last executing test programs:

4m24.995654289s ago: executing program 2 (id=2310):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x20000000008)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, &(0x7f0000000040), &(0x7f0000000080)=r0}, 0x20)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001380)=0x14)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000013c0), 0x210000, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0), &(0x7f00000001c0))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000012c0)=@IORING_OP_SHUTDOWN={0x22, 0x22, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r3 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000))
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
pread64(r2, &(0x7f0000000280)=""/57, 0x39, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r5, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
ftruncate(r6, 0x2007ffb)
lseek(r6, 0x0, 0x4)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000001480)={&(0x7f0000001440)=[0x0, 0x0], 0x2, 0x800})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r7, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)

4m24.001841099s ago: executing program 2 (id=2312):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
close(0xffffffffffffffff)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, &(0x7f00000005c0)={0x9, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b073172090890e0878f0e1ac6e7049b3371959b6e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6b922f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa0b9d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897f3411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2de8a50ddefeb12c46342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f02f4cded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x20000, 0x20)
read$FUSE(r6, &(0x7f0000003700)={0x2020}, 0x2020)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(0xffffffffffffffff, 0xc0845658, &(0x7f0000000100)={0x0, @bt={0x8, 0x401, 0x1, 0x3, 0x2, 0x1717, 0x8, 0x9, 0x8, 0xfff, 0x3, 0xe, 0x28000000, 0x7fff, 0x0, 0x2, {0xb, 0x8}, 0x6, 0x6d}})
read$msr(r5, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$read(0xb, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)

4m23.027786985s ago: executing program 2 (id=2313):
mkdir(&(0x7f0000000400)='./file2\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setitimer(0x0, 0x0, &(0x7f0000000200))
syz_open_dev$vbi(0x0, 0x2, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[], 0xfc}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
syz_clone(0x220000, &(0x7f0000000000), 0x0, &(0x7f00000000c0), &(0x7f0000000100), 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[], 0x88}}, 0x0)
mkdir(0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r6 = getpid()
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="2c000000300007010000000000000000047c000010001d800c00cd00000000000000000008005100", @ANYRES32=r6, @ANYBLOB], 0x2c}}, 0x0)
mkdir(&(0x7f0000000380)='./file0\x00', 0x3)
setxattr$security_smack_transmute(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0), 0x4, 0x1)

4m22.115816913s ago: executing program 2 (id=2316):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019380)=""/102400, 0x19000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000009640), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x1, 0x0)
close(0xffffffffffffffff)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, 0x0, 0x0)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x2})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
getrandom(&(0x7f0000000000)=""/153, 0x21, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000040), 0xb54, 0x1)
ioctl$I2C_RDWR(r4, 0x707, &(0x7f0000000180)={&(0x7f00000018c0)=[{0x6, 0x5000, 0x0, 0x0}], 0x1})
r5 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r5, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f00000004c0)}, 0x0)
recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000008c0), 0x0, &(0x7f0000000100)=""/5, 0x5}, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
accept4(r2, 0x0, 0x0, 0x80800)

4m20.419533072s ago: executing program 2 (id=2318):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x80002, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000005400e5012abd7000ffffffff0700", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="01030300ff"], 0x38}, 0x1, 0x0, 0x0, 0x2800}, 0x40084c0)
sendmmsg$alg(r1, &(0x7f00000000c0), 0x492492492492627, 0x0)

4m19.723990002s ago: executing program 2 (id=2321):
r0 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000080))
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r1, 0x400454cc, 0x21c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r3)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0xe41, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r4, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r4, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4)
write(r4, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r4, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
getsockopt$MRT6(r4, 0x29, 0xcf, &(0x7f00000001c0), &(0x7f00000002c0)=0x4)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)

4m4.125225086s ago: executing program 32 (id=2321):
r0 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000080))
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r1, 0x400454cc, 0x21c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r3)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0xe41, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r4, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r4, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4)
write(r4, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r4, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
getsockopt$MRT6(r4, 0x29, 0xcf, &(0x7f00000001c0), &(0x7f00000002c0)=0x4)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)

1m3.466778741s ago: executing program 1 (id=2834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x20008000)

1m0.711380786s ago: executing program 1 (id=2840):
r0 = syz_io_uring_setup(0x3c20, &(0x7f0000000400)={0x0, 0xbf72, 0x3380, 0x8003, 0xd2}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000002c00)=@IORING_OP_FILES_UPDATE={0x14, 0x40, 0x0, 0x0, 0x7, &(0x7f0000000100)=[r0, r0, r0, r0, r0, r0, r0], 0x7, 0x0, 0x1})
io_uring_enter(r0, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
syslog(0x2, &(0x7f0000000480)=""/137, 0x89)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000300))
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000480)=ANY=[@ANYBLOB="0e000000030000000801c000ba3fd5645ba4f4d496958602e07f59efc2c25c2f651ac32f7764b67fa6f2f3fe25a46424ce941a118bf0a69327a2229bcbb7e3b79765a0b58d042490d72679d3b1f74860f4d0652edffc8d45db0e989cba1d5b0517beb0f96abe302c1e4e22e7775475443e9d10177bdafed970a8486bf9ab72c7ddc898392ad60cf1e242f923d66ae92c411ccf62e252b297535aba2db1bed8fe186977c5a30c35ac83fecf8ef9960a84859a4b8d1342d8ce976f4990474c807c3e8f63dc6cc28f5e3245fb18"], 0xcc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3)
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00'})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r5, 0x6, 0x10, 0x0, &(0x7f0000000140))
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r6 = socket$inet6(0xa, 0x3, 0x5)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0x5}, 0x1c)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000002000)=""/102400, 0x19000)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

57.097531467s ago: executing program 1 (id=2849):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004001)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000000), 0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
r2 = socket$packet(0x11, 0x3, 0x300)
readv(r2, &(0x7f0000000100)=[{&(0x7f0000000400)=""/200, 0xc8}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2)
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(blake2b-256-generic)\x00'}, 0x58)
epoll_create(0x9)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmmsg(r4, &(0x7f00000029c0), 0x400006d, 0x20000004)
getsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000680)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000080)={r5, 0x1, 0x6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000380)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000280)={r6, 0x0, 0x5})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000004c0)={0x28, 0x2e, 0x1, 0x0, 0x0, "", [@nested={0x18, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@loopback}, @typed={0xc, 0x0, 0x0, 0x0, @str='nl80211\x00'}]}]}, 0x28}], 0x1}, 0x0)
getsockopt(r0, 0x6, 0x8a, 0x0, 0x0)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x160)

16.787812606s ago: executing program 4 (id=2936):
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbbbbbbbbbbbbb86dd60003a0400303afffe80000000"], 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000300)={r3, <r4=>0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000400)={0x0, 0x33, r4, r5, 0x9, 0x1f5, 0x0, 0x8008, {0x0, 0xfffd, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0xfffd, 0x0, 0x80000000, 0x0, "b4bc323ef77d1f000071849800000000dfff00"}}) (fail_nth: 5)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x12, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
read(r1, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000000c0), 0x100000000, 0x0)
r6 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
socket$kcm(0x21, 0x2, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000840)={{r8}, &(0x7f00000003c0), &(0x7f0000000740)=r7}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='f2fs_map_blocks\x00', r9}, 0x18)
getsockopt$ax25_int(r6, 0x101, 0x6, &(0x7f00000001c0), &(0x7f0000000200)=0x4)

16.324051911s ago: executing program 4 (id=2938):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000}, {0x0, 0x2}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0xe8)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01000000eda16655a279d266124d305c1d6c2f72b748c47d71baa7d2d300702291b2cf2866888fb7a00200c2d6e765b9e67c0ead05bc11cddd1421f0a2504af51b5964bc1908a8e02e1bfd40f096859559acbf0eb9617a60c9e5", @ANYRES32, @ANYRES32=0x0, @ANYBLOB='\x00'/13], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000180), 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
r1 = socket$key(0xf, 0x3, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001500010300000000000000000a000000"], 0x14}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280), &(0x7f0000048000)=0x20, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x800)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

15.025784057s ago: executing program 4 (id=2941):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet6(0xa, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000"], &(0x7f0000000100)='syzkaller\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$tipc(0x1e, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x15, &(0x7f0000000300)={@random="6ea88d319b8c", @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@x25={0x805, {0x0, 0x1, 0x5e25ed804c4cd5b4}}}}, 0x0)

14.374347203s ago: executing program 4 (id=2943):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="04000000040000000400000008"], 0x48)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r1}, &(0x7f0000000000), &(0x7f0000000140)=r2}, 0x20)
socket$alg(0x26, 0x5, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0xd, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000000)={0x4, 0x1, 0x0, "839148ae3481ab43a955f8a7d9fcea57000900", 0x50565559})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x20, 0x3c, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)
add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, 0x0, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x404, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x6, 0x20600)
socket(0x10, 0x803, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x891b, 0x0)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r5, 0x200000000114, 0x271c, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000200)=0x1, 0x12)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_ro(r8, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000100)=0x1, 0x12)

13.439259947s ago: executing program 4 (id=2945):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="500000001000010029bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="5cd2040000000000140003006e657464657673696d3000000000000014001680100001800c000700090000e4060000000500110009"], 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x40)
r1 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000340)=ANY=[@ANYBLOB="0002020100000000ff020000000000000000000000000001"], 0x18)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f0000000000), 0x4)
socket$netlink(0x10, 0x3, 0x5)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

12.899129035s ago: executing program 4 (id=2946):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

12.159351407s ago: executing program 1 (id=2857):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$PTP_PIN_SETFUNC(r1, 0x40603d07, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0xfffffffe, &(0x7f0000000000)={r3, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0x13}}}, 0x24}}, 0x20044810)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0x10001, 0x0, 0x0, 0x0, 0x41d6}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x9, 0x4, 0x401, 0x4}, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
write$tun(0xffffffffffffffff, &(0x7f0000000200)={@val={0x0, 0x6}, @void, @eth={@empty, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}, @val={@void, {0x8100, 0x4, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5a, 0x0, 0x2000, 0x0, 0x32, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty}, {0x4e23, 0x0, 0x46, 0x0, @opaque="2d7d05e9e667b490dabb5af83745cc076fea7e29abdc17c8c3480a137527798c4fee13b0dc7c028132176121d1b0ae0397d4444354585769855e719dbc6f"}}}}}}, 0x70)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x1)

10.431655769s ago: executing program 5 (id=2952):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet6(0xa, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000"], &(0x7f0000000100)='syzkaller\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$tipc(0x1e, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x15, &(0x7f0000000300)={@random="6ea88d319b8c", @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@x25={0x805, {0x0, 0x1, 0x5e25ed804c4cd5b4}}}}, 0x0)

