000711207000000000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.678372568s ago: executing program 6 (id=2254):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r1, 0xee01)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x1f, 0x80000, 0x2f0c07f996e5f8c, 0xc, 0x0, 0x0, 0x1000}}, 0x50)
r5 = syz_open_dev$vcsa(&(0x7f0000000500), 0x3, 0x4c002)
ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000540)={'bond0\x00', @local})
syz_fuse_handle_req(r2, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd2ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x1, 0x0, 0xc, 0x0, 0x8000000, 0xbc5, {0x0, 0x0, 0x8, 0x0, 0x0, 0x4, 0x8, 0x1, 0x0, 0x1000, 0x3, 0x0, r4, 0x0, 0x32a1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000280)={{{@in=@remote, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@remote}, 0x0, @in=@loopback}}, &(0x7f00000001c0)=0xe8)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x24020, &(0x7f0000000380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x400}}, {}], [{@euid_gt={'euid>', r6}}, {@fsmagic={'fsmagic', 0x3d, 0x46}}, {@dont_appraise}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/dsp\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '+.)({#'}}]}})
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$alg(0x26, 0x5, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
connect$x25(r8, &(0x7f00000004c0)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1, 0x2}}, 0x12)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xc)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x6d11fc17e2604de3, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r9, @ANYRES64=0x0, @ANYRESHEX=r9], 0x20)

2.619602947s ago: executing program 5 (id=2255):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffbfffffffe}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x900, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000180)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f00000021c0)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f0000000380)='gid_map\x00')
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x7, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$rxrpc(0x21, 0x2, 0xa)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000280)={r3}, 0xc)

2.519079265s ago: executing program 2 (id=2256):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x107fe, @mcast1, 0x1000}, {0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, '\x00', 0x22}, 0x17}, r5, 0xb}}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='rcu_utilization\x00', r3, 0x0, 0x1}, 0x18)
socket(0x8, 0x5, 0x80001)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r6, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)

2.225415762s ago: executing program 6 (id=2257):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b00010062726964676500004000028008000500010000000600270000000000080001"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

1.614356402s ago: executing program 2 (id=2258):
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, 0x0, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)

1.563159803s ago: executing program 5 (id=2259):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r0 = fanotify_init(0x200, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(r0, 0x101, 0x48001051, r1, 0x0)
geteuid()
getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180))
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x12, 0x3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c5, 0x3000}, &(0x7f0000000340)=<r6=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000500)=0xfffffffc, 0x0, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r7, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
syz_io_uring_submit(r6, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, 0x0)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r9, 0x113, 0x1, &(0x7f0000000540)=0x212, 0x4)

231.704883ms ago: executing program 2 (id=2260):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r1 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

185.80195ms ago: executing program 6 (id=2261):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f00000006c0)="2ef2dd050080000048b84441000000000000b9130b00000f320f21f8350000ce00010123f836362e6726af4b0f20c1350e000000440f22c0b805000000b9009800000f01d97c0f01c9c947338c01c4c40f79d226660f013b", 0x58}], 0x1, 0x50, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="34000000130005000000"], 0x34}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

86.870602ms ago: executing program 5 (id=2262):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb0100180000000040000024000000240000000600cdbcdcb20000000000090200000004000000000000070000000000000000550000000b01000000000000005f004102620740807492ea47cc3ca285ba274184997b3840fe2e000d09c2bf0832ca47d634d898b9b8d7c95a4042f5654be5e4009b8f8da3bad6aa0c5d27fe12c0e5962c4aead31369573b0c8a8c37444fed88ae96e122f3595ecc9d73b9e7fe220926d8a6aedc4e6df937313be4e35d79deb3ad95db2dfa87d68c1225178e559d7b76c10db14ebfe30739a80f9876bc4b1b0345f74e5f09fe8189d1eb0856f75047d6fccbef575f3038ae585626e158569c313640089640f3f90a0d12a3da00ecdb65cd4605e575417106d2cef45a20aedba8e56a45bd42462d0c59919bd168d4db03fc2784140f641d9a36bab3f7f34b026b87b243928e1a9de3"], 0x0, 0x42, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="03000000040000e903008b050000002e00000000", @ANYRES32=0x1, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="030000000400"/28], 0x50)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="315873d58d3b9ee6004f"], 0x0}, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$FS_IOC_GETVERSION(r2, 0x80047601, 0x0)
syz_emit_vhci(&(0x7f0000000b80)=ANY=[@ANYRES8], 0x7)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c8, &(0x7f0000000100))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000010000100000300"/20, @ANYRES32, @ANYBLOB="0010cf71b20000001c0012800b00010067656e65766500000c000280080002ddab1414bb08000465f86e8db88b4d982781b8b535fd68e0ac67179d76dd413e5761c25880732a4ea88d8420d0b05808a4f0f6687128384875776f8be07a26fe89ab94b73ea89b0219dddfa7146c87c06222b98f3dc2f75be311c384572ad595130bccbd91f3f69689c26e914335fc839bd154077b37d295446f538ce8588ba12684717a4ad8d6f6a62efb59e83283e547e609a080215a465ad44ba3fec198ea4b554cc9457200"/213], 0x44}, 0x1, 0x2}, 0x4004)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x4000000)
r5 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000200), 0x50000, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0], &(0x7f00000002c0)=[<r6=>0x0], &(0x7f0000000300)=[0x0, 0x0], 0x6, 0x3, 0x1, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000900)={&(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, <r7=>0x0], &(0x7f0000000440)=[0x0, 0x0], 0x6, 0x9, 0x2, 0x40000000000000c7})
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000003240)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r8, 0xc05064a7, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000005c0)=[0x0], 0x0, 0x0, 0x1, 0x0, 0x0, r9})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x5, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc3, &(0x7f000000cf3d)=""/195, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000480), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xb}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x75, @void, @value}, 0x94)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000005c0)={&(0x7f00000004c0)=[0x0, 0x0], &(0x7f0000000500)=[0x0], &(0x7f0000000540)=[<r10=>0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0], 0x2, 0x1, 0x3, 0x1})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007c1905409904e25a0f090102070109021b0001000000000904000001ff53c20009040002"], 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000740)={&(0x7f0000000640), &(0x7f0000000c00)=[0x0, 0x0, 0x0, 0x0, <r11=>0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0], &(0x7f0000000700), 0x0, 0x9, 0x2})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000007c0)={&(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f0000000840)={&(0x7f0000000600)=[r6, r7, r9, r10, 0x0], 0x5, r11, r12, 0x2, 0x47, 0x65a, 0x2, {0x3, 0x7f, 0x2, 0x3, 0x1, 0x2, 0x8, 0xf8, 0x4, 0x7, 0x7, 0x2, 0x5, 0x7ff, "a75f7c86dc5be239af27d052fa6799313507f3387006449b377be7e264e500bc"}})

66.081292ms ago: executing program 2 (id=2263):
prctl$PR_SET_THP_DISABLE(0x29, 0x1)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$smackfs_load(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r2, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

0s ago: executing program 0 (id=2264):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x70, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x1c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "3ef98e7d6b0ed1a627c78bb068c7977daf65a526"}}]}]}, 0x70}}, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000180)=@ethtool_link_settings={0x4d, 0x400, 0xf, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1]}})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x3c, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x64}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xfc}]}, 0x3c}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r3 = io_uring_setup(0x4123, &(0x7f0000000200)={0x0, 0x1b, 0x10000, 0x2, 0x4c})
io_uring_register$IORING_UNREGISTER_EVENTFD(r3, 0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4004441)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000d80)=@newlink={0x44, 0x10, 0x801, 0x2000000, 0x0, {}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0x1, 0xc}}]}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0)
syz_open_dev$media(0x0, 0x2c29, 0x28004)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
setsockopt$inet_tcp_int(r6, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @local}, 0x72)

kernel console output (not intermixed with test programs):

][T11787]  ? arch_stack_walk+0xff/0x150
[  660.239978][T11787]  ? __lock_acquire+0xad5/0xd80
[  660.240033][T11787]  ? __pfx_rtnl_newlink+0x10/0x10
[  660.240056][T11787]  rtnetlink_rcv_msg+0x80f/0xd70
[  660.240076][T11787]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  660.240102][T11787]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  660.240122][T11787]  ? __lock_acquire+0xad5/0xd80
[  660.240167][T11787]  netlink_rcv_skb+0x208/0x480
[  660.240189][T11787]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  660.240212][T11787]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  660.240248][T11787]  ? netlink_deliver_tap+0x2e/0x1b0
[  660.240271][T11787]  ? netlink_deliver_tap+0x2e/0x1b0
[  660.240294][T11787]  netlink_unicast+0x7f8/0x9a0
[  660.240333][T11787]  ? __pfx_netlink_unicast+0x10/0x10
[  660.240367][T11787]  ? skb_put+0x114/0x1f0
[  660.240398][T11787]  netlink_sendmsg+0x8c3/0xcd0
[  660.240430][T11787]  ? __pfx_netlink_sendmsg+0x10/0x10
[  660.240462][T11787]  ? __pfx_netlink_sendmsg+0x10/0x10
[  660.240482][T11787]  __sock_sendmsg+0x221/0x270
[  660.240519][T11787]  ____sys_sendmsg+0x523/0x860
[  660.240561][T11787]  ? __pfx_____sys_sendmsg+0x10/0x10
[  660.240586][T11787]  ? __fget_files+0x2a/0x420
[  660.240616][T11787]  ? __fget_files+0x2a/0x420
[  660.240649][T11787]  __sys_sendmsg+0x271/0x360
[  660.240681][T11787]  ? __pfx___sys_sendmsg+0x10/0x10
[  660.240752][T11787]  ? do_syscall_64+0xb6/0x230
[  660.240784][T11787]  do_syscall_64+0xf3/0x230
[  660.240814][T11787]  ? clear_bhb_loop+0x45/0xa0
[  660.240838][T11787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.240861][T11787] RIP: 0033:0x7f246958d169
[  660.240880][T11787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.240899][T11787] RSP: 002b:00007f246a3d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  660.240922][T11787] RAX: ffffffffffffffda RBX: 00007f24697a5fa0 RCX: 00007f246958d169
[  660.240940][T11787] RDX: 000000000000c010 RSI: 00002000000002c0 RDI: 0000000000000013
[  660.240953][T11787] RBP: 00007f246a3d1090 R08: 0000000000000000 R09: 0000000000000000
[  660.240967][T11787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.240980][T11787] R13: 0000000000000000 R14: 00007f24697a5fa0 R15: 00007ffefa3c0b38
[  660.241009][T11787]  </TASK>
[  661.031904][ T6987] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  661.041030][ T6987] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.049751][ T6987] usb 5-1: Product: syz
[  661.054102][ T6987] usb 5-1: Manufacturer: syz
[  661.059042][ T6987] usb 5-1: SerialNumber: syz
[  661.120703][ T6987] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing
[  661.131217][ T6987] cdc_ncm 5-1:1.0: bind() failure
[  662.913615][ T5873] usb 5-1: USB disconnect, device number 25
[  663.308281][T11798] smk_cipso_doi:679 remove rc = -2
[  663.313798][T11798] smk_cipso_doi:692 cipso add rc = -17
[  664.036365][T11805] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1613'.
[  664.062516][ T6987] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  664.281537][ T6987] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  664.334291][ T6987] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[  664.478829][ T6987] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  664.565544][ T6987] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  664.606694][ T6987] usb 3-1: Product: syz
[  664.671168][ T6987] usb 3-1: Manufacturer: syz
[  664.780913][ T6987] usb 3-1: SerialNumber: syz
[  664.818906][ T6987] usb 3-1: config 0 descriptor??
[  664.850829][ T6987] usb 3-1: can't set config #0, error -71
[  664.995121][ T6987] usb 3-1: USB disconnect, device number 28
[  667.893012][T11849] smk_cipso_doi:679 remove rc = -2
[  667.898429][T11849] smk_cipso_doi:692 cipso add rc = -17
[  668.581961][    C1] bridge0: port 2(bridge_slave_1) entered forwarding state
[  668.589249][    C1] bridge0: topology change detected, propagating
[  668.596143][    C1] bridge0: port 1(bridge_slave_0) entered forwarding state
[  668.603434][    C1] bridge0: topology change detected, propagating
[  668.743357][T11857] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1627'.
[  670.400689][T11876] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  670.407393][T11876] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  670.427945][T11876] vhci_hcd vhci_hcd.0: Device attached
[  670.711917][  T976] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  671.002395][ T3805] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  671.055724][T11886] Invalid ELF header magic: != ELF
[  671.879449][ T3805] usb 4-1: Using ep0 maxpacket: 32
[  672.174426][ T3805] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  672.354920][ T3805] usb 4-1: config 0 has no interface number 0
[  672.411272][ T3805] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  672.421404][ T3805] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.436854][ T3805] usb 4-1: Product: syz
[  672.441112][ T3805] usb 4-1: Manufacturer: syz
[  672.455434][ T3805] usb 4-1: SerialNumber: syz
[  672.469308][ T3805] usb 4-1: config 0 descriptor??
[  672.484287][ T3805] smsc95xx v2.0.0
[  672.488233][ T3805] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  672.511998][ T3805] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -22
[  672.652392][   T10] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  673.046662][T11878] usbip_core: unknown command
[  673.051470][T11878] vhci_hcd: unknown pdu 1852586032
[  673.057104][T11878] usbip_core: unknown command
[  673.067657][ T1105] vhci_hcd: stop threads
[  673.074414][ T5875] usb 4-1: USB disconnect, device number 29
[  673.092010][   T10] usb 2-1: Using ep0 maxpacket: 32
[  673.101340][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  673.118252][ T1105] vhci_hcd: release socket
[  673.118558][   T10] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  673.138333][   T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  673.138637][ T1105] vhci_hcd: disconnect device
[  673.156551][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33307, setting to 1024
[  673.170242][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  673.181431][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  673.193651][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  673.203888][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  673.237408][   T10] usb 2-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01
[  673.262180][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  673.275015][   T10] usb 2-1: Product: syz
[  673.280501][   T10] usb 2-1: Manufacturer: syz
[  673.286070][   T10] usb 2-1: SerialNumber: syz
[  673.305469][   T10] usb 2-1: config 0 descriptor??
[  673.322525][T11889] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  673.609330][   T10] cxacru 2-1:0.0: cxacru_bind: interface has incorrect endpoints
[  673.625380][   T10] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  673.695377][   T10] usb 2-1: USB disconnect, device number 29
[  673.804808][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1649'.
[  673.820096][T11917] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1649'.
[  675.951934][  T976] vhci_hcd: vhci_device speed not set
[  678.573067][T11965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1663'.
[  678.595373][T11965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1663'.
[  681.709043][T11987] FAULT_INJECTION: forcing a failure.
[  681.709043][T11987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  681.859904][T11987] CPU: 1 UID: 0 PID: 11987 Comm: syz.0.1669 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  681.859936][T11987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  681.859949][T11987] Call Trace:
[  681.859956][T11987]  <TASK>
[  681.859964][T11987]  dump_stack_lvl+0x241/0x360
[  681.860000][T11987]  ? __pfx_dump_stack_lvl+0x10/0x10
[  681.860027][T11987]  ? __pfx__printk+0x10/0x10
[  681.860060][T11987]  should_fail_ex+0x424/0x570
[  681.860091][T11987]  _copy_from_user+0x2d/0xb0
[  681.860115][T11987]  __se_sys_mount+0x190/0x400
[  681.860144][T11987]  ? __pfx___se_sys_mount+0x10/0x10
[  681.860173][T11987]  ? __x64_sys_mount+0x20/0xc0
[  681.860199][T11987]  do_syscall_64+0xf3/0x230
[  681.860227][T11987]  ? clear_bhb_loop+0x45/0xa0
[  681.860249][T11987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.860268][T11987] RIP: 0033:0x7f385bb8d169
[  681.860287][T11987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.860304][T11987] RSP: 002b:00007f385c9b1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  681.860325][T11987] RAX: ffffffffffffffda RBX: 00007f385bda5fa0 RCX: 00007f385bb8d169
[  681.860350][T11987] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[  681.860363][T11987] RBP: 00007f385c9b1090 R08: 00002000000017c0 R09: 0000000000000000
[  681.860376][T11987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.860388][T11987] R13: 0000000000000000 R14: 00007f385bda5fa0 R15: 00007ffeb1eb2d28
[  681.860414][T11987]  </TASK>
[  682.020580][    C1] vkms_vblank_simulate: vblank timer overrun
[  682.232674][  T976] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  682.801973][  T976] usb 4-1: Using ep0 maxpacket: 32
[  682.843561][  T976] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  682.895751][  T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  682.940626][  T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  682.976932][  T976] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  682.998446][  T976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.020675][  T976] usb 4-1: config 0 descriptor??
[  683.042467][T11989] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  683.066212][  T976] hub 4-1:0.0: USB hub found
[  683.272702][  T976] hub 4-1:0.0: 2 ports detected
[  684.053504][T12008] netlink: 160 bytes leftover after parsing attributes in process `syz.4.1674'.