10.108469889s ago: executing program 3 (id=2953):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = semget(0x1, 0x4, 0x444)
semtimedop(r1, &(0x7f00000001c0)=[{0x0, 0x4, 0x800}, {0x2, 0x4, 0x1000}, {0x4, 0x6, 0x1800}, {0x4, 0x26a, 0x800}, {0x2, 0x7ff, 0x1800}], 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
fchown(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003100)=@newtaction={0xb64, 0x30, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [{0x900, 0x1, [@m_ipt={0x25c, 0x17, 0x0, 0x0, {{0x8}, {0x1a0, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xf1, 0x6, {0x0, 'raw\x00', 0xe, 0xb3, "01df771ed4aa468d466490bb6d3a762752b0276450737133d354ea68c13a92efe99064741e04d8a20e194e30a60295d386bccda0f3007979597e6d03b954a8f914ba7b899f16c20d6d72edd9b6f52db88f3ba2e308499f6252662a51fa4b12868b58f75e27ec9103b8068b9b811e21bd2aa37e31ee1bb8e60ecb8155c8e19ea1c7fdbb9aa819059c61aa86c434a7c8da18ab573d7585bec9c1d4494956d182e7b35a526fd48659ab60beb8f339651c715661a36a876cce3dd7a98863f318caef99752c65346980"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TARG={0x3d, 0x6, {0xff3b, 'nat\x00', 0x6a, 0xfff, "ec6c358b1b02688c45d6891b8d39befc710e9c"}}, @TCA_IPT_INDEX={0x8, 0x3, 0x3ff}, @TCA_IPT_HOOK={0x8}]}, {0x95, 0x6, "33c428b1016ea0e62b6c917780554ec63a01a7382016d430730d1158d5469fa35f73d351ec348637d292a8c8699738644c304a14a0ca2e2c1422d9493ae361a88a61e76022334cc9eff1d9b15acf815ab9bf490688724773d3775e92953306fa3923bf0b3eb78ed4c4e43760fb360a12727f0000004fe4c5639595b4ce1706ccb85c9b5872240c31834297cfb06b7eaaa1"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ipt={0x17c, 0x11, 0x0, 0x0, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xb5, 0x6, {0x7, 'mangle\x00', 0x4, 0x7, "852c07967e4bde8acbdebf709c7f67b435415e9fad5eed399218069c30b3db399d5bdbdffc09aa13d6aef79a3360cf4b7d5e8a92b817394560aba652eb4e4ec31470dd9b8becbf6cad6f3328aec2ac14541a30a5f89f2a6e60534a70c1deccc519f73984d6d2ae8b9fe17278f03e9f60e876c3b1fc1ef49873f24bd44137256bfd0a27e100d2162e3f7b17"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x5}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}]}, {0x65, 0x6, "195244b493b69a109e343c48236a318aa067ccccb2000506f4e63246fce6276de9355aae82ccf014b3a51009a53cc597e7eec180e252560262d28e1340152b8389fc3dcbd1c60cbef5aa738a80d9582b7bf553a33208654c9b7b642eb56b8a9716"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ipt={0x154, 0x17, 0x0, 0x0, {{0x8}, {0xa4, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x7}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_INDEX={0x8, 0x3, 0x4}]}, {0x89, 0x6, "828d51b8c024f3ba75276291fd744bf1d83ac94c40f59c2d7aabe5cffe85cb1235f3e723c7a0ca6f1a15a0e38afac0bc7115796816162cbc6d09aea501ff36a46772ec7a3aa4d7c60363ff8f0eeda2f3eb8c435fb1d254244779da6c44c5dc30ed21a60df465ec395bc4d898dc7104dc47d809383d1d5431371c66f76842e2571bf73ce597"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ipt={0x114, 0x3, 0x0, 0x0, {{0x8}, {0x78, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_TARG={0x69, 0x6, {0x3, 'security\x00', 0x84, 0x8, "cf8102ab12c6b2198a413eaa65607ab7ca51ab206bef3fe70b20aa2e7aacfa341b2d9158773430366e3a48eb70679ab8b9759ebcd3b2636776df09c3eb7702"}}]}, {0x75, 0x6, "1d4af027bf39e92f2bc3b16061477612108c4de6dbb9dbc37f978e20a11849888f1cfa0d69961cc5b133c25b0a606d867918fd28cefd9936cea3c502ba83dbc878d09708660761105b2cb89c15f4eb2ff9ca07aba60aef01aab6097fa30bc52f5c31cbba441df32848abb9344a809a2a4c"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ipt={0x13c, 0x11, 0x0, 0x0, {{0x8}, {0xe0, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xd9, 0x6, {0x2, 'mangle\x00', 0x1, 0x1, "26b28bee405c084d7d3004660f6902208128531e54ab5a1819783607be3e2e463fc401b2d641a72c11f6aea69efbc1dac1e8f34f762cbc8ee0231ffeebcb773de1e20df7f65c7029200a9570577fe540733523b10491dc5fda6c0091603360fb1b6019648c7b5ef50f8741b6670963cc5d8533f50c4a2cfbeda3e0ed5070ab41e44997bdda4c34c11413cb846041ef4060b9cb71e527a7dd8e4efb7877f6f37b7cd8648d2d22911f9fbfdd95b69e14"}}]}, {0x35, 0x6, "e7ba22f1ebc93a7960461c2acdaf1da6af842571f14f3b0700806b225899f9ba581b6cc401693affa591693a24cad555ae"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ipt={0x64, 0x20, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}]}, {0x15, 0x6, "a0f801aae36e077609a01908bc70dd5a7c"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ipt={0x11c, 0x20, 0x0, 0x0, {{0x8}, {0x6c, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x55, 0x6, {0x7, 'nat\x00', 0x4, 0x4c2d, "b112d50939750fa56623826275793a59f694cdc8bda79320bfe1d4c8997abe43daace6790afb2937cfb2e0"}}, @TCA_IPT_INDEX={0x8, 0x3, 0x6}, @TCA_IPT_INDEX={0x8, 0x3, 0x6062ae06}]}, {0x89, 0x6, "080f497fef56763eb14339e04d8880b35d4fcb1f3ccd5757021fa31ef38a7d4c8fca4f32d5757fdee1a2aceaaeb6abdad810154a059435c356867b27c8df5015f90bffb81405bdefffef46fede1a8038897bb9fd967f32f04f15a8596894786759dc20093ddbffb2158f5c0591205638b11d518d459f3137f1349ab013b3b5732e45d6b45f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x97dd299ab8dc81d}}}}]}, {0xb8, 0x1, [@m_ipt={0xb4, 0x3, 0x0, 0x0, {{0x8}, {0x78, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x71, 0x6, {0x8, 'mangle\x00', 0x80, 0x1100, "07625db7849301f3c760230789043c3c5de12e22cc8e1f5f20c97ba14d907f5a3eae7673340356d1e624a3f315c4d0b1439a387605ebd024be5895e6659813581fe54a8998e1ca"}}]}, {0x15, 0x6, "e2ebd2e0185a4d308803e9306ec5d2b0e6"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}, {0x198, 0x1, [@m_ipt={0xf8, 0x6, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}]}, {0xa9, 0x6, "f5fcf6c5d281ac07391f35700b5786a70ee288211391aef6ec3378d7dd4a7c7445b8d3046ec059dd382a214deedda165d8663d562a47b1afb15557c5ceab4960c0442cc36ea1e65aa9650e7ac2c900fbb08da34b73b6b699463a47761daa69afd529deea7f5c97d3f950af23793139f4c0c3cea503bb9a23d2f7677c9bf150e350defce66ec3eccbaabb1e8f7fe7c49b9e91ecca113edb7f81da88a113c1065219a1d6062e"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ipt={0x9c, 0x1a, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}]}, {0x4d, 0x6, "4b6275823d714c9413915317da89818cb9f96e8938cf5d91ef0ce403d55fc9bdc74a0a5b88653980ed0af5c857ee3a0361bfe072c3d9c7b9f1648e75347ab9c4c22c5a146387bd1cec"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0xb64}}, 0x4000)
recvmmsg$unix(r5, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)

9.980136987s ago: executing program 5 (id=2954):
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000001740)=@multiplanar_fd={0x33b114d4, 0x4, 0x4, 0x1002, 0x6, {0x0, 0x2710}, {0x1, 0xd, 0x7, 0x0, 0x8, 0x8, "79e0ce6d"}, 0x81, 0x4, {&(0x7f0000001600)=[{0x35, 0xf3, {}, 0x1}, {0x7, 0x8, {}, 0x2}]}, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000008)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001380)=0x14)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000013c0), 0x210000, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0), &(0x7f00000001c0))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000012c0)=@IORING_OP_SHUTDOWN={0x22, 0x22, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r2 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
pread64(r1, &(0x7f0000000280)=""/57, 0x39, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r5 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
ftruncate(r5, 0x2007ffb)
lseek(r5, 0x0, 0x4)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000001480)={&(0x7f0000001440)=[0x0, 0x0], 0x2, 0x800})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r6, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)

9.058158349s ago: executing program 3 (id=2955):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f00000003c0)=[{0x4, 0x5, 0xb, 0xb}, {0x2, 0x4, 0x7, 0x4}, {0x2, 0x1, 0x8, 0x3}, {0x1, 0x4, 0x4, 0xc}, {0x5, 0x5, 0xa, 0x7}, {0x5, 0x4, 0x0, 0x3}, {0x5, 0x2, 0x5, 0xa}, {0x4, 0x1, 0xe, 0x1}], 0x10, 0x9}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c00018006000600060600000800028004007280080007"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x89}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0x627c0af5e554f614, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000440)={0x0, 0xc8c7, 0x0, 0xfffffffd, 0x2}, &(0x7f0000000340)=<r4=>0x0, &(0x7f00000002c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000380)=@IORING_OP_STATX={0x15, 0x20, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file0\x00', 0x400})
syz_open_dev$dri(&(0x7f0000000040), 0x9db, 0x82)
syz_emit_ethernet(0x36, &(0x7f0000000500)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010102, @local}, {{0x4001, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$binfmt_elf32(r6, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000000c0)={0x81, 0xea1, 0x9})
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)

8.523811955s ago: executing program 1 (id=2956):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0xffffffffffffffff, &(0x7f00000000c0))
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x25b9, 0x100, 0x0, 0x215}, 0x0, &(0x7f0000000140))
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/dev_mcast\x00')
preadv(r5, &(0x7f0000000540)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1, 0x536, 0xffffffff)
lseek(r5, 0x3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_usb_connect(0x2, 0x36, &(0x7f0000000a00)=ANY=[@ANYBLOB="120100003b7431087d077a6210000102030109022400010000000009040000020338b200"], 0x0)

7.158987178s ago: executing program 3 (id=2958):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="b40000001900010000000000000000001d0109004d0011806f9886ff8308eb1d7c1bbdbe3160578f5aa421ea2a089f6ab00ada4e5605b2e72655b3cc"], 0xb4}}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
r2 = open(&(0x7f0000000040)='./file1/../file0\x00', 0xa440, 0x34)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x800, 0x0, 0x0, 0x0, 0xa5, 0x3, 0x1, 0xa9, 0x4, 0x0, 0x0, 0x40000000}, {0x8, 0x5, 0x0, 0x0, 0xe, 0x0, 0x0, 0x2, 0x6, 0xff, 0x0, 0x2, 0x6}, {0x1403fe, 0x9, 0x0, 0xfd, 0x0, 0x0, 0xb3, 0xfe, 0x3, 0x77, 0x80, 0xf6, 0xb82e}], 0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='omfs\x00', 0x1004050, 0x0)

7.087683736s ago: executing program 5 (id=2959):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
lstat(&(0x7f0000000040)='./file0\x00', 0x0)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0xffffffff80000500, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$sndctrl(&(0x7f00000001c0), 0x1, 0x88100)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000240)={{0x8, 0x3, 0x29e4, 0x1ff, 'syz1\x00', 0x4}, 0x5, 0x20, 0x25, 0x0, 0x0, 0x95a, 'syz1\x00', 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x4000000000001f2, 0x0)
mincore(&(0x7f0000e1e000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/107)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
read(r3, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040))
r4 = openat$smackfs_relabel_self(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$smackfs_labels_list(r4, &(0x7f0000000440)=ANY=[@ANYBLOB='@.-&#^\')%+ )'], 0x15)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00')
writev(r5, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1)

6.941938581s ago: executing program 0 (id=2960):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
lstat(&(0x7f0000000040)='./file0\x00', 0x0)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0xffffffff80000500, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$sndctrl(&(0x7f00000001c0), 0x1, 0x88100)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000240)={{0x8, 0x3, 0x29e4, 0x1ff, 'syz1\x00', 0x4}, 0x5, 0x20, 0x25, 0x0, 0x0, 0x95a, 'syz1\x00', 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x4000000000001f2, 0x0)
mincore(&(0x7f0000e1e000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/107)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
read(r3, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040))
r4 = openat$smackfs_relabel_self(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$smackfs_labels_list(r4, &(0x7f0000000440)=ANY=[@ANYBLOB='@.-&#^\')%+ )'], 0x15)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00')
writev(r5, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1) (fail_nth: 1)

5.648834888s ago: executing program 5 (id=2961):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x48882, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x0)
setresuid(0x0, r4, 0x0)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000d00)={0x14, 0x14, 0x1, 0x70bd2d, 0x0, "", [@generic='\t']}, 0x14}], 0x1}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000fc0), 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
ioctl$DRM_IOCTL_MODE_GETENCODER(r7, 0xc01464a6, &(0x7f0000000180)={r8})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mlockall(0x7)
syz_open_dev$vbi(&(0x7f0000002100), 0x1, 0x2)

5.527765069s ago: executing program 0 (id=2962):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000}, {0x0, 0x2}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0xe8)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01000000eda16655a279d266124d305c1d6c2f72b748c47d71baa7d2d300702291b2cf2866888fb7a00200c2d6e765b9e67c0ead05bc11cddd1421f0a2504af51b5964bc1908a8e02e1bfd40f096859559acbf0eb9617a60c9e5", @ANYRES32, @ANYRES32=0x0, @ANYBLOB='\x00'/13], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000180), 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
r1 = socket$key(0xf, 0x3, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001500010300000000000000000a000000"], 0x14}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280), &(0x7f0000048000)=0x20, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x800)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

5.43751415s ago: executing program 3 (id=2963):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet6(0xa, 0x2, 0x0)
socket(0x10, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000"], &(0x7f0000000100)='syzkaller\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$tipc(0x1e, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x15, &(0x7f0000000300)={@random="6ea88d319b8c", @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@x25={0x805, {0x0, 0x1, 0x5e25ed804c4cd5b4}}}}, 0x0)

5.242845316s ago: executing program 3 (id=2964):
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000001740)=@multiplanar_fd={0x2, 0x4, 0x4, 0x40, 0x6, {<r0=>0x0, 0x2710}, {0x1, 0xd, 0x7, 0x0, 0x8, 0x8, "02004000"}, 0x81, 0x4, {&(0x7f0000001600)=[{0x35, 0xf4, {}, 0xfffffffd}, {0x7, 0x8, {}, 0x2}]}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8=r0], 0x0, 0x2a, 0x0, 0x1}, 0x28)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x20000000008)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001380)=0x22)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0xffffffffffffff8b, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x20008884)
r5 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000001000/0x200000)=nil, 0x200000, 0x2000001, 0x2011, 0xffffffffffffffff, 0x0)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x6, &(0x7f0000002940), 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@newnexthop={0x20, 0x68, 0x1, 0x70bd29, 0x7ffffffc, {}, [@NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x2408c0c1}, 0x4000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x100000f, 0x12, r6, 0x7c4ec000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, 0x0, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000006800090300000000000000000a0000000000000004bab4b05dc9dac71f000000"], 0x24}}, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x2)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x14, 0x2004, @fd, 0x4, 0x20000000, 0x8020, 0x0, 0x0, {0x1}})
r8 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r8, 0x5393, &(0x7f0000000000))

4.535583629s ago: executing program 1 (id=2965):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x1e}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x20000}, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000006380)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x34808521, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
r7 = eventfd(0xffffffff)
io_submit(r6, 0x4, &(0x7f00000009c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x4, r1, &(0x7f00000003c0)="69faeb59336a29ef78eaeec86dd0d76bb4371726200fcac7b3fcba5a8862599bd65a9b9e2a08bed14f2a52f738ab22c3643f060a78e23528e5cf02a61176ad27cbdc52795be129b546c5a94e7d61ff6dd33262d59515810e195fce1fe03296bf699972d3f98ee15268030d9f20c76182432bd5f9b4b9c23cfb8764c49206bbbca1b9ccc132a3f68c0dd80bac585e87fec57497890312ba27a1691b8c5329ee9cee80471d3b22c0b7c3af6c7c879e8dd43bbd562198ba72e0adb2c57d2f1414546e671a0462", 0xc5, 0x100000000, 0x0, 0x3, r2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x6, 0x9, r2, &(0x7f0000000800)="f53851d96af9909234b8c10f2eedab3799bdd14370a0588febd3e73dc1e97b7393cbf4b82cbb351e40a3de1fce04a66499856a9e3026868aa79967edf80dead598f9edc05ce0c50fe9006b94df0ad52491f25147d3f9b1002d3f1eb5b407c3f3c3daea504ec6236cda34b186cb6b9148", 0x70, 0xffffffffffffffff, 0x0, 0x1}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x8, 0x1, r2, &(0x7f0000000880)="d25749648879e5f5b253d150bced8b372ecade877bca2312714aa7dc340e21ccd63af4c885e2420cf32724894e3e3c8cecf3beb5a6fe03244535e27f994b9cbb9c", 0x41, 0x142b, 0x0, 0x2, r5}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x3, 0x4, r1, &(0x7f0000000900)="d502b432c36e2e7d9bca2144be283849d0d1b3c68b8362a12fbd2e85e72c4497f0239d8e2435eb159d2d0329c319ec1d5903a3b9d615b25830537ed4cf43016788169491b05d04260bda6d2b9b4c1f66752b794505eccf6aae9b6984627b1e02af4cf745133fc6b11135480588f280a3a86e721e4bd08b8cc508e080039dfd0543a7d3d8863bba5ddbcff3d998cf0e690ad1bab58c7249587b8c062900f91c9840059210f494ce4074718fd2", 0xac, 0xb, 0x0, 0x0, r7}])
dup3(r5, r3, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
fadvise64(r9, 0x5851, 0x0, 0x2)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r8, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000005c0)={0x228, 0x0, 0x0, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_KEY={0x140, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x4}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "8e4695676cd50aab7380dc07ca212ba050314ce2b8fa0b4d80a2584574634bcb"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "eebdc69012ce79e146b2ff1aaaca6071"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "c5bba3281ee981db208fde7e1f0962406b3844fb611f558452783dd6d01d6294"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "39d084ede90acfd51dc55faaeea826621f5f98b673ee4010ea77d6407fd28042"}, @NL802154_KEY_ATTR_ID={0x28, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}]}, @NL802154_KEY_ATTR_ID={0x80, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x60, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x8}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x54, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x18b}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x12}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x10f}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x6}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}]}, @NL802154_KEY_ATTR_ID={0x50, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x10}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8}]}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cc6c803679d9bc57937b738487378115"}]}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x228}, 0x1, 0x0, 0x0, 0x20048041}, 0x4004810)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x4, &(0x7f0000000580)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20}, 0x94)

3.837986575s ago: executing program 0 (id=2966):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
add_key$keyring(0x0, &(0x7f0000001f40)={'syz', 0x2}, 0x0, 0x0, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r6 = memfd_create(&(0x7f0000000440)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x11', 0x2)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000000)={r6, 0x100000, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r7, 0x40086200, &(0x7f0000000080)=0x2)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r8, 0x84, 0x5, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)

895.32825ms ago: executing program 0 (id=2967):
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{}, {0x77359400}}, &(0x7f0000000200))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r2, 0x40384708, &(0x7f0000000080)={0x8, 0x1, 0x609152b0, 0x10000000, 0xe, "3eccd2000500"})
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$MON_IOCX_GET(r4, 0x40189206, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000580)={<r5=>0x0, 0xde, "889388fb0b513f0387d2e77438b18cc0b88ea84d11dbb9ae7bc5a4dd729d12d6077fe112deb3cf8a7776b56bf56cdf240527708e0652bc065c38c4fbb6f51674008f9914ca529fff0d9c02adc40fec4f113cb5af227ed1950cca82ae63804c23893277e09288deaa2ba4f579cfe53864e3823d66040b79b4b0cb7251832cca97324c836fe0cd5c1a250e80027c8fc2c9560c6fc6b8fd0bd389a42afdb5c08a82592f2a6e991569e7818908ee541c6bb34dfd56ed15f9a5d98aacaf877ef196d791f20c850b1c2b41c58acc1b1016b97b967716c53d278d54f503ad455d1c"}, &(0x7f00000002c0)=0xe6)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f00000003c0)={r5, @in={{0x2, 0x4e20, @local}}, 0x2, 0x2}, &(0x7f0000000300)=0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f00000000c0))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r3, 0x111, 0x4, 0x0, 0x4)
ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x4})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=@ipv4_newroute={0x3c, 0x18, 0x8, 0x70bd2a, 0x25dfdbfd, {0x2, 0x0, 0x80, 0x9, 0xfe, 0x0, 0x64, 0xb, 0x300}, [@RTA_GATEWAY={0x8, 0x5, @private=0xa010101}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @SEG6_LOCAL_NH6={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x43}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040014}, 0x4801)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400)
r8 = accept4$packet(r3, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14, 0x0)
getsockname$packet(r8, &(0x7f0000000500), &(0x7f0000000680)=0x14)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="a394a198bdd1ab8919c4d8c21fb6bcfa04bd3b94aaf80e0500da82d56fe582a48c11142f5bbde243924286eba14bdcdfaa20490cff0708a9aa49c19416aba02094eaab1d323cf6e4430e56ad83a2bdb75bb90b42b6", @ANYRESHEX], 0xc4}}, 0x0)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="0100000000000000000011"], 0x14}}, 0x0)

801.81687ms ago: executing program 3 (id=2968):
r0 = syz_usb_connect(0x1, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_open_procfs(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
bind$inet6(r1, &(0x7f0000000440)={0xa, 0x2, 0x0, @loopback, 0x401}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000240)="04", 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='bbr\x00', 0x4)
shutdown(r1, 0x1)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "db32"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, &(0x7f0000000340)={0x14, &(0x7f0000000440)={0x0, 0x31, 0x100, {0x100, 0x23, "76c3565f4f1017626ff61aa4611dba6908f5d4d601e9778b26519b0a448fed3dd6a391be2143ab1ca5edfbdab4a83973a107e3de3be7c3fd78f0cc6986b74187a6ee7f740df3ddbd7c671c992560524e5f5e26163c8757e966b068cb2dd53352676b923237d6af1b3fff7749a2f30c2f3dbb7f04a7f4cf11ee15eeb1d3bf306ac5ebbce0ea403dbb144e96575d9580f90851691922c07389b1fd9c32453ea003df907e0d698d144901517d16a6d9ce7d9f5a644a197f8adc6e3ae43bce9687db8a9864208212f8e084f1beb90cde06901d2780be349fd81bc5bc29a0bc2ef167863028e37e967cbb76ad676a12df0461eb8083059e97229bf22554a4f2ed"}}, &(0x7f0000000300)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc0a}}}, &(0x7f0000000980)={0x34, &(0x7f0000000600)={0x0, 0x16, 0x100, "39351f0fa75634a72709b02ec29967e6d253afd77dee0ff593bbb21807bdf0ab40056bb761b3adf172249c2b07cac24bb5e787129cf7b2186de8e997300491f8ba22e05dacce29ef8162124c741ceed177d2c307be0eef5eef386e1eed2c4b35105fc430686bbf001fc920c7bf3598d3c6445b5bfb8b009934fcf122cc052560f950d415c10c0e8d2fd8a5ecbf5b635a01a7c8f97ebb71614bd3c7a412da25f8103cd6a7628339ec3ad2ab6b3447c3b480769611f031e109295e3cf8a124fbf8080d2eabeaf62e6e86cdc10164db2ad6e73db47ece5b7aca881d33591f9dafd0bbd667294efc98e668cfd496ae431d1cfa90d5647b75090996fc83eb249f164f"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000580)={0x0, 0x8, 0x1, 0xb}, &(0x7f00000008c0)={0x20, 0x0, 0x6f, {0x6d, "6ce630ec485d15702ea97ef1da5051ca6e3c2eb015ab082c768086c743f0a74eae9d4fc265f409488851f69b4ceb27ff7813a19877b41e747657d9fc7a554e1971f0750f3e200a26c43007de25e3a54dd3ad7e4a3541f9fa7cfd0b2b03eec6cf8007dc8511adfcfa7dc90032d6"}}, &(0x7f0000000740)={0x20, 0x1, 0x1, 0x5}, &(0x7f0000000940)={0x20, 0x0, 0x1, 0x9}})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000140)={0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="40191b00000000"], 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000040)=ANY=[@ANYRESOCT=r3], 0x15)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = dup(r3)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0)
write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r4, &(0x7f00000000c0)={0x18}, 0x18)
ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40086607, &(0x7f00000002c0)=0x20000000000000)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="b9"], 0xb8)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200), 0x103000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r6, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',cache=fscache'])
setsockopt$inet6_tcp_int(r5, 0x6, 0x22, &(0x7f0000000180)=0x3, 0x4)
creat(&(0x7f0000000140)='./file0\x00', 0x50)