[  684.385524][  T976] usb 4-1: USB disconnect, device number 30
[  684.582111][ T6987] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  684.754939][ T6987] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  684.779104][ T6987] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  684.822054][ T6987] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  684.853786][ T6987] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  684.888702][ T6987] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  684.901398][ T6987] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.918672][ T6987] usb 5-1: Product: syz
[  684.923132][ T6987] usb 5-1: Manufacturer: syz
[  684.928161][ T6987] usb 5-1: SerialNumber: syz
[  684.949553][ T6987] usb 5-1: config 0 descriptor??
[  684.975492][ T6987] garmin_gps 5-1:0.0: Garmin GPS usb/tty converter detected
[  685.004418][ T6987] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  685.016471][ T6987] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  685.721259][ T6987] usb 5-1: USB disconnect, device number 26
[  685.731124][ T6987] garmin_gps 5-1:0.0: device disconnected
[  685.864674][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  686.326590][  T976] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  687.351969][  T976] usb 3-1: Using ep0 maxpacket: 16
[  687.377573][  T976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  687.406238][  T976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  687.486491][  T976] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  687.555000][  T976] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  687.572125][  T976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  687.597737][  T976] usb 3-1: config 0 descriptor??
[  687.647934][T12039] netlink: 'syz.4.1682': attribute type 1 has an invalid length.
[  687.662807][T12039] netlink: 'syz.4.1682': attribute type 1 has an invalid length.
[  687.734927][T12038] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[  688.927418][  T976] usbhid 3-1:0.0: can't add hid device: -71
[  688.933714][  T976] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  688.956349][  T976] usb 3-1: USB disconnect, device number 29
[  692.562344][ T5830] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  692.698177][  T976] IPVS: starting estimator thread 0...
[  692.732409][ T5830] usb 3-1: Using ep0 maxpacket: 8
[  692.747386][ T5830] usb 3-1: config index 0 descriptor too short (expected 30768, got 18)
[  692.768868][T12098] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1698'.
[  692.870099][ T5830] usb 3-1: config 102 has too many interfaces: 102, using maximum allowed: 32
[  693.077675][ T5830] usb 3-1: config 102 has an invalid descriptor of length 102, skipping remainder of the config
[  693.391989][T12097] IPVS: using max 25 ests per chain, 60000 per kthread
[  693.411477][ T5830] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 102
[  693.446666][ T5830] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  693.545277][ T5830] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.008858][ T5830] usb 3-1: string descriptor 0 read error: -71
[  694.029399][ T5830] usb 3-1: USB disconnect, device number 30
[  694.098181][   T10] IPVS: starting estimator thread 0...
[  694.314868][T12110] IPVS: using max 38 ests per chain, 91200 per kthread
[  694.479421][T12114] smk_cipso_doi:679 remove rc = -2
[  694.485045][T12114] smk_cipso_doi:692 cipso add rc = -17
[  696.922379][ T6987] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  697.114906][ T6987] usb 4-1: device descriptor read/64, error -71
[  697.157540][T12139] 9pnet_fd: Insufficient options for proto=fd
[  697.382467][ T6987] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  697.580142][ T6987] usb 4-1: device descriptor read/64, error -71
[  697.702775][ T6987] usb usb4-port1: attempt power cycle
[  697.792476][T12146] kvm: pic: level sensitive irq not supported
[  697.792568][T12146] kvm: pic: non byte read
[  697.822257][T12146] kvm: pic: level sensitive irq not supported
[  697.822315][T12146] kvm: pic: non byte read
[  697.896064][T12146] kvm: pic: non byte read
[  697.906624][T12146] kvm: pic: level sensitive irq not supported
[  697.906702][T12146] kvm: pic: non byte read
[  697.929788][T12146] kvm: pic: non byte read
[  697.935775][T12146] kvm: pic: non byte read
[  697.940732][T12146] kvm: pic: non byte read
[  697.948381][T12146] kvm: pic: single mode not supported
[  697.948455][T12146] kvm: pic: non byte read
[  697.960438][T12146] kvm: pic: non byte read
[  698.062166][ T6987] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  698.103705][ T6987] usb 4-1: device descriptor read/8, error -71
[  698.492605][ T6987] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  698.533334][ T6987] usb 4-1: device descriptor read/8, error -71
[  698.659758][T12156] tipc: Started in network mode
[  698.673057][ T6987] usb usb4-port1: unable to enumerate USB device
[  698.682410][T12156] tipc: Node identity ac1414aa, cluster identity 4711
[  698.707503][T12156] tipc: Enabled bearer <udp:syz2>, priority 10
[  699.608775][T12174] netfs: Couldn't get user pages (rc=-14)
[  699.635335][T12175] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1721'.
[  699.684605][T12175] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1721'.
[  699.698345][T12175] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1721'.
[  699.725520][T12175] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1721'.
[  699.732665][ T3805] tipc: Node number set to 2886997162
[  699.783048][ T6987] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  700.570427][T12180] FAULT_INJECTION: forcing a failure.
[  700.570427][T12180] name failslab, interval 1, probability 0, space 0, times 0
[  700.584968][T12180] CPU: 0 UID: 0 PID: 12180 Comm: syz.3.1725 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  700.584999][T12180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  700.585013][T12180] Call Trace:
[  700.585020][T12180]  <TASK>
[  700.585029][T12180]  dump_stack_lvl+0x241/0x360
[  700.585065][T12180]  ? __pfx_dump_stack_lvl+0x10/0x10
[  700.585093][T12180]  ? __pfx__printk+0x10/0x10
[  700.585122][T12180]  ? __pfx___might_resched+0x10/0x10
[  700.585151][T12180]  should_fail_ex+0x424/0x570
[  700.585182][T12180]  should_failslab+0xac/0x100
[  700.585207][T12180]  __kmalloc_noprof+0xdf/0x4d0
[  700.585230][T12180]  ? safesetid_security_capable+0xb2/0x1d0
[  700.585254][T12180]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  700.585285][T12180]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  700.585328][T12180]  genl_rcv_msg+0x819/0xf00
[  700.585360][T12180]  ? __pfx_genl_rcv_msg+0x10/0x10
[  700.585383][T12180]  ? stack_trace_save+0x11a/0x1d0
[  700.585415][T12180]  ? stack_depot_save_flags+0x3a/0x970
[  700.585455][T12180]  ? __lock_acquire+0xad5/0xd80
[  700.585488][T12180]  ? __pfx_ieee802154_llsec_add_devkey+0x10/0x10
[  700.585521][T12180]  netlink_rcv_skb+0x208/0x480
[  700.585541][T12180]  ? __pfx_genl_rcv_msg+0x10/0x10
[  700.585567][T12180]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  700.585604][T12180]  ? netlink_deliver_tap+0x2e/0x1b0
[  700.585628][T12180]  genl_rcv+0x28/0x40
[  700.585651][T12180]  netlink_unicast+0x7f8/0x9a0
[  700.585687][T12180]  ? __pfx_netlink_unicast+0x10/0x10
[  700.585718][T12180]  ? skb_put+0x114/0x1f0
[  700.585746][T12180]  netlink_sendmsg+0x8c3/0xcd0
[  700.585775][T12180]  ? __pfx_netlink_sendmsg+0x10/0x10
[  700.585806][T12180]  ? __pfx_netlink_sendmsg+0x10/0x10
[  700.585825][T12180]  __sock_sendmsg+0x221/0x270
[  700.585859][T12180]  ____sys_sendmsg+0x523/0x860
[  700.585891][T12180]  ? __pfx_____sys_sendmsg+0x10/0x10
[  700.585915][T12180]  ? __fget_files+0x2a/0x420
[  700.585943][T12180]  ? __fget_files+0x2a/0x420
[  700.585975][T12180]  __sys_sendmsg+0x271/0x360
[  700.586004][T12180]  ? __pfx___sys_sendmsg+0x10/0x10
[  700.586071][T12180]  ? do_syscall_64+0xb6/0x230
[  700.586101][T12180]  do_syscall_64+0xf3/0x230
[  700.586129][T12180]  ? clear_bhb_loop+0x45/0xa0
[  700.586152][T12180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.586172][T12180] RIP: 0033:0x7f9a6838d169
[  700.586191][T12180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.586208][T12180] RSP: 002b:00007f9a69254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  700.586231][T12180] RAX: ffffffffffffffda RBX: 00007f9a685a5fa0 RCX: 00007f9a6838d169
[  700.586247][T12180] RDX: 0000000002000000 RSI: 0000200000000180 RDI: 0000000000000004
[  700.586261][T12180] RBP: 00007f9a69254090 R08: 0000000000000000 R09: 0000000000000000
[  700.586274][T12180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.586286][T12180] R13: 0000000000000000 R14: 00007f9a685a5fa0 R15: 00007ffec6b73738
[  700.586312][T12180]  </TASK>
[  700.971230][ T6987] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  701.187509][ T6987] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  701.271781][ T7131] kworker/u8:13 (7131) used greatest stack depth: 19680 bytes left
[  701.452449][ T6987] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  701.620097][ T6987] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  702.378539][T12189] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1727'.
[  702.388026][T12189] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1727'.
[  702.694468][ T6987] usb 3-1: unable to read config index 4 descriptor/all
[  702.701656][ T6987] usb 3-1: can't read configurations, error -71
[  702.787776][T12199] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1731'.
[  702.892049][T12199] bridge_slave_0: left allmulticast mode
[  702.915625][T12199] bridge_slave_0: left promiscuous mode
[  702.922609][T12199] FAULT_INJECTION: forcing a failure.
[  702.922609][T12199] name failslab, interval 1, probability 0, space 0, times 0
[  702.972839][T12199] CPU: 0 UID: 0 PID: 12199 Comm: syz.1.1731 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  702.972871][T12199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  702.972884][T12199] Call Trace:
[  702.972892][T12199]  <TASK>
[  702.972900][T12199]  dump_stack_lvl+0x241/0x360
[  702.972935][T12199]  ? __pfx_dump_stack_lvl+0x10/0x10
[  702.972962][T12199]  ? __pfx__printk+0x10/0x10
[  702.973006][T12199]  should_fail_ex+0x424/0x570
[  702.973037][T12199]  should_failslab+0xac/0x100
[  702.973062][T12199]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  702.973087][T12199]  ? __alloc_skb+0x1c2/0x480
[  702.973113][T12199]  __alloc_skb+0x1c2/0x480
[  702.973134][T12199]  ? rtnl_prop_list_size+0x1e/0x1e0
[  702.973163][T12199]  ? perf_trace_xs_stream_read_request+0x570/0x7f0
[  702.973189][T12199]  ? __pfx___alloc_skb+0x10/0x10
[  702.973213][T12199]  ? if_nlmsg_size+0x75b/0x7b0
[  702.973241][T12199]  ? if_nlmsg_size+0x544/0x7b0
[  702.973271][T12199]  rtmsg_ifinfo_build_skb+0x84/0x260
[  702.973306][T12199]  rtmsg_ifinfo+0x91/0x1b0
[  702.973339][T12199]  __dev_notify_flags+0xf9/0x410
[  702.973367][T12199]  ? __pfx___dev_notify_flags+0x10/0x10
[  702.973392][T12199]  ? __pfx_netdev_info+0x10/0x10
[  702.973415][T12199]  ? __local_bh_enable_ip+0x168/0x200
[  702.973447][T12199]  ? netif_set_allmulti+0x224/0x380
[  702.973481][T12199]  __dev_set_promiscuity+0x151/0x5a0
[  702.973511][T12199]  dev_set_promiscuity+0x51/0xe0
[  702.973537][T12199]  del_nbp+0x16a/0xb40
[  702.973569][T12199]  br_dev_delete+0x6e/0x100
[  702.973592][T12199]  ? __pfx_br_dev_delete+0x10/0x10
[  702.973619][T12199]  rtnl_dellink+0x529/0x8c0
[  702.973638][T12199]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.973664][T12199]  ? __pfx_rtnl_dellink+0x10/0x10
[  702.973748][T12199]  ? __pfx_rtnl_dellink+0x10/0x10
[  702.973770][T12199]  rtnetlink_rcv_msg+0x80f/0xd70
[  702.973789][T12199]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  702.973812][T12199]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  702.973843][T12199]  ? ref_tracker_free+0x63e/0x7e0
[  702.973877][T12199]  netlink_rcv_skb+0x208/0x480
[  702.973898][T12199]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  702.973920][T12199]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  702.973951][T12199]  ? netlink_deliver_tap+0x2e/0x1b0
[  702.973981][T12199]  ? netlink_deliver_tap+0x2e/0x1b0
[  702.974002][T12199]  netlink_unicast+0x7f8/0x9a0
[  702.974037][T12199]  ? __pfx_netlink_unicast+0x10/0x10
[  702.974067][T12199]  ? skb_put+0x114/0x1f0
[  702.974093][T12199]  netlink_sendmsg+0x8c3/0xcd0
[  702.974122][T12199]  ? __pfx_netlink_sendmsg+0x10/0x10
[  702.974151][T12199]  ? __pfx_netlink_sendmsg+0x10/0x10
[  702.974168][T12199]  __sock_sendmsg+0x221/0x270
[  702.974202][T12199]  sock_write_iter+0x2d9/0x3f0
[  702.974233][T12199]  ? __pfx_sock_write_iter+0x10/0x10
[  702.974271][T12199]  ? bpf_lsm_file_permission+0x9/0x10
[  702.974306][T12199]  vfs_write+0x70f/0xd10
[  702.974340][T12199]  ? __pfx_sock_write_iter+0x10/0x10
[  702.974371][T12199]  ? __pfx_vfs_write+0x10/0x10
[  702.974401][T12199]  ? __fget_files+0x2a/0x420
[  702.974428][T12199]  ? __fget_files+0x2a/0x420
[  702.974459][T12199]  ksys_write+0x19d/0x2d0
[  702.974489][T12199]  ? __pfx_ksys_write+0x10/0x10
[  702.974523][T12199]  ? do_syscall_64+0xb6/0x230
[  702.974553][T12199]  do_syscall_64+0xf3/0x230
[  702.974578][T12199]  ? clear_bhb_loop+0x45/0xa0
[  702.974602][T12199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.974621][T12199] RIP: 0033:0x7f96b4f8d169
[  702.974638][T12199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.974656][T12199] RSP: 002b:00007f96b5d25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  702.974677][T12199] RAX: ffffffffffffffda RBX: 00007f96b51a5fa0 RCX: 00007f96b4f8d169
[  702.974693][T12199] RDX: 0000000000000024 RSI: 0000200000000000 RDI: 0000000000000005
[  702.974706][T12199] RBP: 00007f96b5d25090 R08: 0000000000000000 R09: 0000000000000000
[  702.974718][T12199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  702.974730][T12199] R13: 0000000000000000 R14: 00007f96b51a5fa0 R15: 00007ffc8efc6d48
[  702.974755][T12199]  </TASK>
[  703.382737][ T3805] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  703.394156][T12199] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.552412][ T3805] usb 5-1: Using ep0 maxpacket: 8
[  703.682169][ T6987] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  703.801106][ T3805] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  703.932003][ T6987] usb 3-1: Using ep0 maxpacket: 16
[  703.983407][ T3805] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  703.999561][ T3805] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  704.065372][ T3805] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  704.114084][ T3805] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  704.197702][ T3805] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.234159][ T6987] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  704.244849][ T6987] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.394146][ T6987] usb 3-1: Product: syz
[  704.398874][ T6987] usb 3-1: Manufacturer: syz
[  704.441259][ T6987] usb 3-1: SerialNumber: syz
[  704.814812][ T6987] usb 3-1: config 0 descriptor??
[  704.826585][ T6987] ums-onetouch 3-1:0.0: USB Mass Storage device detected
[  705.024929][ T3805] usb 5-1: GET_CAPABILITIES returned 0
[  705.043679][ T3805] usbtmc 5-1:16.0: can't read capabilities
[  705.231220][   T10] usb 5-1: USB disconnect, device number 27
[  705.324295][T12210] netlink: 'syz.0.1734': attribute type 10 has an invalid length.
[  705.332579][T12210] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1734'.
[  705.344528][T12210] batman_adv: batadv0: Adding interface: virt_wifi0
[  705.351171][T12210] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  705.377236][    C1] vkms_vblank_simulate: vblank timer overrun
[  705.383655][T12210] batman_adv: batadv0: Interface activated: virt_wifi0
[  705.394140][T12210] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  705.905832][   T10] usb 3-1: USB disconnect, device number 32
[  706.445000][  T976] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  707.582678][   T10] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  707.601947][  T976] usb 2-1: Using ep0 maxpacket: 32
[  707.747251][  T976] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  707.767601][   T10] usb 3-1: Using ep0 maxpacket: 8
[  707.773481][  T976] usb 2-1: config 0 has no interface number 0
[  707.812304][  T976] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  707.841036][  T976] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  707.852850][   T10] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  707.865013][  T976] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  707.874805][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  707.885850][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.894481][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  707.917903][  T976] usb 2-1: config 0 descriptor??
[  707.932147][   T10] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  708.008647][   T10] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  708.042836][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  708.268544][   T10] usb 3-1: GET_CAPABILITIES returned 0
[  708.275789][   T10] usbtmc 3-1:16.0: can't read capabilities
[  708.499734][   T10] usb 3-1: USB disconnect, device number 33
[  708.547213][  T976] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:28BD:0094.0006/input/input19
[  708.729435][  T976] uclogic 0003:28BD:0094.0006: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.1-1/input1
[  709.123278][  T976] usb 2-1: USB disconnect, device number 30
[  709.143061][T12248] FAULT_INJECTION: forcing a failure.
[  709.143061][T12248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  709.200696][T12248] CPU: 0 UID: 0 PID: 12248 Comm: syz.2.1745 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  709.200729][T12248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  709.200742][T12248] Call Trace:
[  709.200749][T12248]  <TASK>
[  709.200758][T12248]  dump_stack_lvl+0x241/0x360
[  709.200791][T12248]  ? __pfx_dump_stack_lvl+0x10/0x10
[  709.200818][T12248]  ? __pfx__printk+0x10/0x10
[  709.200851][T12248]  should_fail_ex+0x424/0x570
[  709.200882][T12248]  _copy_to_user+0x31/0xb0
[  709.200907][T12248]  simple_read_from_buffer+0xc4/0x170
[  709.200934][T12248]  proc_fail_nth_read+0x1ef/0x260
[  709.200963][T12248]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  709.200991][T12248]  ? rw_verify_area+0x246/0x630
[  709.201018][T12248]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  709.201046][T12248]  vfs_read+0x21f/0xb90
[  709.201078][T12248]  ? __pfx___mutex_lock+0x10/0x10
[  709.201106][T12248]  ? __pfx_vfs_read+0x10/0x10
[  709.201137][T12248]  ? __fget_files+0x2a/0x420
[  709.201162][T12248]  ? __fget_files+0x39d/0x420
[  709.201184][T12248]  ? __fget_files+0x2a/0x420
[  709.201215][T12248]  ksys_read+0x19d/0x2d0
[  709.201245][T12248]  ? __pfx_ksys_read+0x10/0x10
[  709.201279][T12248]  ? do_syscall_64+0xb6/0x230
[  709.201309][T12248]  do_syscall_64+0xf3/0x230
[  709.201336][T12248]  ? clear_bhb_loop+0x45/0xa0
[  709.201360][T12248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.201381][T12248] RIP: 0033:0x7f246958bb7c
[  709.201398][T12248] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  709.201417][T12248] RSP: 002b:00007f246a3d1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  709.201451][T12248] RAX: ffffffffffffffda RBX: 00007f24697a5fa0 RCX: 00007f246958bb7c
[  709.201466][T12248] RDX: 000000000000000f RSI: 00007f246a3d10a0 RDI: 0000000000000005
[  709.201479][T12248] RBP: 00007f246a3d1090 R08: 0000000000000000 R09: 0000000000000000
[  709.201491][T12248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  709.201502][T12248] R13: 0000000000000000 R14: 00007f24697a5fa0 R15: 00007ffefa3c0b38
[  709.201528][T12248]  </TASK>
[  709.714582][T12256] netlink: 'syz.2.1748': attribute type 10 has an invalid length.
[  709.722901][T12256] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1748'.
[  709.732304][T12256] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  709.740676][T12256] batman_adv: batadv0: Adding interface: virt_wifi0
[  709.747906][T12256] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1596 would solve the problem.
[  709.773947][T12256] batman_adv: batadv0: Interface activated: virt_wifi0
[  710.498185][T12265] FAULT_INJECTION: forcing a failure.
[  710.498185][T12265] name failslab, interval 1, probability 0, space 0, times 0
[  710.558729][T12265] CPU: 1 UID: 0 PID: 12265 Comm: syz.2.1749 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  710.558752][T12265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  710.558762][T12265] Call Trace:
[  710.558768][T12265]  <TASK>
[  710.558774][T12265]  dump_stack_lvl+0x241/0x360
[  710.558801][T12265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  710.558821][T12265]  ? __pfx__printk+0x10/0x10
[  710.558843][T12265]  ? __pfx___might_resched+0x10/0x10
[  710.558862][T12265]  should_fail_ex+0x424/0x570
[  710.558885][T12265]  should_failslab+0xac/0x100
[  710.558902][T12265]  ? __get_vm_area_node+0x132/0x2d0
[  710.558921][T12265]  __kmalloc_cache_node_noprof+0x74/0x3c0
[  710.558943][T12265]  __get_vm_area_node+0x132/0x2d0
[  710.558964][T12265]  __vmalloc_node_range_noprof+0x349/0x1390
[  710.558986][T12265]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  710.559012][T12265]  ? kstrtoull+0x1d3/0x2f0
[  710.559034][T12265]  ? __pfx_kstrtoull+0x10/0x10
[  710.559062][T12265]  ? kstrtouint+0xfc/0x190
[  710.559082][T12265]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  710.559108][T12265]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  710.559130][T12265]  __vmalloc_noprof+0x79/0x90
[  710.559150][T12265]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  710.559173][T12265]  bpf_prog_alloc_no_stats+0x4d/0x4d0
[  710.559196][T12265]  ? bpf_prog_alloc+0x28/0x1b0
[  710.559219][T12265]  bpf_prog_alloc+0x3a/0x1b0
[  710.559242][T12265]  bpf_prog_load+0x8ac/0x2320
[  710.559271][T12265]  ? __lock_acquire+0xad5/0xd80
[  710.559294][T12265]  ? __pfx_bpf_prog_load+0x10/0x10
[  710.559330][T12265]  __sys_bpf+0x57f/0x850
[  710.559352][T12265]  ? __pfx___sys_bpf+0x10/0x10
[  710.559380][T12265]  ? ksys_write+0x275/0x2d0
[  710.559408][T12265]  __x64_sys_bpf+0x7c/0x90
[  710.559427][T12265]  do_syscall_64+0xf3/0x230
[  710.559448][T12265]  ? clear_bhb_loop+0x45/0xa0
[  710.559465][T12265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.559486][T12265] RIP: 0033:0x7f246958d169
[  710.559498][T12265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.559511][T12265] RSP: 002b:00007f246a3d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  710.559527][T12265] RAX: ffffffffffffffda RBX: 00007f24697a5fa0 RCX: 00007f246958d169
[  710.559538][T12265] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000005
[  710.559548][T12265] RBP: 00007f246a3d1090 R08: 0000000000000000 R09: 0000000000000000
[  710.559557][T12265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  710.559566][T12265] R13: 0000000000000000 R14: 00007f24697a5fa0 R15: 00007ffefa3c0b38
[  710.559585][T12265]  </TASK>
[  711.111149][T12265] syz.2.1749: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  711.167218][T12265] CPU: 1 UID: 0 PID: 12265 Comm: syz.2.1749 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  711.167242][T12265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  711.167252][T12265] Call Trace:
[  711.167257][T12265]  <TASK>
[  711.167264][T12265]  dump_stack_lvl+0x241/0x360
[  711.167290][T12265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  711.167310][T12265]  ? __pfx__printk+0x10/0x10
[  711.167328][T12265]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  711.167350][T12265]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  711.167370][T12265]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  711.167391][T12265]  warn_alloc+0x27c/0x410
[  711.167415][T12265]  ? __pfx_warn_alloc+0x10/0x10
[  711.167440][T12265]  ? __get_vm_area_node+0x280/0x2d0
[  711.167462][T12265]  __vmalloc_node_range_noprof+0x36e/0x1390
[  711.167493][T12265]  ? kstrtoull+0x1d3/0x2f0
[  711.167515][T12265]  ? __pfx_kstrtoull+0x10/0x10
[  711.167543][T12265]  ? kstrtouint+0xfc/0x190
[  711.167563][T12265]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  711.167589][T12265]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  711.167611][T12265]  __vmalloc_noprof+0x79/0x90
[  711.167632][T12265]  ? bpf_prog_alloc_no_stats+0x4d/0x4d0
[  711.167655][T12265]  bpf_prog_alloc_no_stats+0x4d/0x4d0
[  711.167677][T12265]  ? bpf_prog_alloc+0x28/0x1b0
[  711.167700][T12265]  bpf_prog_alloc+0x3a/0x1b0
[  711.167724][T12265]  bpf_prog_load+0x8ac/0x2320
[  711.167757][T12265]  ? __lock_acquire+0xad5/0xd80
[  711.167781][T12265]  ? __pfx_bpf_prog_load+0x10/0x10
[  711.167817][T12265]  __sys_bpf+0x57f/0x850
[  711.167839][T12265]  ? __pfx___sys_bpf+0x10/0x10
[  711.167866][T12265]  ? ksys_write+0x275/0x2d0
[  711.167895][T12265]  __x64_sys_bpf+0x7c/0x90
[  711.167915][T12265]  do_syscall_64+0xf3/0x230
[  711.167936][T12265]  ? clear_bhb_loop+0x45/0xa0
[  711.167953][T12265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.167967][T12265] RIP: 0033:0x7f246958d169
[  711.167980][T12265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  711.167993][T12265] RSP: 002b:00007f246a3d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  711.168009][T12265] RAX: ffffffffffffffda RBX: 00007f24697a5fa0 RCX: 00007f246958d169
[  711.168020][T12265] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000005
[  711.168030][T12265] RBP: 00007f246a3d1090 R08: 0000000000000000 R09: 0000000000000000
[  711.168039][T12265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  711.168047][T12265] R13: 0000000000000000 R14: 00007f24697a5fa0 R15: 00007ffefa3c0b38
[  711.168066][T12265]  </TASK>
[  711.168071][T12265] Mem-Info:
[  711.499590][T12272] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1751'.
[  711.517199][T12265] active_anon:353 inactive_anon:4999 isolated_anon:0
[  711.517199][T12265]  active_file:17096 inactive_file:38998 isolated_file:0
[  711.517199][T12265]  unevictable:768 dirty:72 writeback:0
[  711.517199][T12265]  slab_reclaimable:10044 slab_unreclaimable:100761
[  711.517199][T12265]  mapped:30185 shmem:1463 pagetables:969
[  711.517199][T12265]  sec_pagetables:0 bounce:0
[  711.517199][T12265]  kernel_misc_reclaimable:0
[  711.517199][T12265]  free:1316205 free_pcp:592 free_cma:0
[  711.563246][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[  711.574097][T12265] Node 0 active_anon:1412kB inactive_anon:19996kB active_file:68268kB inactive_file:155992kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120728kB dirty:288kB writeback:0kB shmem:4316kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11220kB pagetables:3976kB sec_pagetables:0kB all_unreclaimable? no
[  711.606855][    C0] vkms_vblank_simulate: vblank timer overrun
[  711.614952][T12265] Node 1 active_anon:0kB inactive_anon:0kB active_file:116kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:12kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  711.645543][    C0] vkms_vblank_simulate: vblank timer overrun
[  711.802096][T12265] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  711.842450][T12265] lowmem_reserve[]: 0 2490 2490 2490 2490
[  712.998156][T12280] netlink: 'syz.1.1753': attribute type 10 has an invalid length.
[  713.010523][T12280] 8021q: adding VLAN 0 to HW filter on device batadv0
[  713.020945][T12280] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  713.056532][T12265] Node 0 DMA32 free:1330380kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:1340kB inactive_anon:31604kB active_file:67992kB inactive_file:155940kB unevictable:1536kB writepending:292kB present:3129332kB managed:2550048kB mlocked:0kB bounce:0kB free_pcp:1272kB local_pcp:732kB free_cma:0kB
[  713.263274][T12265] lowmem_reserve[]: 0 0 0 0 0
[  713.268075][T12265] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:276kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:368kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  713.294926][    C0] vkms_vblank_simulate: vblank timer overrun
[  713.331992][T12265] lowmem_reserve[]: 0 0 0 0 0
[  713.336955][T12265] Node 1 Normal free:3908908kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:116kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:92kB local_pcp:0kB free_cma:0kB
[  713.366186][    C0] vkms_vblank_simulate: vblank timer overrun
[  713.480840][T12265] lowmem_reserve[]: 0 0 0 0 0
[  713.486485][T12265] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  713.499326][T12265] Node 0 DMA32: 818*4kB (UME) 967*8kB (UME) 535*16kB (UME) 273*32kB (UME) 500*64kB (UME) 109*128kB (UME) 91*256kB (UME) 69*512kB (UM) 49*1024kB (UME) 4*2048kB (UME) 278*4096kB (UM) = 1329936kB
[  713.519388][T12265] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  713.532348][T12265] Node 1 Normal: 241*4kB (UE) 61*8kB (UME) 20*16kB (UE) 226*32kB (UME) 94*64kB (UME) 23*128kB (UE) 17*256kB (UME) 9*512kB (UME) 9*1024kB (UME) 3*2048kB (UE) 944*4096kB (M) = 3908908kB
[  713.623948][T12265] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  713.680938][T12265] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  713.841047][T12265] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  714.449116][T12265] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  714.555852][  T976] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  714.622700][T12265] 60371 total pagecache pages
[  714.627471][T12265] 1 pages in swap cache
[  714.743450][T12265] Free swap  = 124652kB
[  714.873270][T12265] Total swap = 124996kB
[  714.900023][T12265] 2097051 pages RAM
[  714.947698][T12265] 0 pages HighMem/MovableOnly
[  714.952689][T12265] 427815 pages reserved
[  714.961968][T12265] 0 pages cma reserved
[  715.045407][T12300] netlink: 'syz.1.1759': attribute type 10 has an invalid length.
[  715.053524][T12300] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1759'.
[  715.064750][T12300] batman_adv: batadv0: Adding interface: virt_wifi0
[  715.071388][T12300] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  715.097315][T12300] batman_adv: batadv0: Interface activated: virt_wifi0
[  715.105139][T12301] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  715.116256][  T976] usb 4-1: Using ep0 maxpacket: 32
[  715.150678][  T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  715.649655][  T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  715.674631][  T976] usb 4-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  715.706540][  T976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.750626][  T976] usb 4-1: config 0 descriptor??
[  715.902044][T11904] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  715.960971][T12293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  715.986050][T12293] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  716.072014][T11904] usb 3-1: Using ep0 maxpacket: 8
[  716.085392][T11904] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  716.098649][T11904] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  716.120434][T11904] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  716.129246][T11904] usb 3-1: Product: syz
[  716.152928][T11904] usb 3-1: Manufacturer: syz
[  716.157644][T11904] usb 3-1: SerialNumber: syz
[  716.191408][  T976] usbhid 4-1:0.0: can't add hid device: -71
[  716.199197][  T976] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  716.253432][  T976] usb 4-1: USB disconnect, device number 35
[  716.409047][T11904] usb 3-1: Handspring Visor / Palm OS: No valid connect info available
[  716.427856][T11904] usb 3-1: Handspring Visor / Palm OS: port 177, is for unknown use
[  716.460863][T11904] usb 3-1: Handspring Visor / Palm OS: port 116, is for unknown use
[  716.479706][T11904] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2
[  716.609746][T11904] visor 3-1:1.0: Handspring Visor / Palm OS converter detected
[  716.632269][T11904] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  716.685081][T11904] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  716.815021][T11904] usb 3-1: USB disconnect, device number 34
[  716.858725][T11904] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  717.369409][T11904] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  717.421362][T11904] visor 3-1:1.0: device disconnected
[  720.494290][T11904] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  720.872337][T11904] usb 3-1: Using ep0 maxpacket: 16
[  720.891731][T11904] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  720.901026][T11904] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  720.932218][T11904] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  721.876600][T11904] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  721.951950][T11904] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.981088][T11904] usb 3-1: Product: syz
[  722.965931][T11904] usb 3-1: Manufacturer: syz
[  722.965955][T11904] usb 3-1: SerialNumber: syz
[  722.981504][T11904] usb 3-1: can't set config #1, error -71
[  723.053562][T11904] usb 3-1: USB disconnect, device number 35
[  723.257484][T12361] kernel read not supported for file / 
  (pid: 12361 comm: syz.2.1774)
[  723.398870][   T30] audit: type=1800 audit(1743370381.395:817): pid=12361 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1774" name=200120 dev="mqueue" ino=36872 res=0 errno=0
[  727.376431][T12384] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1781'.
[  727.808191][T12404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1786'.
[  728.162347][T12411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.171280][T12411] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.185070][T12411] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  728.191746][T12411] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  728.208736][T12411] vhci_hcd vhci_hcd.0: Device attached
[  728.367766][T11904] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  728.540834][ T6987] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  728.714549][ T3805] usb 38-1: SetAddress Request (2) to port 0
[  728.735211][ T6987] usb 3-1: device descriptor read/64, error -71
[  728.756437][ T3805] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  728.831909][T11904] usb 5-1: Using ep0 maxpacket: 8
[  728.853995][T11904] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  728.878892][T11904] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  728.900118][T11904] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  728.911151][T11904] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  728.934220][T11904] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  728.970747][T11904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.012087][ T6987] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  729.151946][ T6987] usb 3-1: device descriptor read/64, error -71
[  729.217300][T11904] usb 5-1: GET_CAPABILITIES returned 0
[  729.232027][T11904] usbtmc 5-1:16.0: can't read capabilities
[  729.262524][ T6987] usb usb3-port1: attempt power cycle
[  729.632362][ T6987] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  729.656645][ T6987] usb 3-1: device descriptor read/8, error -71
[  729.796464][T12437] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967295 (17179869180 ns) > initial count (144 ns). Using initial count to start timer.