529.572072ms ago: executing program 0 (id=2969):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

504.496859ms ago: executing program 5 (id=2970):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x100}, @NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0x10000}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xc8}}, 0x0) (fail_nth: 2)

15.785911ms ago: executing program 0 (id=2971):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r2, &(0x7f0000007380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x50, r0, 0xe096044a3fc9e6f1, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_WME={0x14, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x9}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x3}]}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xfa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x200000d0}, 0x50)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r0, 0x100, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008840)
socket$kcm(0x10, 0x2, 0x4)
r3 = syz_usb_connect(0x0, 0x1b, &(0x7f0000000280)={{0x12, 0x1, 0x6d2228ebcb1ece71, 0x3b, 0x63, 0xa9, 0x20, 0x45e, 0x4df, 0xf0a3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x4, 0x0, 0x10}}]}}, 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f00000005c0)={0x44, &(0x7f0000000e40)={0x40, 0x9, 0xc, "00004700000040f400bec073"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001340)=<r5=>0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000001380)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f0000001440), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x8, 0x2)
sendmsg$nl_generic(r4, 0x0, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x20000)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$inet_sctp(0x2, 0x1, 0x84)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)
read$msr(r6, &(0x7f00000000c0)=""/59, 0x3b)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 5 (id=2972):
socket$vsock_stream(0x28, 0x1, 0x0)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020}, 0x2020)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x1e, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x24}, 0x94)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x622200, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000680)=ANY=[@ANYBLOB="0a00000016000000b40000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000100"/28], 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000)=0x1, r2, 0x0, 0x1, 0x4}}, 0x20)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000000506010200000000000000000a000001"], 0x20}, 0x1, 0x0, 0x0, 0x20004010}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$igmp6(0xa, 0x3, 0x2)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d030100000000009500000000000000bc26080000000000bf67000000000000070300000fff070067020000030000001606000080ffffffbf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

kernel console output (not intermixed with test programs):