[  729.821666][T12437] kvm: pic: non byte write
[  729.912472][ T6987] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  729.945913][ T6987] usb 3-1: device descriptor read/8, error -71
[  730.063818][ T6987] usb usb3-port1: unable to enumerate USB device
[  731.309520][T12414] vhci_hcd: connection reset by peer
[  731.318540][T10374] usb 5-1: USB disconnect, device number 28
[  731.327013][ T7139] vhci_hcd: stop threads
[  731.331328][ T7139] vhci_hcd: release socket
[  731.408309][ T7139] vhci_hcd: disconnect device
[  731.926486][T12459] netlink: 'syz.4.1801': attribute type 11 has an invalid length.
[  732.816293][T12459] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1801'.
[  733.395909][T12465] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  733.405088][T12465] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  733.414141][T12465] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  733.423038][T12465] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  733.432189][T12465] vxlan0: entered promiscuous mode
[  733.437320][T12465] vxlan0: entered allmulticast mode
[  733.611252][T12465] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  733.620736][T12465] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  733.629879][T12465] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  733.639161][T12465] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  733.872972][ T3805] usb 38-1: device descriptor read/8, error -110
[  734.479101][T12474] kvm: pic: level sensitive irq not supported
[  734.479204][T12474] kvm: pic: non byte read
[  734.516519][T12474] kvm: pic: level sensitive irq not supported
[  734.516596][T12474] kvm: pic: non byte read
[  734.578060][T12474] kvm: pic: level sensitive irq not supported
[  734.578150][T12474] kvm: pic: non byte read
[  734.622430][T12474] kvm: pic: level sensitive irq not supported
[  734.622506][T12474] kvm: pic: non byte read
[  734.712396][T12474] kvm: pic: level sensitive irq not supported
[  734.712475][T12474] kvm: pic: non byte read
[  734.853518][ T3805] usb usb38-port1: attempt power cycle
[  734.859759][T12474] kvm: pic: level sensitive irq not supported
[  734.859837][T12474] kvm: pic: non byte read
[  735.632299][T12474] kvm: pic: level sensitive irq not supported
[  735.632376][T12474] kvm: pic: non byte read
[  736.733132][ T3805] usb usb38-port1: unable to enumerate USB device
[  736.952879][T12494] kvm: pic: level sensitive irq not supported
[  736.952961][T12494] kvm: pic: non byte read
[  737.002257][T12494] kvm: pic: single mode not supported
[  737.002336][T12494] kvm: pic: non byte read
[  737.052565][T12494] kvm: pic: non byte read
[  737.397636][T12499] kvm: pic: level sensitive irq not supported
[  737.397967][T12499] kvm: pic: single mode not supported
[  737.688422][T12505] netlink: 'syz.4.1812': attribute type 2 has an invalid length.
[  739.416262][ T6987] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  739.554147][ T6987] usb 3-1: device descriptor read/64, error -71
[  739.874807][ T6987] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  740.442261][ T6987] usb 3-1: device descriptor read/64, error -71
[  740.566076][ T6987] usb usb3-port1: attempt power cycle
[  740.577731][ T3805] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  740.604411][ T3805] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  740.872252][   T47] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  740.921934][ T6987] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  740.942694][ T6987] usb 3-1: device descriptor read/8, error -71
[  741.032399][   T47] usb 5-1: Using ep0 maxpacket: 32
[  741.050043][   T47] usb 5-1: config 0 has no interfaces?
[  741.069413][   T47] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  741.089436][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.133429][   T47] usb 5-1: config 0 descriptor??
[  741.182224][ T6987] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  741.242750][ T6987] usb 3-1: device descriptor read/8, error -71
[  741.367702][ T6987] usb usb3-port1: unable to enumerate USB device
[  741.393458][T12526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  741.403272][T12526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  741.430875][ T5831] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  741.446435][ T5831] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  741.457097][ T5831] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  741.467162][ T5831] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  741.475582][ T5831] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  741.476615][T12540] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1820'.
[  741.492768][T12540] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1820'.
[  741.503103][  T976] usb 4-1: new low-speed USB device number 36 using dummy_hcd
[  741.524183][ T3805] usb 5-1: USB disconnect, device number 29
[  741.550063][T12535] lo speed is unknown, defaulting to 1000
[  741.650004][T12535] chnl_net:caif_netlink_parms(): no params data found
[  741.665348][  T976] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  741.674099][  T976] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  741.682984][  T976] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  741.693744][  T976] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  741.706358][  T976] usb 4-1: string descriptor 0 read error: -22
[  741.713051][  T976] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  741.722911][  T976] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.735130][  T976] usb 4-1: config 0 descriptor??
[  741.746054][  T976] hub 4-1:0.0: bad descriptor, ignoring hub
[  741.752249][  T976] hub 4-1:0.0: probe with driver hub failed with error -5
[  741.772056][ T6987] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  741.803483][T12535] bridge0: port 1(bridge_slave_0) entered blocking state
[  741.810815][T12535] bridge0: port 1(bridge_slave_0) entered disabled state
[  741.818455][T12535] bridge_slave_0: entered allmulticast mode
[  741.825450][T12535] bridge_slave_0: entered promiscuous mode
[  741.834248][T12535] bridge0: port 2(bridge_slave_1) entered blocking state
[  741.841400][T12535] bridge0: port 2(bridge_slave_1) entered disabled state
[  741.849719][T12535] bridge_slave_1: entered allmulticast mode
[  741.858293][T12535] bridge_slave_1: entered promiscuous mode
[  741.887243][T12535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  741.898808][T12535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  741.930908][T12535] team0: Port device team_slave_0 added
[  741.940502][T12535] team0: Port device team_slave_1 added
[  741.953350][ T6987] usb 3-1: Using ep0 maxpacket: 16
[  741.964776][ T6987] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  741.979328][ T6987] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  741.980663][T12535] batman_adv: batadv0: Adding interface: batadv_slave_0
[  741.992389][ T6987] usb 3-1: string descriptor 0 read error: -22
[  741.996053][T12535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  742.009972][ T6987] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  742.029072][T12535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  742.043935][ T6987] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  742.052033][T12535] batman_adv: batadv0: Adding interface: batadv_slave_1
[  742.063518][T12535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  742.090031][ T3805] usb 4-1: USB disconnect, device number 36
[  742.100209][T12535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  742.121048][ T6987] usb 3-1: 0:2 : does not exist
[  742.218011][T12535] hsr_slave_0: entered promiscuous mode
[  742.232997][T12535] hsr_slave_1: entered promiscuous mode
[  742.239246][T12535] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  742.261992][T12535] Cannot create hsr debugfs directory
[  742.372396][  T976] usb 3-1: USB disconnect, device number 44
[  742.485195][T12535] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  742.513759][T12535] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  742.542324][T12535] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  742.566482][T12535] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  742.603608][T12535] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.610878][T12535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  742.618765][T12535] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.626341][T12535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  742.847536][ T9134] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.551964][ T5831] Bluetooth: hci4: command tx timeout
[  743.572503][ T9134] bridge0: port 2(bridge_slave_1) entered disabled state
[  744.735500][   T30] audit: type=1326 audit(1743370402.735:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12556 comm="syz.2.1829" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f246958d169 code=0x0
[  744.756689][    C1] vkms_vblank_simulate: vblank timer overrun
[  745.295659][T12535] 8021q: adding VLAN 0 to HW filter on device bond0
[  745.347396][T12535] 8021q: adding VLAN 0 to HW filter on device team0
[  745.366242][ T9136] bridge0: port 1(bridge_slave_0) entered blocking state
[  745.373521][ T9136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  745.419314][ T9135] bridge0: port 2(bridge_slave_1) entered blocking state
[  745.426523][ T9135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  745.623830][ T5831] Bluetooth: hci4: command tx timeout
[  745.702348][T12572] kvm: pic: level sensitive irq not supported
[  745.702441][T12572] picdev_read: 15 callbacks suppressed
[  745.702459][T12572] kvm: pic: non byte read
[  745.732622][T12572] kvm: pic: level sensitive irq not supported
[  745.732700][T12572] kvm: pic: non byte read
[  745.762187][T12572] kvm: pic: non byte read
[  745.787245][T12572] kvm: pic: level sensitive irq not supported
[  745.787328][T12572] kvm: pic: non byte read
[  745.826090][T12572] kvm: pic: non byte read
[  745.847211][T12572] kvm: pic: non byte read
[  745.862225][T12572] kvm: pic: non byte read
[  745.866887][T12572] kvm: pic: single mode not supported
[  745.866968][T12572] kvm: pic: non byte read
[  745.912551][T12572] kvm: pic: non byte read
[  746.078012][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  746.088882][ T5829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  746.097712][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  746.106290][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  746.114220][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  746.289450][T12578] lo speed is unknown, defaulting to 1000
[  746.310212][T12535] 8021q: adding VLAN 0 to HW filter on device batadv0
[  746.980382][T12581] kvm_intel: kvm [12580]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x827
[  747.270766][T12578] chnl_net:caif_netlink_parms(): no params data found
[  747.306263][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  747.382379][ T6987] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  747.497305][T12578] bridge0: port 1(bridge_slave_0) entered blocking state
[  747.504958][T12578] bridge0: port 1(bridge_slave_0) entered disabled state
[  747.512350][T12578] bridge_slave_0: entered allmulticast mode
[  747.533189][T12578] bridge_slave_0: entered promiscuous mode
[  747.544190][ T6987] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  747.561130][ T6987] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  747.566883][T12578] bridge0: port 2(bridge_slave_1) entered blocking state
[  747.581000][ T6987] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  747.598411][T12578] bridge0: port 2(bridge_slave_1) entered disabled state
[  747.610581][T12578] bridge_slave_1: entered allmulticast mode
[  747.611817][ T6987] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  747.620515][T12578] bridge_slave_1: entered promiscuous mode
[  747.645504][ T6987] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  747.705240][ T6987] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.711016][ T5831] Bluetooth: hci4: command tx timeout
[  747.799661][ T6987] usb 5-1: Product: syz
[  747.909487][ T6987] usb 5-1: Manufacturer: syz
[  748.092787][ T6987] usb 5-1: SerialNumber: syz
[  748.133733][ T6987] usb 5-1: config 0 descriptor??
[  748.152881][ T6987] garmin_gps 5-1:0.0: Garmin GPS usb/tty converter detected
[  748.166066][T12578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  748.182226][ T5831] Bluetooth: hci2: command tx timeout
[  748.183014][ T6987] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  748.207822][T12578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  748.240190][ T6987] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  748.349885][T12578] team0: Port device team_slave_0 added
[  748.368381][ T6987] usb 5-1: USB disconnect, device number 30
[  748.397095][ T6987] garmin_gps 5-1:0.0: device disconnected
[  748.405823][T12578] team0: Port device team_slave_1 added
[  748.437371][T12535] veth0_vlan: entered promiscuous mode
[  748.502528][T12578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  748.509746][T12578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  748.537221][T12578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  748.550292][T12578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  748.559574][T12578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  748.587692][T12578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  748.602897][T12535] veth1_vlan: entered promiscuous mode
[  748.678091][T12578] hsr_slave_0: entered promiscuous mode
[  748.685677][T12578] hsr_slave_1: entered promiscuous mode
[  748.691710][T12578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  748.706446][T12578] Cannot create hsr debugfs directory
[  748.742459][T12535] veth0_macvtap: entered promiscuous mode
[  748.776877][T12535] veth1_macvtap: entered promiscuous mode
[  748.818563][T12535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  748.829931][T12535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.840324][T12535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  748.851227][T12535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.863310][T12535] batman_adv: batadv0: Interface activated: batadv_slave_0
[  748.929384][T12535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  748.946905][T12535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.957395][T12535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  748.974093][T12535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.032124][T12535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  749.052545][T12535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.066275][T12535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  749.827708][T12535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.840328][T12535] batman_adv: batadv0: Interface activated: batadv_slave_1
[  749.864041][ T5831] Bluetooth: hci4: command tx timeout
[  749.894075][T12535] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  749.911394][T12535] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  749.921488][T12535] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  749.937212][T12535] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  750.169963][T12578] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  750.184008][T12578] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  750.201311][ T9131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  750.242002][ T9131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.262118][ T5831] Bluetooth: hci2: command tx timeout
[  750.940468][T12578] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  751.143065][T12578] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  751.895184][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  752.361945][ T5831] Bluetooth: hci2: command tx timeout
[  752.416599][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  752.661286][T12578] 8021q: adding VLAN 0 to HW filter on device bond0
[  752.711717][T12578] 8021q: adding VLAN 0 to HW filter on device team0
[  752.787825][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  752.795111][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  752.931389][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  752.938623][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  753.937927][T12578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  754.249035][T12666] kvm: apic: phys broadcast and lowest prio
[  754.423019][ T5831] Bluetooth: hci2: command tx timeout
[  754.669603][T12578] veth0_vlan: entered promiscuous mode
[  754.696873][T12578] veth1_vlan: entered promiscuous mode
[  754.767764][T12578] veth0_macvtap: entered promiscuous mode
[  754.803826][T12578] veth1_macvtap: entered promiscuous mode
[  755.660828][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.740933][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.817724][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.831976][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.930298][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  756.051132][T12685] netlink: 'syz.5.1857': attribute type 10 has an invalid length.
[  756.059303][T12685] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1857'.
[  756.274677][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  756.292771][T12578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  756.335098][T12685] batman_adv: batadv0: Adding interface: virt_wifi0
[  756.342089][T12685] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  756.368079][T12685] batman_adv: batadv0: Interface activated: virt_wifi0
[  756.392366][T12686] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  756.604116][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  756.660336][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  756.821022][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  756.832633][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  756.865450][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  757.844205][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  757.854677][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  757.865527][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.745302][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.757478][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.842866][T12578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  758.929955][T12578] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.967438][T12578] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  759.087693][T12578] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  759.102814][T12578] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  759.133282][T12699] loop9: detected capacity change from 0 to 1
[  759.168235][T12699] Dev loop9: unable to read RDB block 1
[  759.182287][T12699]  loop9: unable to read partition table
[  759.200094][T12699] loop9: partition table beyond EOD, truncated
[  759.243484][T12699] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  760.133071][T12706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1861'.
[  760.240455][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  760.248952][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  760.286102][T12706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1861'.
[  760.470275][ T9134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  760.505310][ T9134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  760.900855][T12726] kvm: pic: level sensitive irq not supported
[  760.900950][T12726] kvm: pic: non byte read
[  760.923646][T12726] kvm: pic: single mode not supported
[  760.923731][T12726] kvm: pic: non byte read
[  760.939782][T12726] kvm: pic: non byte read
[  760.951716][T12726] kvm: pic: non byte read
[  760.962950][T12726] kvm: pic: non byte read
[  760.978158][T12726] kvm: pic: non byte read
[  760.985976][T12726] kvm: pic: non byte read
[  761.002291][T12726] kvm: pic: non byte read
[  761.012794][T12726] kvm: pic: non byte read
[  762.541506][T12742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1868'.
[  762.930991][T12744] netlink: 'syz.0.1869': attribute type 10 has an invalid length.
[  762.939608][T12744] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1869'.
[  762.950854][T12744] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  763.689681][T12752] loop2: detected capacity change from 0 to 7
[  763.700526][T12752] Dev loop2: unable to read RDB block 7
[  763.706312][T12752]  loop2: unable to read partition table
[  763.712495][T12752] loop2: partition table beyond EOD, truncated
[  763.718753][T12752] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  763.787621][ T6987] kernel write not supported for file /snd/pcmC0D0p (pid: 6987 comm: kworker/1:5)
[  768.754448][T12797] 9pnet_fd: Insufficient options for proto=fd
[  769.013168][T12802] Cannot find add_set index 0 as target
[  769.850875][T12802] syz.6.1885 (12802): drop_caches: 2
[  772.572043][T12821] netlink: 'syz.0.1888': attribute type 10 has an invalid length.
[  772.579992][T12821] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1888'.
[  773.380246][T12821] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  773.604875][T12829] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1892'.
[  774.663631][   T47] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  775.277709][T12843] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1894'.
[  775.521966][T11904] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  775.632625][   T47] usb 7-1: New USB device found, idVendor=0b0e, idProduct=ffff, bcdDevice= 0.00
[  775.643092][   T47] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.663148][   T47] usb 7-1: config 0 descriptor??
[  775.853346][T11904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.865096][T11904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.881846][T11904] usb 5-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00
[  775.895176][T11904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.938408][T11904] usb 5-1: config 0 descriptor??
[  775.966425][T12829] loop9: detected capacity change from 0 to 8
[  776.790796][T12829]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  776.829269][T12829] loop9: partition table partially beyond EOD, truncated
[  776.880360][T11904] asus 0003:0B05:18C6.0008: hidraw0: USB HID v0.00 Device [HID 0b05:18c6] on usb-dummy_hcd.4-1/input0
[  776.891936][T11904] asus 0003:0B05:18C6.0008: Asus input not registered
[  776.900392][T11904] asus 0003:0B05:18C6.0008: probe with driver asus failed with error -12
[  776.912788][T12829] loop9: p1 size 81768186 extends beyond EOD, truncated
[  776.968898][T12829] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1892'.
[  777.437745][T12766]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  777.556553][T12766] loop9: partition table partially beyond EOD, truncated
[  777.761674][T12766] loop9: p1 size 81768186 extends beyond EOD, truncated
[  778.600403][   T47] usbhid 7-1:0.0: can't add hid device: -71
[  778.630648][   T47] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  778.716934][   T47] usb 7-1: USB disconnect, device number 2
[  778.981559][ T3805] usb 5-1: USB disconnect, device number 31
[  780.260427][T12884] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1902'.
[  780.597002][T12766] udevd[12766]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  780.676802][  T976] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  781.392023][ T5873] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  781.413402][  T976] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  781.482027][  T976] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.503099][  T976] usb 5-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  781.512555][  T976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  781.528477][  T976] usb 5-1: config 0 descriptor??
[  781.582256][ T5873] usb 7-1: device descriptor read/64, error -71
[  781.753059][T12881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  781.782299][T12881] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  781.831989][ T5873] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  782.034913][  T976] hid-multitouch 0003:0EEF:72D0.0009: reserved main item tag 0xd
[  782.051843][  T976] hid-multitouch 0003:0EEF:72D0.0009: unknown main item tag 0x0
[  782.059583][  T976] hid-multitouch 0003:0EEF:72D0.0009: item fetching failed at offset 3/5
[  782.092372][  T976] hid-multitouch 0003:0EEF:72D0.0009: probe with driver hid-multitouch failed with error -22
[  782.252193][  T976] usb 5-1: USB disconnect, device number 32
[  785.178993][T12934] kvm: pic: level sensitive irq not supported
[  785.179089][T12934] kvm: pic: non byte read
[  785.204151][T12934] kvm: pic: single mode not supported
[  785.204229][T12934] kvm: pic: non byte read
[  785.220105][T12934] kvm: pic: non byte read
[  785.225994][T12934] kvm: pic: non byte read
[  785.230858][T12934] kvm: pic: non byte read
[  785.238736][T12934] kvm: pic: non byte read
[  785.247115][T12934] kvm: pic: non byte read
[  785.255187][T12934] kvm: pic: non byte read
[  785.261473][T12934] kvm: pic: non byte read
[  785.821977][ T3805] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  786.032518][ T3805] usb 7-1: Using ep0 maxpacket: 32
[  786.045836][ T3805] usb 7-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  786.067192][ T3805] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  786.080953][ T3805] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.103001][ T3805] hub 7-1:4.0: bad descriptor, ignoring hub
[  786.109378][ T3805] hub 7-1:4.0: probe with driver hub failed with error -5
[  786.121302][ T3805] usbhid 7-1:4.0: couldn't find an input interrupt endpoint
[  786.802238][T12960] veth0_macvtap: mtu less than device minimum
[  787.102024][T12963] sctp: [Deprecated]: syz.2.1930 (pid 12963) Use of struct sctp_assoc_value in delayed_ack socket option.
[  787.102024][T12963] Use struct sctp_sack_info instead
[  788.226110][T12972] kvm: pic: level sensitive irq not supported
[  788.226204][T12972] kvm: pic: non byte read
[  788.239211][T12972] kvm: pic: single mode not supported
[  790.022151][T12618] usb 7-1: USB disconnect, device number 5
[  791.156324][T13004] 9pnet_fd: Insufficient options for proto=fd
[  792.569248][T13016] ubi31: attaching mtd0
[  792.575494][T13016] ubi31: scanning is finished
[  793.576308][T13016] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  793.599101][T13016] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  793.658818][T13016] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  793.699255][T13016] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  793.741935][T13016] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  793.792181][T13016] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  793.843787][T13016] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 403215448
[  793.899504][T13016] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  793.994975][T13024] ubi31: background thread "ubi_bgt31d" started, PID 13024
[  794.281916][  T976] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  794.453383][  T976] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  794.620905][  T976] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  794.738644][  T976] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  795.626792][  T976] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  795.639621][  T976] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  795.651129][  T976] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  795.661185][  T976] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  795.841591][  T976] usb 7-1: config 0 descriptor??
[  796.085161][  T976] usbhid 7-1:0.0: can't add hid device: -71
[  796.091223][  T976] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  796.377270][  T976] usb 7-1: USB disconnect, device number 6
[  796.701941][  T976] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  796.862401][  T976] usb 7-1: Using ep0 maxpacket: 16
[  796.875780][  T976] usb 7-1: too many configurations: 249, using maximum allowed: 8
[  796.889306][  T976] usb 7-1: unable to read config index 0 descriptor/start: -61
[  796.903294][  T976] usb 7-1: can't read configurations, error -61
[  797.042073][  T976] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  797.214065][  T976] usb 7-1: Using ep0 maxpacket: 16
[  797.224723][  T976] usb 7-1: too many configurations: 249, using maximum allowed: 8
[  797.251087][  T976] usb 7-1: unable to read config index 0 descriptor/start: -61
[  797.268764][  T976] usb 7-1: can't read configurations, error -61
[  797.284304][  T976] usb usb7-port1: attempt power cycle
[  797.668131][T13097] netlink: 'syz.6.1955': attribute type 3 has an invalid length.
[  797.703863][T13097] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1955'.
[  797.827430][T13097] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1955'.
[  797.842230][T13105] netlink: 'syz.0.1958': attribute type 10 has an invalid length.
[  797.850157][T13105] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1958'.
[  797.865233][T13105] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  798.814630][T13097] netlink: 'syz.6.1955': attribute type 1 has an invalid length.
[  798.824135][T13097] netlink: 'syz.6.1955': attribute type 2 has an invalid length.
[  800.393298][T13120] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.476373][T13120] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  800.490415][T13120] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  800.515109][T13120] 0·: left allmulticast mode
[  800.520111][T13120] hsr_slave_0: left allmulticast mode
[  800.526705][T13120] hsr_slave_1: left allmulticast mode
[  800.542325][T13120] veth0_vlan: left allmulticast mode
[  800.581917][T13120] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  800.591101][T13120] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  800.600379][T13120] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  800.609454][T13120] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  800.636938][T13120] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  802.526584][T13160] netlink: 'syz.2.1969': attribute type 10 has an invalid length.
[  802.535042][T13160] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1969'.
[  805.363438][T13203] bridge_slave_1: left allmulticast mode
[  805.412947][T13203] bridge_slave_1: left promiscuous mode
[  805.425650][T13203] bridge0: port 2(bridge_slave_1) entered disabled state
[  805.792138][T13210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1980'.
[  806.078000][T13206] bridge0: port 2(batadv1) entered blocking state
[  806.223508][T13206] bridge0: port 2(batadv1) entered disabled state
[  806.230341][T13206] batadv1: entered allmulticast mode
[  806.303524][T13206] batadv1: entered promiscuous mode
[  806.324240][T13212] vcan0 speed is unknown, defaulting to 1000
[  806.367408][T13212] vcan0 speed is unknown, defaulting to 1000
[  806.400852][T13212] vcan0 speed is unknown, defaulting to 1000
[  806.875256][T13215] kvm: pic: level sensitive irq not supported
[  806.875354][T13215] picdev_read: 8 callbacks suppressed
[  806.875367][T13215] kvm: pic: non byte read
[  806.896969][T13215] kvm: pic: level sensitive irq not supported
[  806.897027][T13215] kvm: pic: non byte read
[  806.931524][T13019] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  806.941583][T13019] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  806.954329][T13215] kvm: pic: non byte read
[  806.958890][T13215] kvm: pic: level sensitive irq not supported
[  806.958942][T13215] kvm: pic: non byte read
[  807.063597][T13215] kvm: pic: single mode not supported
[  807.063654][T13215] kvm: pic: non byte read
[  807.115229][T13215] kvm: pic: non byte read
[  807.162657][T13215] kvm: pic: single mode not supported
[  807.162686][T13215] kvm: pic: level sensitive irq not supported
[  807.222837][T11904] vcan0 speed is unknown, defaulting to 1000
[  807.384398][T13212] infiniband syz1: set active
[  807.389426][T13212] infiniband syz1: added vcan0
[  807.401692][T13212] syz1: rxe_create_cq: returned err = -12
[  807.725392][T13212] infiniband syz1: Couldn't create ib_mad CQ
[  807.731563][T13212] infiniband syz1: Couldn't open port 1
[  807.793361][T13212] RDS/IB: syz1: added
[  807.808300][T13212] smc: adding ib device syz1 with port count 1
[  808.055370][T13212] smc:    ib device syz1 port 1 has pnetid SYZ0 (user defined)
[  808.082898][T12618] vcan0 speed is unknown, defaulting to 1000
[  808.098771][T13212] vcan0 speed is unknown, defaulting to 1000
[  808.419774][T13212] vcan0 speed is unknown, defaulting to 1000
[  808.686183][T13212] vcan0 speed is unknown, defaulting to 1000
[  808.744400][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  808.915861][T13212] vcan0 speed is unknown, defaulting to 1000
[  809.237346][T13212] vcan0 speed is unknown, defaulting to 1000
[  810.064737][T13212] vcan0 speed is unknown, defaulting to 1000
[  810.587917][T13212] vcan0 speed is unknown, defaulting to 1000
[  812.590163][T13269] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1998'.
[  812.611522][T13269] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1998'.
[  812.688320][T13274] 9pnet_fd: Insufficient options for proto=fd
[  814.296916][T13289] netlink: 37 bytes leftover after parsing attributes in process `syz.4.2001'.
[  814.362362][T13291] 9pnet_fd: Insufficient options for proto=fd
[  816.703542][T11904] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  817.578493][T11904] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  817.901314][T11904] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  817.907680][T13329] 9pnet_fd: Insufficient options for proto=fd
[  817.951076][T13328] 9pnet_fd: Insufficient options for proto=fd
[  817.958280][T11904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  817.972094][T11904] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  817.992517][T11904] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  818.008733][T11904] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.029168][T11904] usb 3-1: Product: syz
[  818.040325][T11904] usb 3-1: Manufacturer: syz
[  818.057946][T11904] usb 3-1: SerialNumber: syz
[  818.095101][T11904] usb 3-1: config 0 descriptor??
[  818.124520][T11904] garmin_gps 3-1:0.0: Garmin GPS usb/tty converter detected
[  818.145771][T11904] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  818.179275][T11904] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  818.751357][ T3805] usb 3-1: USB disconnect, device number 45
[  818.928018][ T3805] garmin_gps 3-1:0.0: device disconnected
[  820.553830][T13348] ptrace attach of "./syz-executor exec"[5834] was attempted by ""[13348]
[  820.695320][T13352] FAULT_INJECTION: forcing a failure.
[  820.695320][T13352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  820.754966][T13352] CPU: 1 UID: 0 PID: 13352 Comm: syz.0.2025 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  820.754999][T13352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  820.755013][T13352] Call Trace:
[  820.755021][T13352]  <TASK>
[  820.755030][T13352]  dump_stack_lvl+0x241/0x360
[  820.755065][T13352]  ? __pfx_dump_stack_lvl+0x10/0x10
[  820.755092][T13352]  ? __pfx__printk+0x10/0x10
[  820.755127][T13352]  should_fail_ex+0x424/0x570
[  820.755158][T13352]  _copy_from_user+0x2d/0xb0
[  820.755182][T13352]  memdup_user+0x5e/0xd0
[  820.755209][T13352]  io_parse_restrictions+0x44/0x360
[  820.755233][T13352]  ? __fget_files+0x39d/0x420
[  820.755262][T13352]  io_register_restrictions+0xba/0x140
[  820.755288][T13352]  __se_sys_io_uring_register+0x16ec/0x39b0
[  820.755315][T13352]  ? __lock_acquire+0xad5/0xd80
[  820.755361][T13352]  ? __pfx___se_sys_io_uring_register+0x10/0x10
[  820.755393][T13352]  ? rcu_read_lock_any_held+0xbb/0x160
[  820.755417][T13352]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  820.755444][T13352]  ? vfs_write+0xb29/0xd10
[  820.755479][T13352]  ? ksys_write+0x24e/0x2d0
[  820.755519][T13352]  ? __mutex_unlock_slowpath+0x229/0x800
[  820.755556][T13352]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  820.755590][T13352]  ? __fget_files+0x2a/0x420
[  820.755616][T13352]  ? __fget_files+0x2a/0x420
[  820.755645][T13352]  ? fput+0x9b/0xd0
[  820.755670][T13352]  ? ksys_write+0x275/0x2d0
[  820.755707][T13352]  ? do_syscall_64+0xb6/0x230
[  820.755737][T13352]  do_syscall_64+0xf3/0x230
[  820.755762][T13352]  ? clear_bhb_loop+0x45/0xa0
[  820.755784][T13352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.755805][T13352] RIP: 0033:0x7f385bb8d169
[  820.755823][T13352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  820.755841][T13352] RSP: 002b:00007f385c9b1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  820.755864][T13352] RAX: ffffffffffffffda RBX: 00007f385bda5fa0 RCX: 00007f385bb8d169
[  820.755879][T13352] RDX: 0000200000000440 RSI: 000000000000000b RDI: 0000000000000003
[  820.755893][T13352] RBP: 00007f385c9b1090 R08: 0000000000000000 R09: 0000000000000000
[  820.755910][T13352] R10: 000000000000005b R11: 0000000000000246 R12: 0000000000000001
[  820.755922][T13352] R13: 0000000000000000 R14: 00007f385bda5fa0 R15: 00007ffeb1eb2d28
[  820.755954][T13352]  </TASK>
[  821.083970][T13356] 9pnet_fd: Insufficient options for proto=fd
[  821.282447][T13359] 9pnet_fd: Insufficient options for proto=fd
[  821.688728][T13363] netlink: 'syz.5.2031': attribute type 10 has an invalid length.
[  821.696871][T13363] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2031'.
[  821.707454][T13363] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  823.576893][T13377] loop2: detected capacity change from 0 to 7
[  823.584019][T13377] Dev loop2: unable to read RDB block 7
[  823.589710][T13377]  loop2: unable to read partition table
[  823.595662][T13377] loop2: partition table beyond EOD, truncated
[  823.602111][T13377] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  823.614507][  T976] kernel write not supported for file /snd/pcmC0D0p (pid: 976 comm: kworker/0:2)
[  824.232510][T10366] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  824.965590][T13394] 9pnet_fd: Insufficient options for proto=fd
[  825.102124][T10366] usb 6-1: Using ep0 maxpacket: 16
[  825.307460][T10366] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  825.608121][T10366] usb 6-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  825.624695][T13401] bridge1: entered allmulticast mode
[  825.660202][T10366] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  825.717400][T10366] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  825.744681][T10366] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  826.112436][T10366] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.121057][T10366] usb 6-1: Product: syz
[  826.125550][T10366] usb 6-1: Manufacturer: syz
[  826.130189][T10366] usb 6-1: SerialNumber: syz
[  826.296071][T13405] netlink: 'syz.2.2044': attribute type 10 has an invalid length.
[  826.304158][T13405] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2044'.
[  826.805311][T13408] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2035'.
[  827.509578][T13413] kvm: pic: level sensitive irq not supported
[  827.509710][T13413] kvm: pic: non byte read
[  827.535716][T13413] kvm: pic: level sensitive irq not supported
[  827.535776][T13413] kvm: pic: non byte read
[  827.550265][T13413] kvm: pic: non byte read
[  827.555974][T13413] kvm: pic: level sensitive irq not supported
[  827.556076][T13413] kvm: pic: non byte read
[  827.569754][T13413] kvm: pic: non byte read
[  827.575167][T13413] kvm: pic: non byte read
[  827.580320][T13413] kvm: pic: non byte read
[  827.586016][T13413] kvm: pic: single mode not supported
[  827.586100][T13413] kvm: pic: non byte read
[  827.599580][T13413] kvm: pic: non byte read
[  827.612226][T10366] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  827.622616][T10366] usb 6-1: MIDIStreaming interface descriptor not found
[  827.685150][T10366] usb 6-1: USB disconnect, device number 2
[  828.009451][T12766] udevd[12766]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  828.095389][  T976] kernel write not supported for file /snd/pcmC0D0p (pid: 976 comm: kworker/0:2)
[  829.892808][T13439] 9pnet_fd: Insufficient options for proto=fd
[  830.010937][T13441] 9pnet_fd: Insufficient options for proto=fd
[  830.075907][ T5831] Bluetooth: hci2: unexpected event for opcode 0x0406
[  830.091024][T13446] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2056'.