sing attributes in process `syz.1.2279'.
[  898.693838][T14108] lowmem_reserve[]: 0 2501 2503 2503 2503
[  898.703492][T14108] Node 0 DMA32 free:1260448kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12524kB inactive_anon:52188kB active_file:107584kB inactive_file:141228kB unevictable:1588kB writepending:836kB present:3129332kB managed:2561448kB mlocked:0kB bounce:0kB free_pcp:41888kB local_pcp:26380kB free_cma:0kB
[  898.706474][T14131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2279'.
[  899.106461][T14108] lowmem_reserve[]: 0 0 1 1 1
[  899.131084][T14108] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1760kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  899.216010][T14108] lowmem_reserve[]: 0 0 0 0 0
[  899.226302][T14108] Node 1 Normal free:3899752kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:268kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20220kB local_pcp:11324kB free_cma:0kB
[  899.446179][T14108] lowmem_reserve[]: 0 0 0 0 0
[  899.486867][T14140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2282'.
[  899.496111][T14140] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  900.470967][T14108] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  900.551329][T14108] Node 0 DMA32: 15*4kB (E) 145*8kB (UE) 52*16kB (UE) 429*32kB (UME) 551*64kB (UME) 305*128kB (UME) 198*256kB (UME) 119*512kB (UME) 67*1024kB (UME) 17*2048kB (UME) 233*4096kB (UM) = 1259492kB
[  900.651087][T14108] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  900.691377][T14108] Node 1 Normal: 158*4kB (UME) 10*8kB (UME) 28*16kB (UE) 179*32kB (UE) 86*64kB (UME) 18*128kB (UE) 5*256kB (UME) 2*512kB (M) 2*1024kB (ME) 1*2048kB (E) 947*4096kB (M) = 3900008kB
[  900.748587][T14146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2285'.
[  900.757876][T14108] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  900.782173][T14108] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  900.804658][T14146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2285'.
[  900.891044][T14108] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  900.933757][T14108] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  900.979166][T14108] 77240 total pagecache pages
[  900.994185][T14108] 0 pages in swap cache
[  901.000781][T14108] Free swap  = 124996kB
[  901.014183][T14108] Total swap = 124996kB
[  901.032776][T14108] 2097051 pages RAM
[  901.054638][T14108] 0 pages HighMem/MovableOnly
[  901.074245][T14108] 424582 pages reserved
[  901.081293][T14108] 0 pages cma reserved
[  901.308022][T14156] pim6reg: entered allmulticast mode
[  901.599274][T14164] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2283'.
[  902.037262][T14168] FAULT_INJECTION: forcing a failure.
[  902.037262][T14168] name failslab, interval 1, probability 0, space 0, times 0
[  902.100014][T14168] CPU: 0 UID: 0 PID: 14168 Comm: syz.0.2290 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  902.100042][T14168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  902.100053][T14168] Call Trace:
[  902.100061][T14168]  <TASK>
[  902.100068][T14168]  dump_stack_lvl+0x189/0x250
[  902.100096][T14168]  ? __pfx____ratelimit+0x10/0x10
[  902.100119][T14168]  ? __pfx_dump_stack_lvl+0x10/0x10
[  902.100141][T14168]  ? __pfx__printk+0x10/0x10
[  902.100165][T14168]  ? __pfx___might_resched+0x10/0x10
[  902.100186][T14168]  ? fs_reclaim_acquire+0x7d/0x100
[  902.100212][T14168]  should_fail_ex+0x414/0x560
[  902.100237][T14168]  should_failslab+0xa8/0x100
[  902.100280][T14168]  __kmalloc_noprof+0xcb/0x4f0
[  902.100299][T14168]  ? io_cache_alloc_new+0x40/0x100
[  902.100319][T14168]  ? __lock_acquire+0xab9/0xd20
[  902.100343][T14168]  io_cache_alloc_new+0x40/0x100
[  902.100367][T14168]  __io_prep_rw+0x23f/0xd80
[  902.100395][T14168]  ? __pfx___io_prep_rw+0x10/0x10
[  902.100410][T14168]  ? percpu_ref_get_many+0x21/0x1e0
[  902.100433][T14168]  ? percpu_ref_get_many+0x21/0x1e0
[  902.100467][T14168]  io_prep_rwv+0x8c/0x3d0
[  902.100483][T14168]  ? __pfx___io_alloc_req_refill+0x10/0x10
[  902.100506][T14168]  ? __pfx_io_prep_rwv+0x10/0x10
[  902.100528][T14168]  ? __asan_memset+0x22/0x50
[  902.100544][T14168]  ? blk_start_plug_nr_ios+0x7f/0x1c0
[  902.100578][T14168]  io_submit_sqes+0x90c/0x1c50
[  902.100629][T14168]  __se_sys_io_uring_enter+0x2df/0x2b20
[  902.100668][T14168]  ? ksys_write+0x1cb/0x250
[  902.100691][T14168]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  902.100707][T14168]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  902.100729][T14168]  ? __pfx_vfs_write+0x10/0x10
[  902.100758][T14168]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  902.100784][T14168]  ? __fget_files+0x3a0/0x420
[  902.100812][T14168]  ? fput+0xa0/0xd0
[  902.100834][T14168]  ? ksys_write+0x22a/0x250
[  902.100855][T14168]  ? __pfx_ksys_write+0x10/0x10
[  902.100869][T14168]  ? rcu_is_watching+0x15/0xb0
[  902.100899][T14168]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  902.100921][T14168]  do_syscall_64+0xfa/0x3b0
[  902.100941][T14168]  ? lockdep_hardirqs_on+0x9c/0x150
[  902.100962][T14168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.100978][T14168]  ? clear_bhb_loop+0x60/0xb0
[  902.100999][T14168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.101016][T14168] RIP: 0033:0x7eff9478e929
[  902.101032][T14168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  902.101046][T14168] RSP: 002b:00007eff955a2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  902.101064][T14168] RAX: ffffffffffffffda RBX: 00007eff949b6080 RCX: 00007eff9478e929
[  902.101077][T14168] RDX: 0000000000000000 RSI: 00000000000847ba RDI: 0000000000000008
[  902.101087][T14168] RBP: 00007eff955a2090 R08: 0000000000000000 R09: 0000000000000000
[  902.101096][T14168] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000001
[  902.101111][T14168] R13: 0000000000000000 R14: 00007eff949b6080 R15: 00007ffdac754db8
[  902.101140][T14168]  </TASK>
[  902.824073][   T30] audit: type=1326 audit(1751566145.896:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  902.960755][   T30] audit: type=1326 audit(1751566145.896:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  903.150547][   T30] audit: type=1326 audit(1751566145.896:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  903.248463][   T30] audit: type=1326 audit(1751566145.896:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  903.275226][   T30] audit: type=1326 audit(1751566145.896:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  903.298194][   T30] audit: type=1326 audit(1751566145.906:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  903.532808][   T30] audit: type=1326 audit(1751566145.906:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  903.765679][T14197] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  904.175767][   T30] audit: type=1326 audit(1751566145.906:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  904.312309][   T30] audit: type=1326 audit(1751566145.906:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  904.529658][T14184] lo speed is unknown, defaulting to 1000
[  904.541270][T14184] dummy0 speed is unknown, defaulting to 1000
[  904.571315][   T30] audit: type=1326 audit(1751566145.906:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14176 comm="syz.2.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f592c58e929 code=0x7ffc0000
[  904.997645][T14211] NILFS (nullb0): couldn't find nilfs on the device
[  906.202415][T14213] lo speed is unknown, defaulting to 1000
[  906.209173][T14213] dummy0 speed is unknown, defaulting to 1000
[  910.004941][T14242] lo speed is unknown, defaulting to 1000
[  910.172960][T14242] dummy0 speed is unknown, defaulting to 1000
[  912.392205][T14273] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2318'.
[  912.591057][T14276] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2318'.
[  912.751600][   T10] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  912.840253][T14278] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2320'.
[  912.926306][   T10] usb 4-1: Using ep0 maxpacket: 32
[  912.952081][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  913.017264][   T10] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  913.056888][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.101097][   T10] usb 4-1: Product: syz
[  913.105303][   T10] usb 4-1: Manufacturer: syz
[  913.215686][   T10] usb 4-1: SerialNumber: syz
[  913.266598][   T10] usb 4-1: config 0 descriptor??
[  913.282892][   T10] cdc_ether 4-1:0.0: probe with driver cdc_ether failed with error -22
[  913.321640][   T10] usb 4-1: unsupported MDLM descriptors
[  913.417553][T14285] sctp: [Deprecated]: syz.1.2324 (pid 14285) Use of struct sctp_assoc_value in delayed_ack socket option.
[  913.417553][T14285] Use struct sctp_sack_info instead
[  913.576562][T14275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  913.634245][T14275] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  913.682361][T14275] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2319'.
[  913.910428][ T5973] usb 4-1: USB disconnect, device number 15
[  914.773571][T14307] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  915.830656][T14317] bond4: entered allmulticast mode
[  915.982390][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  915.982406][   T30] audit: type=1326 audit(1751566159.136:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  916.170474][   T30] audit: type=1326 audit(1751566159.136:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  916.771062][   T30] audit: type=1326 audit(1751566159.166:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  916.794731][   T30] audit: type=1326 audit(1751566159.166:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  916.816191][    C0] vkms_vblank_simulate: vblank timer overrun
[  916.925639][   T30] audit: type=1326 audit(1751566159.166:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  917.003479][   T30] audit: type=1326 audit(1751566159.166:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  917.060216][   T30] audit: type=1326 audit(1751566159.166:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  917.165229][   T30] audit: type=1326 audit(1751566159.166:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  917.259139][   T30] audit: type=1326 audit(1751566159.166:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  917.282525][T14332] 9pnet_fd: Insufficient options for proto=fd
[  917.431205][   T30] audit: type=1326 audit(1751566159.166:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14322 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5edf8e929 code=0x7ffc0000
[  917.588839][T14338] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2340'.
[  917.701800][T14347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2340'.
[  921.885836][T14391] vivid-003: kernel_thread() failed
[  922.119449][T14395] netlink: 'syz.3.2355': attribute type 58 has an invalid length.
[  922.128520][T14395] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2355'.
[  923.312355][T14403] 9pnet_fd: Insufficient options for proto=fd
[  923.506408][T14405] bridge0: port 1(bridge_slave_0) entered disabled state
[  923.526386][T14405] bridge0: port 2(bridge_slave_1) entered disabled state
[  923.528075][T14408] netlink: 'syz.3.2359': attribute type 16 has an invalid length.
[  923.980722][T14408] netlink: 'syz.3.2359': attribute type 17 has an invalid length.
[  924.111649][T14408] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.118924][T14408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  924.181301][T14408] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.188541][T14408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  924.504804][T14422] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2364'.
[  925.781191][   T43] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  926.001347][   T43] usb 4-1: Using ep0 maxpacket: 16
[  926.008884][   T43] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  926.056023][   T43] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  926.079575][   T43] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[  926.124985][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  926.147962][   T43] usb 4-1: Product: syz
[  926.166633][   T43] usb 4-1: Manufacturer: syz
[  926.257881][   T43] usb 4-1: SerialNumber: syz
[  927.138353][T14451] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2371'.
[  927.169806][T14451] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2371'.
[  928.310460][   T43] usb 4-1: 0:2 : does not exist
[  928.396544][   T43] usb 4-1: 5:0: cannot get min/max values for control 8 (id 5)
[  928.571367][   T43] usb 4-1: USB disconnect, device number 16
[  928.624184][T10779] udevd[10779]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  928.658251][T14465] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2375'.
[  928.680218][T14465] FAULT_INJECTION: forcing a failure.
[  928.680218][T14465] name failslab, interval 1, probability 0, space 0, times 0
[  928.735077][T14465] CPU: 1 UID: 0 PID: 14465 Comm: syz.0.2375 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  928.735103][T14465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  928.735114][T14465] Call Trace:
[  928.735121][T14465]  <TASK>
[  928.735129][T14465]  dump_stack_lvl+0x189/0x250
[  928.735157][T14465]  ? __pfx____ratelimit+0x10/0x10
[  928.735181][T14465]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.735203][T14465]  ? __pfx__printk+0x10/0x10
[  928.735229][T14465]  ? ref_tracker_alloc+0x318/0x460
[  928.735253][T14465]  should_fail_ex+0x414/0x560
[  928.735278][T14465]  should_failslab+0xa8/0x100
[  928.735300][T14465]  kmem_cache_alloc_noprof+0x73/0x3c0
[  928.735320][T14465]  ? skb_clone+0x212/0x3a0
[  928.735344][T14465]  skb_clone+0x212/0x3a0
[  928.735368][T14465]  __netlink_deliver_tap+0x404/0x850
[  928.735400][T14465]  ? netlink_deliver_tap+0x2e/0x1b0
[  928.735420][T14465]  netlink_deliver_tap+0x19c/0x1b0
[  928.735437][T14465]  netlink_sendskb+0x68/0x140
[  928.735464][T14465]  genlmsg_reply+0x86/0xc0
[  928.735490][T14465]  nl80211_new_interface+0xc1a/0x1180
[  928.735522][T14465]  ? __pfx_nl80211_new_interface+0x10/0x10
[  928.735550][T14465]  ? nl80211_pre_doit+0x4fb/0x930
[  928.735577][T14465]  genl_family_rcv_msg_doit+0x212/0x300
[  928.735607][T14465]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  928.735644][T14465]  ? bpf_lsm_capable+0x9/0x20
[  928.735671][T14465]  ? security_capable+0x7e/0x2e0
[  928.735702][T14465]  genl_rcv_msg+0x60e/0x790
[  928.735731][T14465]  ? __pfx_genl_rcv_msg+0x10/0x10
[  928.735749][T14465]  ? ref_tracker_free+0x63a/0x7d0
[  928.735766][T14465]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  928.735784][T14465]  ? __pfx_nl80211_new_interface+0x10/0x10
[  928.735803][T14465]  ? __pfx_nl80211_post_doit+0x10/0x10
[  928.735824][T14465]  ? __pfx_ref_tracker_free+0x10/0x10
[  928.735857][T14465]  netlink_rcv_skb+0x208/0x470
[  928.735875][T14465]  ? __pfx_genl_rcv_msg+0x10/0x10
[  928.735898][T14465]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  928.735939][T14465]  ? down_read+0x1ad/0x2e0
[  928.735958][T14465]  genl_rcv+0x28/0x40
[  928.735977][T14465]  netlink_unicast+0x75b/0x8d0
[  928.736013][T14465]  netlink_sendmsg+0x805/0xb30
[  928.736043][T14465]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.736070][T14465]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  928.736088][T14465]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.736108][T14465]  __sock_sendmsg+0x21c/0x270
[  928.736135][T14465]  ____sys_sendmsg+0x505/0x830
[  928.736161][T14465]  ? __pfx_____sys_sendmsg+0x10/0x10
[  928.736191][T14465]  ? import_iovec+0x74/0xa0
[  928.736218][T14465]  ___sys_sendmsg+0x21f/0x2a0
[  928.736240][T14465]  ? __pfx____sys_sendmsg+0x10/0x10
[  928.736301][T14465]  ? __fget_files+0x2a/0x420
[  928.736320][T14465]  ? __fget_files+0x3a0/0x420
[  928.736353][T14465]  __x64_sys_sendmsg+0x19b/0x260
[  928.736376][T14465]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  928.736407][T14465]  ? __pfx_ksys_write+0x10/0x10
[  928.736423][T14465]  ? rcu_is_watching+0x15/0xb0
[  928.736451][T14465]  ? do_syscall_64+0xbe/0x3b0
[  928.736477][T14465]  do_syscall_64+0xfa/0x3b0
[  928.736497][T14465]  ? lockdep_hardirqs_on+0x9c/0x150
[  928.736518][T14465]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.736535][T14465]  ? clear_bhb_loop+0x60/0xb0
[  928.736555][T14465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.736572][T14465] RIP: 0033:0x7eff9478e929
[  928.736586][T14465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.736599][T14465] RSP: 002b:00007eff955c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  928.736617][T14465] RAX: ffffffffffffffda RBX: 00007eff949b5fa0 RCX: 00007eff9478e929
[  928.736630][T14465] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  928.736641][T14465] RBP: 00007eff955c3090 R08: 0000000000000000 R09: 0000000000000000
[  928.736658][T14465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  928.736668][T14465] R13: 0000000000000000 R14: 00007eff949b5fa0 R15: 00007ffdac754db8
[  928.736699][T14465]  </TASK>
[  929.362697][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  929.387889][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  929.403555][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  929.447856][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  929.470255][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  929.596793][T14470] lo speed is unknown, defaulting to 1000
[  929.628646][T14470] dummy0 speed is unknown, defaulting to 1000
[  931.651108][   T51] Bluetooth: hci5: command tx timeout
[  932.057875][T14506] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 14506 comm: syz.1.2382)
[  932.594724][T14504] syz.4.2385: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  932.621788][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  932.628346][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  932.642715][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  932.642759][   T30] audit: type=1800 audit(1751566175.216:93): pid=14506 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.2382" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=46542 res=0 errno=0
[  932.671572][T14504] CPU: 0 UID: 0 PID: 14504 Comm: syz.4.2385 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  932.671599][T14504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  932.671610][T14504] Call Trace:
[  932.671618][T14504]  <TASK>
[  932.671625][T14504]  dump_stack_lvl+0x189/0x250
[  932.671659][T14504]  ? __pfx_dump_stack_lvl+0x10/0x10
[  932.671684][T14504]  ? __pfx__printk+0x10/0x10
[  932.671703][T14504]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  932.671729][T14504]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  932.671758][T14504]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  932.671787][T14504]  warn_alloc+0x214/0x310
[  932.671810][T14504]  ? stack_depot_save_flags+0x429/0x900
[  932.671835][T14504]  ? __pfx_warn_alloc+0x10/0x10
[  932.671859][T14504]  ? kasan_save_track+0x4f/0x80
[  932.671879][T14504]  ? xskq_create+0x56/0x170
[  932.671900][T14504]  ? xsk_init_queue+0xb0/0x110
[  932.671919][T14504]  ? xsk_setsockopt+0x43f/0x710
[  932.671937][T14504]  ? do_sock_setsockopt+0x257/0x3e0
[  932.671955][T14504]  ? __x64_sys_setsockopt+0x18b/0x220
[  932.671972][T14504]  ? do_syscall_64+0xfa/0x3b0
[  932.671994][T14504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.672020][T14504]  __vmalloc_node_range_noprof+0x125/0x12f0
[  932.672074][T14504]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  932.672103][T14504]  ? __kasan_kmalloc+0x93/0xb0
[  932.672127][T14504]  vmalloc_user_noprof+0xad/0xf0
[  932.672148][T14504]  ? xskq_create+0xbf/0x170
[  932.672171][T14504]  xskq_create+0xbf/0x170
[  932.672196][T14504]  xsk_init_queue+0xb0/0x110
[  932.672220][T14504]  xsk_setsockopt+0x43f/0x710
[  932.672244][T14504]  ? __pfx_xsk_setsockopt+0x10/0x10
[  932.672263][T14504]  ? __lock_acquire+0xab9/0xd20
[  932.672294][T14504]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  932.672314][T14504]  ? __pfx_xsk_setsockopt+0x10/0x10
[  932.672337][T14504]  do_sock_setsockopt+0x257/0x3e0
[  932.672360][T14504]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  932.672384][T14504]  ? __fget_files+0x2a/0x420
[  932.672415][T14504]  __x64_sys_setsockopt+0x18b/0x220
[  932.672441][T14504]  do_syscall_64+0xfa/0x3b0
[  932.672463][T14504]  ? lockdep_hardirqs_on+0x9c/0x150
[  932.672486][T14504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.672504][T14504]  ? clear_bhb_loop+0x60/0xb0
[  932.672525][T14504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.672548][T14504] RIP: 0033:0x7fa5edf8e929
[  932.672565][T14504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  932.672581][T14504] RSP: 002b:00007fa5ebdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  932.672601][T14504] RAX: ffffffffffffffda RBX: 00007fa5ee1b6080 RCX: 00007fa5edf8e929
[  932.672615][T14504] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000b
[  932.672626][T14504] RBP: 00007fa5ee010b39 R08: 0000000000000004 R09: 0000000000000000
[  932.672637][T14504] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[  932.672649][T14504] R13: 0000000000000000 R14: 00007fa5ee1b6080 R15: 00007fff06376f98
[  932.672680][T14504]  </TASK>
[  932.672713][T14504] Mem-Info:
[  932.984179][T14504] active_anon:263 inactive_anon:15087 isolated_anon:0
[  932.984179][T14504]  active_file:27408 inactive_file:35324 isolated_file:0
[  932.984179][T14504]  unevictable:770 dirty:193 writeback:0
[  932.984179][T14504]  slab_reclaimable:5954 slab_unreclaimable:101691
[  932.984179][T14504]  mapped:42935 shmem:10742 pagetables:1489
[  932.984179][T14504]  sec_pagetables:0 bounce:0
[  932.984179][T14504]  kernel_misc_reclaimable:0
[  932.984179][T14504]  free:1290251 free_pcp:18578 free_cma:0
[  933.030031][T14504] Node 0 active_anon:1052kB inactive_anon:60348kB active_file:109364kB inactive_file:141296kB unevictable:1544kB isolated(anon):0kB isolated(file):0kB mapped:171676kB dirty:772kB writeback:0kB shmem:41432kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13680kB pagetables:5800kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  933.064404][T14504] Node 1 active_anon:0kB inactive_anon:0kB active_file:268kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:64kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  933.096155][T14504] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  933.125244][T14504] lowmem_reserve[]: 0 2501 2503 2503 2503
[  933.163778][T14504] Node 0 DMA32 free:1243316kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1048kB inactive_anon:60304kB active_file:107604kB inactive_file:141228kB unevictable:1544kB writepending:772kB present:3129332kB managed:2561448kB mlocked:0kB bounce:0kB free_pcp:56556kB local_pcp:32856kB free_cma:0kB
[  933.196727][T14504] lowmem_reserve[]: 0 0 1 1 1
[  933.201677][T14504] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1760kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  933.231131][T14504] lowmem_reserve[]: 0 0 0 0 0
[  933.236062][T14504] Node 1 Normal free:3902308kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:268kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17696kB local_pcp:8672kB free_cma:0kB
[  933.267831][T14504] lowmem_reserve[]: 0 0 0 0 0
[  933.272804][T14504] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  933.285952][T14504] Node 0 DMA32: 761*4kB (UE) 180*8kB (UE) 625*16kB (UM) 437*32kB (UME) 516*64kB (UME) 241*128kB (UME) 200*256kB (UME) 136*512kB (UME) 60*1024kB (UME) 7*2048kB (UME) 233*4096kB (UM) = 1243316kB
[  933.305693][T14504] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  933.319751][T14504] Node 1 Normal: 189*4kB (UME) 40*8kB (UME) 49*16kB (UME) 221*32kB (UME) 88*64kB (UME) 19*128kB (UME) 5*256kB (UME) 2*512kB (M) 2*1024kB (ME) 1*2048kB (E) 947*4096kB (M) = 3902308kB
[  933.351225][T14504] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  933.361281][T14504] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  933.370626][T14504] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  933.380387][T14504] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  933.389876][T14504] 73472 total pagecache pages
[  933.394840][T14504] 0 pages in swap cache
[  933.399050][T14504] Free swap  = 124996kB
[  933.403369][T14504] Total swap = 124996kB
[  933.407579][T14504] 2097051 pages RAM
[  933.411568][T14504] 0 pages HighMem/MovableOnly
[  933.416297][T14504] 424582 pages reserved
[  933.420475][T14504] 0 pages cma reserved
[  933.707033][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  933.709784][   T51] Bluetooth: hci5: command tx timeout
[  933.773805][T14511] netlink: 'syz.4.2387': attribute type 16 has an invalid length.
[  933.837603][T14511] netlink: 'syz.4.2387': attribute type 17 has an invalid length.
[  934.834765][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  935.780999][   T51] Bluetooth: hci5: command tx timeout
[  935.897707][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  936.449693][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  937.871613][   T51] Bluetooth: hci5: command tx timeout
[  938.260129][T14470] chnl_net:caif_netlink_parms(): no params data found
[  938.385161][T14549] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2397'.
[  938.394316][T14549] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  938.685128][T14558] overlayfs: missing 'lowerdir'
[  938.980648][   T36] ip6gretap0: left allmulticast mode
[  939.005797][   T36] ip6gretap0: left promiscuous mode
[  939.041672][   T36] bridge0: port 3(ip6gretap0) entered disabled state
[  939.078064][   T36] bridge_slave_1: left allmulticast mode
[  939.088312][   T36] bridge_slave_1: left promiscuous mode
[  939.104990][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  939.141935][   T36] bridge_slave_0: left allmulticast mode
[  939.148870][   T36] bridge_slave_0: left promiscuous mode
[  939.163740][T14571] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  939.166740][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  939.175297][T14572] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  939.886158][T14583] block device autoloading is deprecated and will be removed.
[  940.641213][ T5891] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  941.282909][ T5891] usb 4-1: Using ep0 maxpacket: 8
[  941.289970][ T5891] usb 4-1: config 0 has an invalid interface number: 200 but max is 0
[  941.303255][ T5891] usb 4-1: config 0 has no interface number 0
[  941.315155][ T5891] usb 4-1: config 0 interface 200 has no altsetting 0
[  941.341258][ T5891] usb 4-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  941.350687][ T5891] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.360827][ T5891] usb 4-1: Product: syz
[  941.368241][ T5891] usb 4-1: Manufacturer: syz
[  941.375864][ T5891] usb 4-1: SerialNumber: syz
[  942.045620][ T5891] usb 4-1: config 0 descriptor??
[  942.350003][T14609] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2409'.
[  942.350056][T14609] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  942.494173][ T5891] input: Hanwang Art Master III 0906 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.200/input/input46
[  942.513026][ T5891] usb 4-1: USB disconnect, device number 17
[  942.632872][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  942.647152][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  942.659670][   T36] bond0 (unregistering): Released all slaves
[  942.685390][   T36] bond1 (unregistering): Released all slaves
[  942.688659][T14616] FAULT_INJECTION: forcing a failure.
[  942.688659][T14616] name failslab, interval 1, probability 0, space 0, times 0
[  942.703695][   T36] bond2 (unregistering): Released all slaves
[  942.709485][T14616] CPU: 0 UID: 0 PID: 14616 Comm: syz.4.2411 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  942.709509][T14616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  942.709519][T14616] Call Trace:
[  942.709526][T14616]  <TASK>
[  942.709534][T14616]  dump_stack_lvl+0x189/0x250
[  942.709561][T14616]  ? __pfx____ratelimit+0x10/0x10
[  942.709583][T14616]  ? __pfx_dump_stack_lvl+0x10/0x10
[  942.709605][T14616]  ? __pfx__printk+0x10/0x10
[  942.709627][T14616]  ? __pfx___might_resched+0x10/0x10
[  942.709648][T14616]  ? fs_reclaim_acquire+0x7d/0x100
[  942.709673][T14616]  should_fail_ex+0x414/0x560
[  942.709704][T14616]  should_failslab+0xa8/0x100
[  942.709725][T14616]  __kmalloc_cache_noprof+0x70/0x3d0