[  830.670145][T10374] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  832.353374][T10374] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  832.361463][T10374] usb 7-1: config 0 has no interface number 0
[  832.379121][T10374] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  832.411875][T10374] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  832.492069][T10374] usb 7-1: Product: syz
[  832.496519][T10374] usb 7-1: Manufacturer: syz
[  832.501217][T10374] usb 7-1: SerialNumber: syz
[  832.558526][T10374] usb 7-1: config 0 descriptor??
[  832.793097][T10374] dvb_usb_ec168 7-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  832.843917][T10374] usb 7-1: USB disconnect, device number 10
[  832.904888][ T5873] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  833.083559][ T5873] usb 3-1: config 0 interface 0 has no altsetting 0
[  833.180208][ T5873] usb 3-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=de.ad
[  833.196190][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  833.208192][ T5873] usb 3-1: config 0 descriptor??
[  833.220735][ T5873] usb 3-1: selecting invalid altsetting 0
[  834.025272][ T5873] usb 3-1: can't set first interface for hiFace device.
[  834.065895][ T5873] snd-usb-hiface 3-1:0.0: probe with driver snd-usb-hiface failed with error -5
[  834.118911][ T5873] usb 3-1: USB disconnect, device number 46
[  835.596683][T13482] 9pnet_fd: Insufficient options for proto=fd
[  836.190209][T13499] netlink: 'syz.0.2070': attribute type 10 has an invalid length.
[  837.175437][T13499] team0: Device ipvlan1 failed to register rx_handler
[  837.413509][T13495] delete_channel: no stack
[  837.601509][T10366] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[  837.796135][T10366] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  837.818605][T10366] usb 5-1: config 0 has no interface number 0
[  837.839139][T10366] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  837.849129][T10366] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  837.875164][T10366] usb 5-1: config 0 descriptor??
[  837.904809][T10366] usb 5-1: selecting invalid altsetting 1
[  837.928353][T10366] dvb_ttusb_budget: ttusb_init_controller: error
[  837.939511][T10366] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  837.969591][T13519] 9pnet_fd: Insufficient options for proto=fd
[  838.238099][T10366] DVB: Unable to find symbol cx22700_attach()
[  838.413067][T13527] kAFS: Can only specify source 'none' with -o dyn
[  839.135717][T13531] kAFS: No cell specified
[  839.438732][T10366] DVB: Unable to find symbol tda10046_attach()
[  839.445298][T10366] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  839.643308][ T5873] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  839.885997][ T5873] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  839.902434][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  839.921180][ T5873] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[  839.931059][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.940460][ T5873] usb 3-1: Product: syz
[  839.946484][ T5873] usb 3-1: Manufacturer: syz
[  839.951303][ T5873] usb 3-1: SerialNumber: syz
[  839.959094][ T5873] usb 3-1: config 0 descriptor??
[  839.968290][ T5873] ims_pcu 3-1:0.0: Missing CDC union descriptor
[  839.975497][ T5873] ims_pcu 3-1:0.0: probe with driver ims_pcu failed with error -22
[  840.196067][T13539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  840.224961][T13539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  840.477544][ T5873] usb 5-1: USB disconnect, device number 33
[  840.502708][T13551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  840.532696][T13551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  840.756020][T13553] netlink: 'syz.4.2089': attribute type 1 has an invalid length.
[  841.626622][ T5831] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  842.074963][T13567] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2093'.
[  842.348701][T13571] dvmrp1: entered allmulticast mode
[  843.180433][T13584] overlayfs: failed to resolve './file0': -2
[  843.285324][T10374] usb 3-1: USB disconnect, device number 47
[  843.531854][T11904] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  843.733268][T11904] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  843.785039][T11904] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  843.837705][T11904] usb 7-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  843.862223][T11904] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.976407][T11904] usb 7-1: config 0 descriptor??
[  844.463928][T13588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  844.500415][T13588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  844.517154][T11904] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  844.525277][T11904] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  844.533964][T11904] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  844.545392][T11904] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  844.554930][T11904] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  845.008486][T11904] playstation 0003:054C:0DF2.000A: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.6-1/input0
[  845.297537][T13588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  845.318689][T13605] 9pnet_fd: Insufficient options for proto=fd
[  845.350214][T13588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  845.582425][T11904] playstation 0003:054C:0DF2.000A: Failed to retrieve feature with reportID 5: -71
[  845.619816][T11904] playstation 0003:054C:0DF2.000A: Failed to retrieve DualSense calibration info: -71
[  845.638777][T11904] playstation 0003:054C:0DF2.000A: Failed to get calibration data from DualSense
[  845.655005][T11904] playstation 0003:054C:0DF2.000A: Failed to create dualsense.
[  845.668796][T11904] playstation 0003:054C:0DF2.000A: probe with driver playstation failed with error -71
[  845.694934][T11904] usb 7-1: USB disconnect, device number 11
[  845.890394][T13617] 9pnet_fd: Insufficient options for proto=fd
[  846.111519][T13622] 9pnet_fd: Insufficient options for proto=fd
[  846.163584][T13624] 9pnet_fd: Insufficient options for proto=fd
[  846.560979][T13633] overlay: ./file0 is not a directory
[  847.086447][T13635] netlink: 'syz.4.2116': attribute type 3 has an invalid length.
[  847.132781][T13635] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2116'.
[  847.170154][T13639] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2116'.
[  847.269124][T13639] netlink: 'syz.4.2116': attribute type 1 has an invalid length.
[  847.559553][T13639] netlink: 'syz.4.2116': attribute type 2 has an invalid length.
[  848.586512][T13657] 9pnet_fd: Insufficient options for proto=fd
[  848.637763][T13659] netlink: 'syz.5.2125': attribute type 10 has an invalid length.
[  848.671858][T13659] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  848.702552][T13659] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  848.854528][T13663] kvm: pic: level sensitive irq not supported
[  848.854628][T13663] kvm: pic: non byte read
[  848.867199][T13663] kvm: pic: non byte read
[  848.872328][T13663] kvm: pic: single mode not supported
[  848.872352][T13663] kvm: pic: level sensitive irq not supported
[  848.878019][T13663] kvm: pic: non byte read
[  848.893777][T13663] kvm: pic: level sensitive irq not supported
[  848.893851][T13663] kvm: pic: non byte read
[  848.915733][T13663] kvm: pic: level sensitive irq not supported
[  848.915811][T13663] kvm: pic: non byte read
[  848.937862][T13663] kvm: pic: non byte read
[  848.947832][T13663] kvm: pic: non byte read
[  848.952605][T10366] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  848.962807][T13663] kvm: pic: non byte read
[  848.972802][T13663] kvm: pic: non byte read
[  849.112169][T10366] usb 6-1: Using ep0 maxpacket: 16
[  849.122816][T10366] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  849.143880][T10366] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  849.151516][T13669] Invalid logical block size (32767)
[  849.170688][T10366] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  849.189642][T10366] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  849.228618][T10366] usb 6-1: Product: syz
[  849.249791][T10366] usb 6-1: Manufacturer: syz
[  849.267581][T10366] usb 6-1: SerialNumber: syz
[  849.409710][T13675] 9pnet_fd: Insufficient options for proto=fd
[  849.558347][T13676] lo speed is unknown, defaulting to 1000
[  849.566862][T13676] vcan0 speed is unknown, defaulting to 1000
[  849.633610][T13659] fuse: Bad value for 'fd'
[  850.028097][T13677] vivid-002: kernel_thread() failed
[  850.148871][T10366] usb 6-1: 0:2 : does not exist
[  850.192756][T10366] usb 6-1: unit 4 not found!
[  850.264317][T10366] usb 6-1: USB disconnect, device number 3
[  850.836923][T12700] udevd[12700]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  851.156881][T13707] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2135'.
[  852.987447][T13724] kvm: pic: level sensitive irq not supported
[  852.988310][T13724] kvm: pic: non byte read
[  853.001152][T13724] kvm: pic: single mode not supported
[  853.001171][T13724] kvm: pic: level sensitive irq not supported
[  853.008145][T13724] kvm: pic: level sensitive irq not supported
[  853.015349][T13724] kvm: pic: level sensitive irq not supported
[  853.395355][T13731] 9pnet_fd: Insufficient options for proto=fd
[  853.523459][T13730] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2141'.
[  853.712475][ T5830] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  854.238410][ T5830] usb 5-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  854.249691][ T5830] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.259209][ T5830] usb 5-1: Product: syz
[  854.263953][ T5830] usb 5-1: Manufacturer: syz
[  854.268973][ T5830] usb 5-1: SerialNumber: syz
[  854.286047][ T5830] usb 5-1: config 0 descriptor??
[  854.635650][T13743] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  855.141032][ T5830] peak_usb 5-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[  855.382771][ T5830] peak_usb 5-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  855.429293][T13750] 9pnet_fd: Insufficient options for proto=fd
[  855.446536][ T5830] peak_usb 5-1:0.0: unable to tell PCAN-USB FD driver is loaded (err -71)
[  855.512279][ T5830] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -71
[  855.678641][ T5830] usb 5-1: USB disconnect, device number 34
[  856.562456][T13755] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2147'.
[  857.502090][T13758] veth1_macvtap: left promiscuous mode
[  857.507642][T13758] macsec0: entered allmulticast mode
[  857.751911][T10366] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  858.042240][T10366] usb 6-1: Using ep0 maxpacket: 8
[  858.257078][T10366] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  858.312280][T10366] usb 6-1: config 0 has no interface number 0
[  858.318582][T10366] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  858.508028][T10366] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  859.211781][T10366] usb 6-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  859.221019][T10366] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.284353][T10366] usb 6-1: config 0 descriptor??
[  859.504442][T13757] veth1_macvtap: entered promiscuous mode
[  859.511020][T13757] veth1_macvtap: entered allmulticast mode
[  859.517333][T13757] macsec0: left allmulticast mode
[  859.522685][T13757] veth1_macvtap: left allmulticast mode
[  859.839788][T10366] hso 6-1:0.1: Failed to find BULK IN ep
[  859.903119][T10366] usb 6-1: USB disconnect, device number 4
[  861.397537][T13787] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2158'.
[  861.475374][T13802] 9pnet_fd: Insufficient options for proto=fd
[  861.571923][ T5873] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  861.743726][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  861.755512][ T5873] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  861.813428][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  861.839048][ T5873] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  861.857057][ T5873] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  861.872277][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  861.906908][ T5873] usb 3-1: Product: syz
[  861.921549][ T5873] usb 3-1: Manufacturer: syz
[  861.934404][ T5873] usb 3-1: SerialNumber: syz
[  861.950588][ T5873] usb 3-1: config 0 descriptor??
[  861.973822][ T5873] garmin_gps 3-1:0.0: Garmin GPS usb/tty converter detected
[  861.986123][ T5873] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  862.018890][ T5873] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  862.194960][ T5873] usb 3-1: USB disconnect, device number 48
[  862.203516][ T5873] garmin_gps 3-1:0.0: device disconnected
[  862.426795][T13804] FAULT_INJECTION: forcing a failure.
[  862.426795][T13804] name failslab, interval 1, probability 0, space 0, times 0
[  862.443957][T13804] CPU: 0 UID: 0 PID: 13804 Comm: syz.5.2162 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  862.443981][T13804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  862.443991][T13804] Call Trace:
[  862.443997][T13804]  <TASK>
[  862.444004][T13804]  dump_stack_lvl+0x241/0x360
[  862.444031][T13804]  ? __pfx_dump_stack_lvl+0x10/0x10
[  862.444051][T13804]  ? __pfx__printk+0x10/0x10
[  862.444073][T13804]  ? ref_tracker_alloc+0x316/0x4c0
[  862.444097][T13804]  should_fail_ex+0x424/0x570
[  862.444120][T13804]  should_failslab+0xac/0x100
[  862.444140][T13804]  kmem_cache_alloc_noprof+0x78/0x390
[  862.444157][T13804]  ? skb_clone+0x20c/0x390
[  862.444180][T13804]  skb_clone+0x20c/0x390
[  862.444201][T13804]  __netlink_deliver_tap+0x3c4/0x7f0
[  862.444222][T13804]  ? netlink_deliver_tap+0x2e/0x1b0
[  862.444236][T13804]  netlink_deliver_tap+0x19d/0x1b0
[  862.444250][T13804]  netlink_sendskb+0x68/0x140
[  862.444272][T13804]  netlink_unicast+0x39f/0x9a0
[  862.444292][T13804]  ? __asan_memcpy+0x40/0x70
[  862.444317][T13804]  ? __pfx_netlink_unicast+0x10/0x10
[  862.444338][T13804]  ? ref_tracker_free+0x63e/0x7e0
[  862.444363][T13804]  netlink_rcv_skb+0x296/0x480
[  862.444387][T13804]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  862.444402][T13804]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  862.444425][T13804]  ? netlink_deliver_tap+0x2e/0x1b0
[  862.444441][T13804]  ? netlink_deliver_tap+0x2e/0x1b0
[  862.444456][T13804]  netlink_unicast+0x7f8/0x9a0
[  862.444481][T13804]  ? __pfx_netlink_unicast+0x10/0x10
[  862.444502][T13804]  ? smack_socket_getpeersec_dgram+0x210/0x410
[  862.444522][T13804]  ? skb_put+0x114/0x1f0
[  862.444541][T13804]  netlink_sendmsg+0x8c3/0xcd0
[  862.444562][T13804]  ? __pfx_netlink_sendmsg+0x10/0x10
[  862.444583][T13804]  ? __pfx_netlink_sendmsg+0x10/0x10
[  862.444597][T13804]  __sock_sendmsg+0x221/0x270
[  862.444621][T13804]  ____sys_sendmsg+0x523/0x860
[  862.444645][T13804]  ? __pfx_____sys_sendmsg+0x10/0x10
[  862.444663][T13804]  ? __fget_files+0x2a/0x420
[  862.444682][T13804]  ? __fget_files+0x2a/0x420
[  862.444704][T13804]  __sys_sendmsg+0x271/0x360
[  862.444725][T13804]  ? __pfx___sys_sendmsg+0x10/0x10
[  862.444771][T13804]  ? do_syscall_64+0xb6/0x230
[  862.444793][T13804]  do_syscall_64+0xf3/0x230
[  862.444813][T13804]  ? clear_bhb_loop+0x45/0xa0
[  862.444830][T13804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.444845][T13804] RIP: 0033:0x7fc72478d169
[  862.444858][T13804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.444870][T13804] RSP: 002b:00007fc725604038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  862.444886][T13804] RAX: ffffffffffffffda RBX: 00007fc7249a5fa0 RCX: 00007fc72478d169
[  862.444897][T13804] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  862.444906][T13804] RBP: 00007fc725604090 R08: 0000000000000000 R09: 0000000000000000
[  862.444915][T13804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  862.444924][T13804] R13: 0000000000000000 R14: 00007fc7249a5fa0 R15: 00007ffc89d56148
[  862.444942][T13804]  </TASK>
[  862.755792][    C0] vkms_vblank_simulate: vblank timer overrun
[  863.311796][T13810] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  863.933489][T13823] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2168'.
[  863.944855][T13821] overlayfs: missing 'workdir'
[  863.966687][T13821] Invalid ELF header magic: != ELF
[  864.020851][   T30] audit: type=1326 audit(1743370975.009:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13822 comm="syz.0.2168" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f385bb8d169 code=0x0
[  865.019617][T13846] ieee802154 phy1 wpan1: encryption failed: -22
[  867.137535][T11904] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  867.190869][T13871] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2181'.
[  867.200729][T13871] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2181'.
[  867.271960][T13871] netlink: 'syz.2.2181': attribute type 7 has an invalid length.
[  867.280096][T13871] netlink: 'syz.2.2181': attribute type 5 has an invalid length.
[  867.291894][T13871] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2181'.
[  867.552323][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[  867.671896][T11904] usb 5-1: device descriptor read/64, error -71
[  867.911882][T11904] usb 5-1: new full-speed USB device number 36 using dummy_hcd
[  868.061951][T11904] usb 5-1: device descriptor read/64, error -71
[  868.178350][T13880] 9pnet_fd: Insufficient options for proto=fd
[  868.182457][T11904] usb usb5-port1: attempt power cycle
[  868.542152][T11904] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[  868.623011][T11904] usb 5-1: device descriptor read/8, error -71
[  868.891839][T11904] usb 5-1: new full-speed USB device number 38 using dummy_hcd
[  868.913944][T11904] usb 5-1: device descriptor read/8, error -71
[  869.094204][T11904] usb usb5-port1: unable to enumerate USB device
[  870.012000][T11904] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  870.070585][T13897] xt_limit: Overflow, try lower: 4294967295/4294966784
[  870.083257][T13897] overlayfs: conflicting options: nfs_export=on,index=off
[  870.172041][T11904] usb 7-1: device descriptor read/64, error -71
[  870.190011][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  870.432207][T11904] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  870.571926][T11904] usb 7-1: device descriptor read/64, error -71
[  870.822543][T11904] usb usb7-port1: attempt power cycle
[  871.172040][T11904] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  871.276907][T11904] usb 7-1: device descriptor read/8, error -71
[  871.721859][T11904] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  871.742529][T11904] usb 7-1: device descriptor read/8, error -71
[  871.942899][T11904] usb usb7-port1: unable to enumerate USB device
[  872.121829][T13922] netlink: 'syz.6.2198': attribute type 39 has an invalid length.