[  942.709744][T14616]  ? rtnl_newlink+0xed/0x1c70
[  942.709759][T14616]  ? kasan_save_free_info+0x46/0x50
[  942.709785][T14616]  rtnl_newlink+0xed/0x1c70
[  942.709798][T14616]  ? netlink_sendmsg+0x805/0xb30
[  942.709814][T14616]  ? __sock_sendmsg+0x21c/0x270
[  942.709833][T14616]  ? ____sys_sendmsg+0x52d/0x830
[  942.709848][T14616]  ? ___sys_sendmsg+0x21f/0x2a0
[  942.709863][T14616]  ? __sys_sendmmsg+0x227/0x430
[  942.709878][T14616]  ? __x64_sys_sendmmsg+0xa0/0xc0
[  942.709895][T14616]  ? do_syscall_64+0xfa/0x3b0
[  942.709914][T14616]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.709937][T14616]  ? __pfx_rtnl_newlink+0x10/0x10
[  942.709974][T14616]  ? kasan_quarantine_put+0xdd/0x220
[  942.709991][T14616]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.710017][T14616]  ? nlmon_xmit+0xb0/0x100
[  942.710037][T14616]  ? kmem_cache_free+0x18f/0x400
[  942.710062][T14616]  ? __local_bh_enable_ip+0x12d/0x1c0
[  942.710083][T14616]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.710104][T14616]  ? __local_bh_enable_ip+0x12d/0x1c0
[  942.710125][T14616]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  942.710150][T14616]  ? __dev_queue_xmit+0x27e/0x3a70
[  942.710170][T14616]  ? __dev_queue_xmit+0x27e/0x3a70
[  942.710187][T14616]  ? __dev_queue_xmit+0x27e/0x3a70
[  942.710207][T14616]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  942.710231][T14616]  ? __lock_acquire+0xab9/0xd20
[  942.710275][T14616]  ? __pfx_rtnl_newlink+0x10/0x10
[  942.710290][T14616]  rtnetlink_rcv_msg+0x7cf/0xb70
[  942.710316][T14616]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  942.710338][T14616]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  942.710358][T14616]  ? ref_tracker_free+0x63a/0x7d0
[  942.710374][T14616]  ? __copy_skb_header+0xa7/0x550
[  942.710395][T14616]  ? __pfx_ref_tracker_free+0x10/0x10
[  942.710423][T14616]  netlink_rcv_skb+0x208/0x470
[  942.710441][T14616]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  942.710466][T14616]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  942.710496][T14616]  ? netlink_deliver_tap+0x2e/0x1b0
[  942.710513][T14616]  ? netlink_deliver_tap+0x2e/0x1b0
[  942.710534][T14616]  netlink_unicast+0x75b/0x8d0
[  942.710567][T14616]  netlink_sendmsg+0x805/0xb30
[  942.710595][T14616]  ? __pfx_netlink_sendmsg+0x10/0x10
[  942.710619][T14616]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  942.710638][T14616]  ? __pfx_netlink_sendmsg+0x10/0x10
[  942.710656][T14616]  __sock_sendmsg+0x21c/0x270
[  942.710681][T14616]  ____sys_sendmsg+0x52d/0x830
[  942.710713][T14616]  ? __pfx_____sys_sendmsg+0x10/0x10
[  942.710739][T14616]  ? import_iovec+0x74/0xa0
[  942.710766][T14616]  ___sys_sendmsg+0x21f/0x2a0
[  942.710787][T14616]  ? __pfx____sys_sendmsg+0x10/0x10
[  942.710847][T14616]  ? __might_fault+0xb0/0x130
[  942.710874][T14616]  __sys_sendmmsg+0x227/0x430
[  942.710897][T14616]  ? __pfx___sys_sendmmsg+0x10/0x10
[  942.710948][T14616]  ? rcu_is_watching+0x15/0xb0
[  942.710974][T14616]  __x64_sys_sendmmsg+0xa0/0xc0
[  942.710994][T14616]  do_syscall_64+0xfa/0x3b0
[  942.711014][T14616]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.711033][T14616]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.711049][T14616]  ? clear_bhb_loop+0x60/0xb0
[  942.711069][T14616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.711085][T14616] RIP: 0033:0x7fa5edf8e929
[  942.711100][T14616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  942.711114][T14616] RSP: 002b:00007fa5eed10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  942.711131][T14616] RAX: ffffffffffffffda RBX: 00007fa5ee1b5fa0 RCX: 00007fa5edf8e929
[  942.711144][T14616] RDX: 0492492492492627 RSI: 00002000000000c0 RDI: 0000000000000003
[  942.711155][T14616] RBP: 00007fa5eed10090 R08: 0000000000000000 R09: 0000000000000000
[  942.711165][T14616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  942.711175][T14616] R13: 0000000000000000 R14: 00007fa5ee1b5fa0 R15: 00007fff06376f98
[  942.711202][T14616]  </TASK>
[  943.178198][   T36] bond3 (unregistering): Released all slaves
[  944.447022][T14470] bridge0: port 1(bridge_slave_0) entered blocking state
[  944.456687][T14470] bridge0: port 1(bridge_slave_0) entered disabled state
[  944.464665][T14470] bridge_slave_0: entered allmulticast mode
[  944.552050][T14470] bridge_slave_0: entered promiscuous mode
[  944.843722][T14470] bridge0: port 2(bridge_slave_1) entered blocking state
[  944.851410][T14470] bridge0: port 2(bridge_slave_1) entered disabled state
[  944.859095][T14470] bridge_slave_1: entered allmulticast mode
[  944.867374][T14470] bridge_slave_1: entered promiscuous mode
[  945.173183][T14646] atomic_op ffff888054a8f998 conn xmit_atomic 0000000000000000
[  945.802217][T14470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  945.848515][T14470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  945.888706][T14652] netlink: 'syz.1.2420': attribute type 16 has an invalid length.
[  945.907440][T14652] netlink: 'syz.1.2420': attribute type 17 has an invalid length.
[  948.855813][T14470] team0: Port device team_slave_0 added
[  948.893204][T14470] team0: Port device team_slave_1 added
[  949.035657][T14680] FAULT_INJECTION: forcing a failure.
[  949.035657][T14680] name failslab, interval 1, probability 0, space 0, times 0
[  949.111410][T14680] CPU: 1 UID: 0 PID: 14680 Comm: syz.4.2424 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  949.111441][T14680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  949.111451][T14680] Call Trace:
[  949.111459][T14680]  <TASK>
[  949.111472][T14680]  dump_stack_lvl+0x189/0x250
[  949.111501][T14680]  ? __pfx____ratelimit+0x10/0x10
[  949.111523][T14680]  ? __pfx_dump_stack_lvl+0x10/0x10
[  949.111545][T14680]  ? __pfx__printk+0x10/0x10
[  949.111564][T14680]  ? __pfx___might_resched+0x10/0x10
[  949.111585][T14680]  ? fs_reclaim_acquire+0x7d/0x100
[  949.111612][T14680]  should_fail_ex+0x414/0x560
[  949.111637][T14680]  should_failslab+0xa8/0x100
[  949.111660][T14680]  __kmalloc_noprof+0xcb/0x4f0
[  949.111678][T14680]  ? tomoyo_encode+0x28b/0x550
[  949.111704][T14680]  tomoyo_encode+0x28b/0x550
[  949.111731][T14680]  tomoyo_realpath_from_path+0x58d/0x5d0
[  949.111754][T14680]  ? tomoyo_domain+0xda/0x130
[  949.111782][T14680]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  949.111801][T14680]  tomoyo_path_number_perm+0x1e8/0x5a0
[  949.111824][T14680]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  949.111863][T14680]  ? __lock_acquire+0xab9/0xd20
[  949.111908][T14680]  ? __fget_files+0x2a/0x420
[  949.111936][T14680]  ? __fget_files+0x2a/0x420
[  949.111954][T14680]  ? __fget_files+0x3a0/0x420
[  949.111973][T14680]  ? __fget_files+0x2a/0x420
[  949.111997][T14680]  security_file_ioctl+0xcb/0x2d0
[  949.112019][T14680]  __se_sys_ioctl+0x47/0x170
[  949.112040][T14680]  do_syscall_64+0xfa/0x3b0
[  949.112061][T14680]  ? lockdep_hardirqs_on+0x9c/0x150
[  949.112082][T14680]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.112098][T14680]  ? clear_bhb_loop+0x60/0xb0
[  949.112118][T14680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.112134][T14680] RIP: 0033:0x7fa5edf8e929
[  949.112150][T14680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  949.112163][T14680] RSP: 002b:00007fa5eed10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  949.112183][T14680] RAX: ffffffffffffffda RBX: 00007fa5ee1b5fa0 RCX: 00007fa5edf8e929
[  949.112196][T14680] RDX: 0000200000000680 RSI: 00000000400442c8 RDI: 0000000000000005
[  949.112208][T14680] RBP: 00007fa5eed10090 R08: 0000000000000000 R09: 0000000000000000
[  949.112218][T14680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  949.112228][T14680] R13: 0000000000000000 R14: 00007fa5ee1b5fa0 R15: 00007fff06376f98
[  949.112258][T14680]  </TASK>
[  949.115762][T14680] ERROR: Out of memory at tomoyo_realpath_from_path.
[  949.582881][T14470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  949.589927][T14470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  950.803353][T14470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  951.021726][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  951.029692][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  951.095803][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  951.126330][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  951.917293][   T36] veth1_macvtap: left promiscuous mode
[  951.991310][   T36] veth0_macvtap: left promiscuous mode
[  951.998520][   T36] veth1_vlan: left promiscuous mode
[  952.005662][   T36] veth0_vlan: left promiscuous mode
[  952.758534][   T36] pim6reg (unregistering): left allmulticast mode
[  954.354682][   T36] team0 (unregistering): Port device team_slave_1 removed
[  955.526964][   T36] team0 (unregistering): Port device team_slave_0 removed
[  956.161536][T14470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  956.179450][T14470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  956.239239][T14470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  956.255534][T14700] bond0: option arp_interval: invalid value (18446744072537331903)
[  956.268181][T14700] bond0: option arp_interval: allowed values 0 - 2147483647
[  956.299653][ T5973] lo speed is unknown, defaulting to 1000
[  956.402466][ T5973] infiniband syz0: ib_query_port failed (-19)
[  957.147275][T14470] hsr_slave_0: entered promiscuous mode
[  957.166458][T14470] hsr_slave_1: entered promiscuous mode
[  958.029315][T14759] 9pnet_fd: Insufficient options for proto=fd
[  959.337175][   T36] IPVS: stop unused estimator thread 0...
[  959.902133][T14470] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  960.014380][T14791] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  960.091135][T14470] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  960.134420][T14470] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  960.253339][T14470] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  961.457667][T14814] overlay: Unknown parameter '\'
[  962.316853][   T30] audit: type=1326 audit(1751566205.276:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14808 comm="syz.3.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e34d8e929 code=0x7fc00000
[  962.856132][T14823] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2452'.
[  962.865271][T14823] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  963.465133][T14470] 8021q: adding VLAN 0 to HW filter on device bond0
[  963.904347][T14470] 8021q: adding VLAN 0 to HW filter on device team0
[  963.958617][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  963.965774][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  964.311065][ T3526] bridge0: port 2(bridge_slave_1) entered blocking state
[  964.318311][ T3526] bridge0: port 2(bridge_slave_1) entered forwarding state
[  964.980694][T14841] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2456'.
[  966.133175][T14860] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2459'.
[  966.281898][T14863] kvm: emulating exchange as write
[  967.194005][T14470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  967.522942][T14878] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2463'.
[  967.532198][T14878] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  971.165576][T14908] FAULT_INJECTION: forcing a failure.
[  971.165576][T14908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  971.210983][T14908] CPU: 1 UID: 0 PID: 14908 Comm: syz.0.2469 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  971.211009][T14908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  971.211020][T14908] Call Trace:
[  971.211028][T14908]  <TASK>
[  971.211036][T14908]  dump_stack_lvl+0x189/0x250
[  971.211063][T14908]  ? __pfx____ratelimit+0x10/0x10
[  971.211085][T14908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  971.211107][T14908]  ? __pfx__printk+0x10/0x10
[  971.211125][T14908]  ? __might_fault+0xb0/0x130
[  971.211155][T14908]  should_fail_ex+0x414/0x560
[  971.211180][T14908]  _copy_from_user+0x2d/0xb0
[  971.211203][T14908]  __sys_bpf+0x1ed/0x860
[  971.211224][T14908]  ? __pfx___sys_bpf+0x10/0x10
[  971.211256][T14908]  ? ksys_write+0x22a/0x250
[  971.211276][T14908]  ? __pfx_ksys_write+0x10/0x10
[  971.211292][T14908]  ? rcu_is_watching+0x15/0xb0
[  971.211321][T14908]  __x64_sys_bpf+0x7c/0x90
[  971.211340][T14908]  do_syscall_64+0xfa/0x3b0
[  971.211360][T14908]  ? lockdep_hardirqs_on+0x9c/0x150
[  971.211381][T14908]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.211397][T14908]  ? clear_bhb_loop+0x60/0xb0
[  971.211418][T14908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.211434][T14908] RIP: 0033:0x7eff9478e929
[  971.211450][T14908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.211464][T14908] RSP: 002b:00007eff955c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  971.211482][T14908] RAX: ffffffffffffffda RBX: 00007eff949b5fa0 RCX: 00007eff9478e929
[  971.211494][T14908] RDX: 0000000000000020 RSI: 0000200000000300 RDI: 0000000000000004
[  971.211505][T14908] RBP: 00007eff955c3090 R08: 0000000000000000 R09: 0000000000000000
[  971.211515][T14908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.211525][T14908] R13: 0000000000000000 R14: 00007eff949b5fa0 R15: 00007ffdac754db8
[  971.211553][T14908]  </TASK>
[  971.973785][T14917] FAULT_INJECTION: forcing a failure.
[  971.973785][T14917] name failslab, interval 1, probability 0, space 0, times 0
[  972.027851][T14917] CPU: 0 UID: 0 PID: 14917 Comm: syz.4.2472 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  972.027877][T14917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  972.027887][T14917] Call Trace:
[  972.027894][T14917]  <TASK>
[  972.027902][T14917]  dump_stack_lvl+0x189/0x250
[  972.027928][T14917]  ? __pfx____ratelimit+0x10/0x10
[  972.027967][T14917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  972.027990][T14917]  ? __pfx__printk+0x10/0x10
[  972.028013][T14917]  ? __pfx___might_resched+0x10/0x10
[  972.028034][T14917]  ? fs_reclaim_acquire+0x7d/0x100
[  972.028061][T14917]  should_fail_ex+0x414/0x560
[  972.028086][T14917]  should_failslab+0xa8/0x100
[  972.028109][T14917]  __kmalloc_cache_noprof+0x70/0x3d0
[  972.028128][T14917]  ? __request_module+0x2b5/0x5e0