[  872.262170][T12806] Bluetooth: hci2: command 0x0405 tx timeout
[  874.892179][T13945] FAULT_INJECTION: forcing a failure.
[  874.892179][T13945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  875.372327][T13945] CPU: 1 UID: 0 PID: 13945 Comm: syz.6.2206 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  875.372370][T13945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  875.372385][T13945] Call Trace:
[  875.372393][T13945]  <TASK>
[  875.372403][T13945]  dump_stack_lvl+0x241/0x360
[  875.372441][T13945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  875.372470][T13945]  ? __pfx__printk+0x10/0x10
[  875.372506][T13945]  should_fail_ex+0x424/0x570
[  875.372538][T13945]  _copy_from_user+0x2d/0xb0
[  875.372564][T13945]  __sys_bpf+0x1be/0x850
[  875.372593][T13945]  ? rcu_is_watching+0x15/0xb0
[  875.372619][T13945]  ? __pfx___sys_bpf+0x10/0x10
[  875.372647][T13945]  ? preempt_schedule_irq+0x145/0x1c0
[  875.372694][T13945]  __x64_sys_bpf+0x7c/0x90
[  875.372722][T13945]  do_syscall_64+0xf3/0x230
[  875.372751][T13945]  ? clear_bhb_loop+0x45/0xa0
[  875.372775][T13945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.372795][T13945] RIP: 0033:0x7f54dc98d169
[  875.372814][T13945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.372831][T13945] RSP: 002b:00007f54dd86d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  875.372854][T13945] RAX: ffffffffffffffda RBX: 00007f54dcba5fa0 RCX: 00007f54dc98d169
[  875.372870][T13945] RDX: 0000000000000021 RSI: 000020000000e000 RDI: 0000000000000005
[  875.372883][T13945] RBP: 00007f54dd86d090 R08: 0000000000000000 R09: 0000000000000000
[  875.372896][T13945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  875.372909][T13945] R13: 0000000000000001 R14: 00007f54dcba5fa0 R15: 00007ffc7f8ecf68
[  875.372935][T13945]  </TASK>
[  876.166654][T13954] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2209'.
[  876.176243][T13954] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2209'.
[  876.378836][T13959] 9pnet_fd: Insufficient options for proto=fd
[  877.644809][T13967] nfs: Unknown parameter '	'
[  878.692523][T13990] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2217'.
[  878.841941][ T5873] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  879.011891][ T5873] usb 7-1: device descriptor read/64, error -71
[  879.261969][ T5873] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  879.357486][T13994] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2219'.
[  879.407604][ T5873] usb 7-1: device descriptor read/64, error -71
[  879.590807][ T5873] usb usb7-port1: attempt power cycle
[  879.781144][T14001] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2221'.
[  880.187345][ T5873] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  880.223599][ T5873] usb 7-1: device descriptor read/8, error -71
[  881.107326][ T5873] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  881.269115][ T5873] usb 7-1: device descriptor read/8, error -71
[  881.562181][ T5873] usb usb7-port1: unable to enumerate USB device
[  882.118454][T14021] dlm: no local IP address has been set
[  882.124269][T14021] dlm: cannot start dlm midcomms -107
[  883.058636][T14025] ip6gre1: entered allmulticast mode
[  883.327768][T14030] xt_hashlimit: max too large, truncated to 1048576
[  884.580173][T14049] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2235'.
[  884.825379][T14049] fuse: Bad value for 'fd'
[  887.380961][   T30] audit: type=1326 audit(1743370998.369:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14068 comm="syz.6.2242" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f54dc98d169 code=0x0
[  887.622100][T12806] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  887.633247][T12806] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  887.643153][T12806] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  887.651155][T12806] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  887.659107][T12806] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  887.756703][T14073] lo speed is unknown, defaulting to 1000
[  887.802901][T14073] vcan0 speed is unknown, defaulting to 1000
[  888.064530][T13828] bond0: (slave netdevsim0): Releasing backup interface
[  888.440307][T14073] chnl_net:caif_netlink_parms(): no params data found
[  889.412344][T13828] bridge_slave_1: left allmulticast mode
[  889.438532][T13828] bridge_slave_1: left promiscuous mode
[  889.575277][T13828] bridge0: port 2(bridge_slave_1) entered disabled state
[  889.651315][T13828] bridge_slave_0: left allmulticast mode
[  889.686874][T13828] bridge_slave_0: left promiscuous mode
[  889.710158][T13828] bridge0: port 1(bridge_slave_0) entered disabled state
[  889.756041][T14109] kvm: pic: level sensitive irq not supported
[  889.756254][T14109] picdev_read: 8 callbacks suppressed
[  889.756271][T14109] kvm: pic: non byte read
[  889.779583][T14109] kvm: pic: level sensitive irq not supported
[  889.779822][T14109] kvm: pic: non byte read
[  889.786234][ T5831] Bluetooth: hci1: command tx timeout
[  889.832350][T14109] kvm: pic: level sensitive irq not supported
[  889.832542][T14109] kvm: pic: non byte read
[  889.851349][T14109] kvm: pic: level sensitive irq not supported
[  889.851588][T14109] kvm: pic: non byte read
[  889.895474][T14109] kvm: pic: level sensitive irq not supported
[  889.895633][T14109] kvm: pic: non byte read
[  889.922463][T14109] kvm: pic: level sensitive irq not supported
[  889.922519][T14109] kvm: pic: non byte read
[  889.959202][T14109] kvm: pic: level sensitive irq not supported
[  889.959278][T14109] kvm: pic: non byte read
[  889.972475][T14113] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2250'.
[  889.991013][T14109] kvm: pic: level sensitive irq not supported
[  889.991083][T14109] kvm: pic: non byte read
[  890.012848][T14109] kvm: pic: level sensitive irq not supported
[  890.012925][T14109] kvm: pic: non byte read
[  890.518685][T14123] FAULT_INJECTION: forcing a failure.
[  890.518685][T14123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  890.533601][T14123] CPU: 1 UID: 0 PID: 14123 Comm: syz.2.2252 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  890.533640][T14123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  890.533653][T14123] Call Trace:
[  890.533661][T14123]  <TASK>
[  890.533670][T14123]  dump_stack_lvl+0x241/0x360
[  890.533705][T14123]  ? __pfx_dump_stack_lvl+0x10/0x10
[  890.533734][T14123]  ? __pfx__printk+0x10/0x10
[  890.533769][T14123]  should_fail_ex+0x424/0x570
[  890.533801][T14123]  _copy_from_user+0x2d/0xb0
[  890.533825][T14123]  move_addr_to_kernel+0x7f/0x170
[  890.533858][T14123]  copy_msghdr_from_user+0x477/0x580
[  890.533894][T14123]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  890.533925][T14123]  ? __fget_files+0x2a/0x420
[  890.533954][T14123]  ? __fget_files+0x2a/0x420
[  890.533979][T14123]  __sys_sendmmsg+0x361/0x7b0
[  890.534006][T14123]  ? __pfx___sys_sendmmsg+0x10/0x10
[  890.534044][T14123]  ? trace_irq_enable+0x2c/0x120
[  890.534068][T14123]  ? finish_task_switch+0x1ea/0x870
[  890.534094][T14123]  ? rcu_is_watching+0x15/0xb0
[  890.534113][T14123]  ? trace_sched_exit_tp+0x3c/0x120
[  890.534136][T14123]  ? __schedule+0x1b51/0x51f0
[  890.534172][T14123]  ? __pfx___schedule+0x10/0x10
[  890.534198][T14123]  ? ksys_write+0x275/0x2d0
[  890.534229][T14123]  __x64_sys_sendmmsg+0xa0/0xb0
[  890.534251][T14123]  do_syscall_64+0xf3/0x230
[  890.534273][T14123]  ? clear_bhb_loop+0x45/0xa0
[  890.534292][T14123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.534308][T14123] RIP: 0033:0x7f246958d169
[  890.534323][T14123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  890.534337][T14123] RSP: 002b:00007f246a38f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  890.534355][T14123] RAX: ffffffffffffffda RBX: 00007f24697a6160 RCX: 00007f246958d169
[  890.534368][T14123] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 000000000000000a
[  890.534379][T14123] RBP: 00007f246a38f090 R08: 0000000000000000 R09: 0000000000000000
[  890.534389][T14123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  890.534399][T14123] R13: 0000000000000000 R14: 00007f24697a6160 R15: 00007ffefa3c0b38
[  890.534419][T14123]  </TASK>
[  891.844775][T14126] block device autoloading is deprecated and will be removed.
[  891.872141][ T5831] Bluetooth: hci1: command tx timeout
[  892.660481][T14136] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2257'.
[  892.838618][T13828] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  892.865825][T13828] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  892.925821][T13828] bond0 (unregistering): Released all slaves
[  892.973310][T13828] bond1 (unregistering): Released all slaves
[  893.037022][T14136] bridge0: port 2(bridge_slave_1) entered disabled state
[  893.046277][T14136] bridge0: port 1(bridge_slave_0) entered disabled state
[  894.052099][ T5831] Bluetooth: hci1: command tx timeout
[  894.446568][T14150] 9pnet_fd: Insufficient options for proto=fd
[  894.715944][T14165] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2262'.
[  894.761847][T14073] bridge0: port 1(bridge_slave_0) entered blocking state
[  894.781423][T14073] bridge0: port 1(bridge_slave_0) entered disabled state
[  894.803992][T14073] bridge_slave_0: entered allmulticast mode
[  999.891668][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  999.898787][    C0] rcu: 	1-...!: (1 GPs behind) idle=e3ac/1/0x4000000000000000 softirq=53737/53738 fqs=0
[  999.909710][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P14155/1:b..l P14168/1:b..l
[  999.918984][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=62917, q=223 ncpus=2)
[  999.926732][    C0] Sending NMI from CPU 0 to CPUs 1:
[  999.926770][    C1] NMI backtrace for cpu 1
[  999.926790][    C1] CPU: 1 UID: 0 PID: 14169 Comm: syz.0.2264 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[  999.926810][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  999.926822][    C1] RIP: 0010:enqueue_hrtimer+0x7/0x3c0
[  999.926850][    C1] Code: 00 e9 3d 90 ff ff 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 41 55 <41> 54 53 89 d5 49 89 f5 49 89 fe 49 bc 00 00 00 00 00 fc ff df e8
[  999.926864][    C1] RSP: 0018:ffffc90000a08d18 EFLAGS: 00000046
[  999.926879][    C1] RAX: ffffffff81b080d7 RBX: 0000000000000000 RCX: ffff8880226f5a00
[  999.926891][    C1] RDX: 0000000000000000 RSI: ffff8880b87277c0 RDI: ffff88805abb8340
[  999.926902][    C1] RBP: ffffc90000a08ea0 R08: ffffffff81b080cd R09: fffff52000141184
[  999.926914][    C1] R10: dffffc0000000000 R11: fffff52000141184 R12: 1ffff110170e4f03
[  999.926926][    C1] R13: dffffc0000000000 R14: ffff88805abb8340 R15: ffff8880b87276c0
[  999.926939][    C1] FS:  00007f385c96f6c0(0000) GS:ffff8881250ed000(0000) knlGS:0000000000000000
[  999.926953][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  999.926964][    C1] CR2: 000020000001d000 CR3: 000000007d4a4000 CR4: 00000000003526f0
[  999.926979][    C1] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000
[  999.926989][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  999.926999][    C1] Call Trace:
[  999.927007][    C1]  <NMI>
[  999.927015][    C1]  ? nmi_cpu_backtrace+0x3d1/0x4e0
[  999.927039][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  999.927056][    C1]  ? look_up_lock_class+0x7b/0x170
[  999.927079][    C1]  ? lock_acquire+0x1fc/0x2f0
[  999.927108][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  999.927123][    C1]  ? nmi_handle+0x196/0x5e0
[  999.927141][    C1]  ? nmi_handle+0x7e/0x5e0
[  999.927160][    C1]  ? enqueue_hrtimer+0x7/0x3c0
[  999.927178][    C1]  ? default_do_nmi+0x63/0x160
[  999.927195][    C1]  ? exc_nmi+0x123/0x1f0
[  999.927210][    C1]  ? end_repeat_nmi+0xf/0x53
[  999.927229][    C1]  ? __hrtimer_run_queues+0x6bd/0xd40
[  999.927245][    C1]  ? __hrtimer_run_queues+0x6c7/0xd40
[  999.927263][    C1]  ? enqueue_hrtimer+0x7/0x3c0
[  999.927282][    C1]  ? enqueue_hrtimer+0x7/0x3c0
[  999.927301][    C1]  ? enqueue_hrtimer+0x7/0x3c0
[  999.927319][    C1]  </NMI>
[  999.927325][    C1]  <IRQ>
[  999.927332][    C1]  __hrtimer_run_queues+0x6d6/0xd40
[  999.927349][    C1]  ? ktime_get_update_offsets_now+0x2d/0x3b0
[  999.927381][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  999.927406][    C1]  ? sched_clock_cpu+0x77/0x4d0
[  999.927424][    C1]  ? read_tsc+0x9/0x20
[  999.927447][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  999.927474][    C1]  hrtimer_interrupt+0x403/0xa40
[  999.927502][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[  999.927524][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  999.927545][    C1]  </IRQ>
[  999.927551][    C1]  <TASK>
[  999.927557][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  999.927575][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[  999.927600][    C1] Code: c9 50 e8 59 2d 0d 00 48 83 c4 08 4c 89 f7 e8 ad 41 00 00 e9 de 04 00 00 4c 89 f7 e8 00 e1 95 0a e8 1b 8c 39 00 fb 48 8b 5d c0 <48> 8d bb 18 16 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[  999.927614][    C1] RSP: 0018:ffffc90005b7f548 EFLAGS: 00000286
[  999.927629][    C1] RAX: 37078fed4aa8a300 RBX: ffff8880226f5a00 RCX: ffffffff81cb327c
[  999.927642][    C1] RDX: 0000000000000000 RSI: ffffffff8e6795bc RDI: ffffffff8ca08700
[  999.927654][    C1] RBP: ffffc90005b7f590 R08: ffffffff905dfe77 R09: 1ffffffff20bbfce
[  999.927666][    C1] R10: dffffc0000000000 R11: fffffbfff20bbfcf R12: 1ffff110170e74f6
[  999.927679][    C1] R13: dffffc0000000000 R14: ffff8880b8639980 R15: ffff8880b873a7b0
[  999.927695][    C1]  ? trace_irq_enable+0x2c/0x120
[  999.927721][    C1]  ? finish_task_switch+0x1e5/0x870
[  999.927746][    C1]  __schedule+0x1b3b/0x51f0
[  999.927775][    C1]  ? schedule+0x163/0x360
[  999.927795][    C1]  ? __pfx___schedule+0x10/0x10
[  999.927815][    C1]  ? register_lock_class+0x54/0x330
[  999.927845][    C1]  ? schedule+0x90/0x360
[  999.927864][    C1]  ? schedule+0x90/0x360
[  999.927882][    C1]  schedule+0x163/0x360
[  999.927901][    C1]  schedule_timeout+0xb1/0x2b0
[  999.927919][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  999.927941][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  999.927959][    C1]  ? lockdep_hardirqs_on+0x9d/0x150
[  999.927979][    C1]  ? wait_for_completion+0x2d4/0x600
[  999.928000][    C1]  wait_for_completion+0x32f/0x600
[  999.928020][    C1]  ? __smp_call_single_queue+0x11a/0x3a0
[  999.928044][    C1]  ? __pfx_wait_for_completion+0x10/0x10
[  999.928066][    C1]  ? __raw_spin_lock_init+0x45/0x100
[  999.928089][    C1]  ? smp_call_function_single_async+0xb4/0x110
[  999.928109][    C1]  rdmsr_safe_on_cpu+0x199/0x360
[  999.928131][    C1]  ? __pfx_rdmsr_safe_on_cpu+0x10/0x10
[  999.928150][    C1]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  999.928181][    C1]  msr_read+0x1a7/0x270
[  999.928203][    C1]  ? __pfx_msr_read+0x10/0x10
[  999.928224][    C1]  ? bpf_lsm_file_permission+0x9/0x10
[  999.928248][    C1]  ? rw_verify_area+0x246/0x630
[  999.928271][    C1]  ? __pfx_msr_read+0x10/0x10
[  999.928293][    C1]  vfs_read+0x21f/0xb90
[  999.928319][    C1]  ? __pfx_vfs_read+0x10/0x10
[  999.928342][    C1]  ? __fget_files+0x2a/0x420
[  999.928362][    C1]  ? __fget_files+0x2a/0x420
[  999.928388][    C1]  ? __fget_files+0x39d/0x420
[  999.928407][    C1]  ? __fget_files+0x2a/0x420
[  999.928430][    C1]  ksys_read+0x19d/0x2d0
[  999.928454][    C1]  ? __pfx_ksys_read+0x10/0x10
[  999.928480][    C1]  ? do_syscall_64+0xb6/0x230
[  999.928504][    C1]  do_syscall_64+0xf3/0x230
[  999.928527][    C1]  ? clear_bhb_loop+0x45/0xa0
[  999.928545][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.928561][    C1] RIP: 0033:0x7f385bb8d169
[  999.928578][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  999.928592][    C1] RSP: 002b:00007f385c96f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  999.928608][    C1] RAX: ffffffffffffffda RBX: 00007f385bda6160 RCX: 00007f385bb8d169
[  999.928619][    C1] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000005
[  999.928630][    C1] RBP: 00007f385bc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  999.928643][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  999.928653][    C1] R13: 0000000000000000 R14: 00007f385bda6160 R15: 00007ffeb1eb2d28
[  999.928672][    C1]  </TASK>
[  999.928757][    C0] task:sed             state:R  running task     stack:23720 pid:14168 tgid:14168 ppid:14166  task_flags:0x40000c flags:0x00004002
[ 1000.574286][    C0] Call Trace:
[ 1000.577595][    C0]  <TASK>
[ 1000.580644][    C0]  __schedule+0x1b33/0x51f0
[ 1000.585201][    C0]  ? preempt_schedule_common+0x84/0xd0
[ 1000.590692][    C0]  ? __pfx___schedule+0x10/0x10
[ 1000.595583][    C0]  ? preempt_schedule+0xe4/0xf0
[ 1000.600632][    C0]  preempt_schedule_common+0x84/0xd0
[ 1000.605978][    C0]  preempt_schedule+0xe4/0xf0
[ 1000.610795][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[ 1000.616216][    C0]  preempt_schedule_thunk+0x16/0x30
[ 1000.621450][    C0]  _raw_spin_unlock+0x3e/0x50
[ 1000.626159][    C0]  unmap_page_range+0x3a12/0x4520
[ 1000.631241][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[ 1000.636639][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1000.641430][    C0]  ? trace_irq_disable+0x3b/0x120
[ 1000.646924][    C0]  ? mas_next_slot+0xdc6/0xea0
[ 1000.651730][    C0]  ? uprobe_munmap+0x183/0x460
[ 1000.656554][    C0]  ? unmap_single_vma+0x1bd/0x2b0
[ 1000.661705][    C0]  unmap_vmas+0x3ce/0x5f0
[ 1000.666101][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[ 1000.671105][    C0]  ? tlb_gather_mmu_fullmm+0x160/0x210
[ 1000.676608][    C0]  exit_mmap+0x2bc/0xdd0
[ 1000.680896][    C0]  ? uprobe_clear_state+0x20e/0x290
[ 1000.686123][    C0]  ? __pfx_exit_mmap+0x10/0x10
[ 1000.691101][    C0]  ? __pfx_exit_aio+0x10/0x10
[ 1000.695821][    C0]  ? uprobe_clear_state+0x271/0x290
[ 1000.701049][    C0]  __mmput+0x115/0x410
[ 1000.705157][    C0]  exit_mm+0x221/0x310
[ 1000.709432][    C0]  ? __pfx_exit_mm+0x10/0x10
[ 1000.714052][    C0]  ? taskstats_exit+0x326/0xa60
[ 1000.718938][    C0]  do_exit+0x994/0x2950
[ 1000.723128][    C0]  ? __pfx_do_exit+0x10/0x10
[ 1000.727842][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1000.733202][    C0]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1000.738448][    C0]  do_group_exit+0x207/0x2c0
[ 1000.743079][    C0]  __x64_sys_exit_group+0x3f/0x40
[ 1000.748240][    C0]  x64_sys_call+0x26c3/0x26d0
[ 1000.753036][    C0]  do_syscall_64+0xf3/0x230
[ 1000.757748][    C0]  ? clear_bhb_loop+0x45/0xa0
[ 1000.762449][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1000.768406][    C0] RIP: 0033:0x7feee62a9a90
[ 1000.772852][    C0] RSP: 002b:00007ffd036f3d08 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1000.781290][    C0] RAX: ffffffffffffffda RBX: 00007feee639a860 RCX: 00007feee62a9a90
[ 1000.789283][    C0] RDX: 00000000000000e7 RSI: 000000000000003c RDI: 0000000000000000
[ 1000.797275][    C0] RBP: 00007feee639a860 R08: 00007ffd036f3b80 R09: 00007ffd036f3c60
[ 1000.805296][    C0] R10: 00007ffd036f3bc0 R11: 0000000000000246 R12: 0000000000000000
[ 1000.813285][    C0] R13: 0000000000000000 R14: 00007feee639e658 R15: 0000000000000001
[ 1000.821287][    C0]  </TASK>
[ 1000.824323][    C0] task:syz.6.2261      state:R  running task     stack:26640 pid:14155 tgid:14151 ppid:12578  task_flags:0x40044c flags:0x00004000
[ 1000.838242][    C0] Call Trace:
[ 1000.841540][    C0]  <TASK>
[ 1000.844494][    C0]  __schedule+0x1b33/0x51f0
[ 1000.849029][    C0]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[ 1000.854960][    C0]  ? preempt_schedule_common+0x84/0xd0
[ 1000.860536][    C0]  ? __pfx___schedule+0x10/0x10
[ 1000.865413][    C0]  ? do_raw_spin_lock+0x151/0x370
[ 1000.870466][    C0]  ? __lock_acquire+0xad5/0xd80
[ 1000.875407][    C0]  ? preempt_schedule+0xe4/0xf0
[ 1000.880299][    C0]  preempt_schedule_common+0x84/0xd0
[ 1000.885611][    C0]  preempt_schedule+0xe4/0xf0
[ 1000.890320][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[ 1000.895746][    C0]  preempt_schedule_thunk+0x16/0x30
[ 1000.900969][    C0]  _raw_spin_unlock+0x3e/0x50
[ 1000.905675][    C0]  unmap_page_range+0x3a12/0x4520
[ 1000.910724][    C0]  ? is_bpf_text_address+0x288/0x2a0
[ 1000.916052][    C0]  ? stack_trace_save+0x11a/0x1d0
[ 1000.921120][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[ 1000.926512][    C0]  ? mas_next_node+0xb9f/0xe00
[ 1000.931397][    C0]  ? mas_next_slot+0xdc6/0xea0
[ 1000.936277][    C0]  ? uprobe_munmap+0x183/0x460
[ 1000.941077][    C0]  ? unmap_single_vma+0x1bd/0x2b0
[ 1000.946158][    C0]  unmap_vmas+0x3ce/0x5f0
[ 1000.950520][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[ 1000.955409][    C0]  ? tlb_gather_mmu_fullmm+0x160/0x210
[ 1000.960889][    C0]  exit_mmap+0x2bc/0xdd0
[ 1000.965163][    C0]  ? uprobe_clear_state+0x20e/0x290
[ 1000.970396][    C0]  ? __pfx_exit_mmap+0x10/0x10
[ 1000.975194][    C0]  ? __pfx_exit_aio+0x10/0x10
[ 1000.979909][    C0]  ? uprobe_clear_state+0x271/0x290
[ 1000.985215][    C0]  ? mm_update_next_owner+0xa2/0x8a0
[ 1000.990558][    C0]  __mmput+0x115/0x410
[ 1000.994831][    C0]  exit_mm+0x221/0x310
[ 1000.998941][    C0]  ? __pfx_exit_mm+0x10/0x10
[ 1001.003574][    C0]  ? taskstats_exit+0x326/0xa60
[ 1001.008549][    C0]  do_exit+0x994/0x2950
[ 1001.012743][    C0]  ? do_raw_spin_lock+0x151/0x370
[ 1001.017805][    C0]  ? __pfx_do_exit+0x10/0x10
[ 1001.022687][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1001.028103][    C0]  do_group_exit+0x207/0x2c0
[ 1001.032750][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1001.037971][    C0]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1001.043205][    C0]  get_signal+0x1696/0x1730
[ 1001.047753][    C0]  ? __pfx_get_signal+0x10/0x10
[ 1001.052648][    C0]  arch_do_signal_or_restart+0x98/0x840
[ 1001.058226][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1001.064422][    C0]  ? syscall_exit_to_user_mode+0xa3/0x340
[ 1001.070172][    C0]  syscall_exit_to_user_mode+0xce/0x340
[ 1001.075749][    C0]  do_syscall_64+0x100/0x230
[ 1001.080474][    C0]  ? clear_bhb_loop+0x45/0xa0
[ 1001.085179][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.091093][    C0] RIP: 0033:0x7f54dc98d169
[ 1001.095537][    C0] RSP: 002b:00007f54dd84c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1001.103979][    C0] RAX: fffffffffffffe00 RBX: 00007f54dcba6088 RCX: 00007f54dc98d169
[ 1001.111972][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f54dcba6088
[ 1001.119966][    C0] RBP: 00007f54dcba6080 R08: 0000000000000000 R09: 0000000000000000
[ 1001.127957][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f54dcba608c
[ 1001.135946][    C0] R13: 0000000000000000 R14: 00007ffc7f8ece80 R15: 00007ffc7f8ecf68
[ 1001.143950][    C0]  </TASK>
[ 1001.146989][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g62917 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1001.158199][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1001.168180][    C0] rcu: RCU grace-period kthread stack dump:
[ 1001.174081][    C0] task:rcu_preempt     state:R  running task     stack:26720 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 1001.187735][    C0] Call Trace:
[ 1001.191037][    C0]  <TASK>
[ 1001.194079][    C0]  __schedule+0x1b33/0x51f0
[ 1001.198655][    C0]  ? schedule+0x163/0x360
[ 1001.203039][    C0]  ? __pfx___schedule+0x10/0x10
[ 1001.207974][    C0]  ? schedule+0x90/0x360
[ 1001.212244][    C0]  ? schedule+0x90/0x360
[ 1001.216530][    C0]  schedule+0x163/0x360
[ 1001.220715][    C0]  schedule_timeout+0x15b/0x2b0
[ 1001.225588][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1001.230989][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1001.236305][    C0]  ? prepare_to_swait_event+0x1e5/0x340
[ 1001.241873][    C0]  ? prepare_to_swait_event+0x308/0x340
[ 1001.247448][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1001.252698][    C0]  rcu_gp_fqs_loop+0x2e1/0x1340
[ 1001.257664][    C0]  ? rcu_gp_init+0x1279/0x1690
[ 1001.262454][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1001.267412][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1001.273588][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1001.278897][    C0]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[ 1001.284907][    C0]  ? finish_swait+0xdb/0x200
[ 1001.289525][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1001.294745][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 1001.299368][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1001.304849][    C0]  ? __kthread_parkme+0x1a8/0x200
[ 1001.309902][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1001.315132][    C0]  kthread+0x7b7/0x940
[ 1001.319255][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1001.324477][    C0]  ? __pfx_kthread+0x10/0x10
[ 1001.329115][    C0]  ? __pfx_kthread+0x10/0x10
[ 1001.333731][    C0]  ? __pfx_kthread+0x10/0x10
[ 1001.338346][    C0]  ? __pfx_kthread+0x10/0x10
[ 1001.342968][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1001.348186][    C0]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1001.353406][    C0]  ? __pfx_kthread+0x10/0x10
[ 1001.358109][    C0]  ret_from_fork+0x4b/0x80
[ 1001.363066][    C0]  ? __pfx_kthread+0x10/0x10
[ 1001.367684][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1001.372499][    C0]  </TASK>
[ 1001.375535][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1001.381880][    C0] CPU: 0 UID: 0 PID: 14159 Comm: syz.0.2264 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[ 1001.393615][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1001.403685][    C0] RIP: 0010:smp_call_function_many_cond+0x1bac/0x2d40
[ 1001.410469][    C0] Code: 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 48 02 0c 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 f8 fd 0b 00 eb 41 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7 45 00
[ 1001.430103][    C0] RSP: 0000:ffffc9000421f440 EFLAGS: 00000293
[ 1001.436196][    C0] RAX: ffffffff81b75c7d RBX: 1ffff110170e7e31 RCX: ffff88805875bc00
[ 1001.444194][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1001.452290][    C0] RBP: ffffc9000421f640 R08: ffffffff81b75c48 R09: 1ffffffff20bbfce
[ 1001.460293][    C0] R10: dffffc0000000000 R11: fffffbfff20bbfcf R12: ffff8880b863ab88
[ 1001.468285][    C0] R13: ffff8880b873f188 R14: ffff8880b863ab80 R15: 0000000000000001
[ 1001.476450][    C0] FS:  0000555594a94500(0000) GS:ffff888124fed000(0000) knlGS:0000000000000000
[ 1001.485415][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1001.492106][    C0] CR2: 00007ffeb1eb0c00 CR3: 000000007d4a4000 CR4: 00000000003526f0
[ 1001.500187][    C0] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000
[ 1001.508614][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1001.516599][    C0] Call Trace:
[ 1001.519896][    C0]  <IRQ>
[ 1001.522759][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[ 1001.529202][    C0]  ? print_other_cpu_stall+0x14ab/0x15e0
[ 1001.534899][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[ 1001.540723][    C0]  ? cgroup_rstat_updated+0x144/0xc40
[ 1001.546123][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[ 1001.552405][    C0]  ? rcu_sched_clock_irq+0xa2a/0x10f0
[ 1001.557805][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1001.563466][    C0]  ? update_process_times+0x242/0x2f0
[ 1001.568870][    C0]  ? tick_nohz_handler+0x37c/0x500
[ 1001.574120][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1001.579605][    C0]  ? __hrtimer_run_queues+0x55c/0xd40
[ 1001.585086][    C0]  ? ktime_get_update_offsets_now+0x2d/0x3b0
[ 1001.591104][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1001.596856][    C0]  ? read_tsc+0x9/0x20
[ 1001.600951][    C0]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[ 1001.607050][    C0]  ? hrtimer_interrupt+0x403/0xa40
[ 1001.612379][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[ 1001.618600][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1001.624539][    C0]  </IRQ>
[ 1001.627517][    C0]  <TASK>
[ 1001.630491][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1001.636778][    C0]  ? smp_call_function_many_cond+0x1b98/0x2d40
[ 1001.642973][    C0]  ? smp_call_function_many_cond+0x1bcd/0x2d40
[ 1001.649208][    C0]  ? smp_call_function_many_cond+0x1bac/0x2d40
[ 1001.655434][    C0]  ? __pfx_should_flush_tlb+0x10/0x10
[ 1001.660864][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1001.667218][    C0]  ? __lock_acquire+0xad5/0xd80
[ 1001.672112][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1001.677016][    C0]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1001.682368][    C0]  ? __pfx_should_flush_tlb+0x10/0x10
[ 1001.687795][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[ 1001.692971][    C0]  flush_tlb_mm_range+0xb8d/0x13f0
[ 1001.698125][    C0]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[ 1001.703827][    C0]  ptep_clear_flush+0x11a/0x170
[ 1001.708733][    C0]  do_wp_page+0x1c69/0x49b0
[ 1001.713352][    C0]  ? do_wp_page+0x1640/0x49b0
[ 1001.718074][    C0]  ? __pfx_do_wp_page+0x10/0x10
[ 1001.722954][    C0]  ? __lock_acquire+0xad5/0xd80
[ 1001.727841][    C0]  ? do_raw_spin_lock+0x151/0x370
[ 1001.732902][    C0]  __handle_mm_fault+0x2305/0x6ef0
[ 1001.738059][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1001.743633][    C0]  ? hrtimer_try_to_cancel+0x45b/0x4a0
[ 1001.749200][    C0]  ? __lock_acquire+0xad5/0xd80
[ 1001.754126][    C0]  ? __lock_acquire+0xad5/0xd80
[ 1001.759154][    C0]  ? reacquire_held_locks+0x12a/0x1e0
[ 1001.764658][    C0]  ? lock_vma_under_rcu+0x34d/0x790
[ 1001.769895][    C0]  ? lock_vma_under_rcu+0x1df/0x790
[ 1001.775129][    C0]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1001.780707][    C0]  handle_mm_fault+0x2dd/0x800
[ 1001.785509][    C0]  exc_page_fault+0x45b/0x8b0
[ 1001.790241][    C0]  asm_exc_page_fault+0x26/0x30
[ 1001.795207][    C0] RIP: 0033:0x7f385bb3a78b
[ 1001.799641][    C0] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[ 1001.819285][    C0] RSP: 002b:00007ffeb1eb0bc0 EFLAGS: 00010246
[ 1001.825481][    C0] RAX: 00007ffeb1eb2ce0 RBX: 00007f385bd7c620 RCX: 0000000000000000
[ 1001.833483][    C0] RDX: 00007ffeb1eb2d28 RSI: 00007f385bc0efbf RDI: 00007ffeb1eb0be0
[ 1001.841478][    C0] RBP: 000000000000006e R08: 00007f385bda5fa0 R09: 0000000000000001
[ 1001.849472][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: 00007f385bda5fa0
[ 1001.857470][    C0] R13: 00007f385bda66a0 R14: 00000000000000e3 R15: 0000000000000003
[ 1001.865561][    C0]  </TASK>