[  972.028152][T14917]  __request_module+0x2b5/0x5e0
[  972.028179][T14917]  ? __pfx___request_module+0x10/0x10
[  972.028203][T14917]  ? kasan_quarantine_put+0xdd/0x220
[  972.028230][T14917]  ? nvmf_dev_write+0x1a29/0x2990
[  972.028252][T14917]  ? kfree+0x18e/0x440
[  972.028272][T14917]  nvmf_dev_write+0x1b9b/0x2990
[  972.028294][T14917]  ? is_bpf_text_address+0x26/0x2b0
[  972.028349][T14917]  ? __pfx_nvmf_dev_write+0x10/0x10
[  972.028376][T14917]  ? __lock_acquire+0xab9/0xd20
[  972.028425][T14917]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  972.028449][T14917]  ? bpf_lsm_file_permission+0x9/0x20
[  972.028469][T14917]  ? security_file_permission+0x75/0x290
[  972.028490][T14917]  ? rw_verify_area+0x258/0x650
[  972.028507][T14917]  ? __pfx_nvmf_dev_write+0x10/0x10
[  972.028531][T14917]  vfs_write+0x27b/0xa90
[  972.028557][T14917]  ? __pfx_vfs_write+0x10/0x10
[  972.028577][T14917]  ? __fget_files+0x2a/0x420
[  972.028599][T14917]  ? __fget_files+0x2a/0x420
[  972.028616][T14917]  ? __fget_files+0x3a0/0x420
[  972.028634][T14917]  ? __fget_files+0x2a/0x420
[  972.028664][T14917]  ksys_write+0x145/0x250
[  972.028685][T14917]  ? __pfx_ksys_write+0x10/0x10
[  972.028700][T14917]  ? rcu_is_watching+0x15/0xb0
[  972.028727][T14917]  ? do_syscall_64+0xbe/0x3b0
[  972.028753][T14917]  do_syscall_64+0xfa/0x3b0
[  972.028773][T14917]  ? lockdep_hardirqs_on+0x9c/0x150
[  972.028794][T14917]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.028810][T14917]  ? clear_bhb_loop+0x60/0xb0
[  972.028830][T14917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.028845][T14917] RIP: 0033:0x7fa5edf8e929
[  972.028861][T14917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  972.028874][T14917] RSP: 002b:00007fa5eed10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  972.028891][T14917] RAX: ffffffffffffffda RBX: 00007fa5ee1b5fa0 RCX: 00007fa5edf8e929
[  972.028903][T14917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  972.028913][T14917] RBP: 00007fa5eed10090 R08: 0000000000000000 R09: 0000000000000000
[  972.028923][T14917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  972.028933][T14917] R13: 0000000000000000 R14: 00007fa5ee1b5fa0 R15: 00007fff06376f98
[  972.028968][T14917]  </TASK>
[  972.030401][T14917] nvme_fabrics: missing parameter 'transport=%s'
[  972.034647][T14470] veth0_vlan: entered promiscuous mode
[  972.055062][T14917] nvme_fabrics: missing parameter 'nqn=%s'
[  972.407827][T14470] veth1_vlan: entered promiscuous mode
[  973.098462][T14470] veth0_macvtap: entered promiscuous mode
[  973.542710][T14470] veth1_macvtap: entered promiscuous mode
[  973.633694][T14470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  973.651085][ T5939] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  973.689993][T14470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  973.950319][T14470] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  973.969620][T14470] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  973.990467][ T5939] usb 4-1: device descriptor read/64, error -71
[  974.512107][T14470] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  974.521917][T14470] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  975.018321][ T5939] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  975.091947][T14947] NILFS (nullb0): couldn't find nilfs on the device
[  975.215490][ T5939] usb 4-1: device descriptor read/64, error -71
[  975.458697][ T5939] usb usb4-port1: attempt power cycle
[  975.893588][ T5939] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  976.272385][ T5939] usb 4-1: device descriptor read/8, error -71
[  976.494779][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  976.527253][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  976.540054][ T5939] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  976.574185][ T5939] usb 4-1: device descriptor read/8, error -71
[  976.704134][ T5939] usb usb4-port1: unable to enumerate USB device
[  976.947427][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  977.095496][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  978.303073][T14980] 
@ÿ: renamed from veth0_vlan (while UP)
[  978.356773][T14977] KVM: debugfs: duplicate directory 14977-5
[  978.556022][T14987] bond13: entered allmulticast mode
[  980.057127][T15005] NILFS (nullb0): couldn't find nilfs on the device
[  981.078165][T15009] FAULT_INJECTION: forcing a failure.
[  981.078165][T15009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  981.117856][T15009] CPU: 0 UID: 0 PID: 15009 Comm: syz.4.2494 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  981.117884][T15009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  981.117895][T15009] Call Trace:
[  981.117902][T15009]  <TASK>
[  981.117911][T15009]  dump_stack_lvl+0x189/0x250
[  981.117938][T15009]  ? __pfx____ratelimit+0x10/0x10
[  981.117960][T15009]  ? __pfx_dump_stack_lvl+0x10/0x10
[  981.117981][T15009]  ? __pfx__printk+0x10/0x10
[  981.118009][T15009]  should_fail_ex+0x414/0x560
[  981.118033][T15009]  _copy_to_user+0x31/0xb0
[  981.118058][T15009]  simple_read_from_buffer+0xe1/0x170
[  981.118085][T15009]  proc_fail_nth_read+0x1df/0x250
[  981.118111][T15009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  981.118135][T15009]  ? rw_verify_area+0x258/0x650
[  981.118153][T15009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  981.118176][T15009]  vfs_read+0x1fd/0x980
[  981.118201][T15009]  ? __pfx___mutex_lock+0x10/0x10
[  981.118225][T15009]  ? __pfx_vfs_read+0x10/0x10
[  981.118245][T15009]  ? __fget_files+0x2a/0x420
[  981.118276][T15009]  ? __fget_files+0x3a0/0x420
[  981.118295][T15009]  ? __fget_files+0x2a/0x420
[  981.118324][T15009]  ksys_read+0x145/0x250
[  981.118342][T15009]  ? __fget_files+0x3a0/0x420
[  981.118363][T15009]  ? __pfx_ksys_read+0x10/0x10
[  981.118387][T15009]  ? do_syscall_64+0xbe/0x3b0
[  981.118412][T15009]  do_syscall_64+0xfa/0x3b0
[  981.118431][T15009]  ? lockdep_hardirqs_on+0x9c/0x150
[  981.118444][T15009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.118454][T15009]  ? clear_bhb_loop+0x60/0xb0
[  981.118466][T15009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.118476][T15009] RIP: 0033:0x7fa5edf8d33c
[  981.118486][T15009] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  981.118495][T15009] RSP: 002b:00007fa5eed10030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  981.118506][T15009] RAX: ffffffffffffffda RBX: 00007fa5ee1b5fa0 RCX: 00007fa5edf8d33c
[  981.118514][T15009] RDX: 000000000000000f RSI: 00007fa5eed100a0 RDI: 000000000000000c
[  981.118523][T15009] RBP: 00007fa5eed10090 R08: 0000000000000000 R09: 0000000000000000
[  981.118532][T15009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  981.118541][T15009] R13: 0000000000000000 R14: 00007fa5ee1b5fa0 R15: 00007fff06376f98
[  981.118569][T15009]  </TASK>
[  982.061604][T15022] mkiss: ax0: crc mode is auto.
[  983.376684][T15025] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2496'.
[  983.594191][T15026] netlink: 'syz.5.2496': attribute type 16 has an invalid length.
[  983.723223][T15026] netlink: 'syz.5.2496': attribute type 17 has an invalid length.
[  985.404841][T15040] bond1: entered allmulticast mode
[  985.568349][T15051] NILFS (nullb0): couldn't find nilfs on the device
[  986.802935][T15058] 9pnet: p9_errstr2errno: server reported unknown error �@íÎÇpî‘AçÁ›
¬ž;
KZì44§/@®qæžkøp
[  986.802935][T15058] éC<+¨¦³P5…"kÜÔö­¦ôÎx
[  988.000956][   T10] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  988.194986][   T10] usb 6-1: Using ep0 maxpacket: 32
[  988.212503][   T10] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  988.260374][   T10] usb 6-1: config 0 has no interface number 0
[  988.405908][T15081] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  988.692344][T15082] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2512'.
[  988.702618][T15082] netlink: 'syz.0.2512': attribute type 16 has an invalid length.
[  988.711601][T15082] netlink: 'syz.0.2512': attribute type 17 has an invalid length.
[  988.721040][   T10] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  988.749922][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  988.919077][   T10] usb 6-1: Product: syz
[  988.951681][   T10] usb 6-1: Manufacturer: syz
[  988.956334][   T10] usb 6-1: SerialNumber: syz
[  988.997403][ T5891] dummy0 speed is unknown, defaulting to 1000
[  989.011887][   T10] usb 6-1: config 0 descriptor??
[  989.040806][   T10] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  989.522376][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  989.614419][   T10] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  989.955549][   T10] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  990.002089][T15098] fuse: Bad value for 'fd'
[  990.035661][   T10] usb 6-1: USB disconnect, device number 2
[  990.096869][   T10] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  990.160413][T15100] bond14: entered allmulticast mode
[  990.188402][   T10] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  990.750420][   T10] quatech2 6-1:0.51: device disconnected
[  991.008545][T15115] NILFS (nullb0): couldn't find nilfs on the device
[  992.584910][   T10] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  992.893111][   T10] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  992.893166][   T10] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  992.893190][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  992.915755][   T10] gspca_main: stv0680-2.14.0 probing 041e:4007
[  993.506132][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  993.506290][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  993.684969][T15145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  993.686719][T15145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  993.951606][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  993.951630][   T10] stv0680 4-1:4.0: STV(e): camera ping failed!!
[  993.951976][   T10] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  993.951992][   T10] stv0680 4-1:4.0: last error: 0,  command = 0x0
[  993.958660][   T10] usb 4-1: USB disconnect, device number 22
[  994.035602][T15155] bond9: entered allmulticast mode
[  996.526881][T15173] tipc: Started in network mode
[  996.532394][T15173] tipc: Node identity ac141425, cluster identity 4711
[  996.541806][T15173] tipc: New replicast peer: 0.0.0.0
[  996.549353][T15173] tipc: Enabled bearer <udp:syz2>, priority 0
[  997.663880][ T5939] tipc: Node number set to 2886997029
[  997.811390][T15212] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2541'.
[  998.033503][T15218] bond15: entered allmulticast mode
[  998.198456][T15225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2544'.
[  998.335784][T15231] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2545'.
[  998.375132][T15231] netlink: 'syz.0.2545': attribute type 16 has an invalid length.
[  998.385287][T15231] netlink: 'syz.0.2545': attribute type 17 has an invalid length.
[  998.929959][ T5939] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  999.013308][T15250] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  999.378742][ T5939] usb 6-1: device descriptor read/64, error -71
[  999.621337][ T5939] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  999.841129][ T5939] usb 6-1: device descriptor read/64, error -71
[  999.914190][T15267] mkiss: ax0: crc mode is auto.
[ 1001.383443][ T5939] usb usb6-port1: attempt power cycle
[ 1002.261796][T15277] netlink: 'syz.0.2555': attribute type 1 has an invalid length.
[ 1005.031868][T15307] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1005.711418][ T5891] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 1005.788168][T15318] futex_wake_op: syz.0.2563 tries to shift op by 535; fix this program
[ 1005.891022][ T5891] usb 2-1: Using ep0 maxpacket: 16
[ 1005.907867][ T5891] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1005.967361][ T5891] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1006.006685][ T5891] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1006.130632][ T5891] usb 2-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.18
[ 1006.177755][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1006.208641][ T5891] usb 2-1: config 0 descriptor??
[ 1006.259270][ T5891] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1007.087679][T15347] overlayfs: failed to clone lowerpath
[ 1008.491276][ T5891] usb 2-1: USB disconnect, device number 30
[ 1014.944706][T15420] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1014.970714][T15416] FAULT_INJECTION: forcing a failure.
[ 1014.970714][T15416] name failslab, interval 1, probability 0, space 0, times 0
[ 1015.310113][T15416] CPU: 0 UID: 0 PID: 15416 Comm: syz.1.2586 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1015.310138][T15416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1015.310147][T15416] Call Trace:
[ 1015.310155][T15416]  <TASK>
[ 1015.310163][T15416]  dump_stack_lvl+0x189/0x250
[ 1015.310191][T15416]  ? __pfx____ratelimit+0x10/0x10
[ 1015.310220][T15416]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1015.310233][T15416]  ? __pfx__printk+0x10/0x10
[ 1015.310246][T15416]  ? __pfx___might_resched+0x10/0x10
[ 1015.310263][T15416]  should_fail_ex+0x414/0x560
[ 1015.310279][T15416]  should_failslab+0xa8/0x100
[ 1015.310293][T15416]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1015.310305][T15416]  ? nft_netdev_hook_alloc+0x1f0/0x530
[ 1015.310322][T15416]  nft_netdev_hook_alloc+0x1f0/0x530
[ 1015.310342][T15416]  nf_tables_parse_netdev_hooks+0x10b/0x8e0
[ 1015.310355][T15416]  ? nf_flow_table_init+0x280/0x2a0
[ 1015.310376][T15416]  nft_flowtable_parse_hook+0x465/0x8d0
[ 1015.310392][T15416]  ? __pfx_nft_flowtable_parse_hook+0x10/0x10
[ 1015.310408][T15416]  ? nf_flow_table_init+0x280/0x2a0
[ 1015.310423][T15416]  nf_tables_newflowtable+0x1220/0x20d0
[ 1015.310444][T15416]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[ 1015.310467][T15416]  ? __nla_parse+0x40/0x60
[ 1015.310482][T15416]  nfnetlink_rcv+0x1132/0x2520
[ 1015.310513][T15416]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1015.310558][T15416]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1015.310573][T15416]  netlink_unicast+0x75b/0x8d0
[ 1015.310594][T15416]  netlink_sendmsg+0x805/0xb30
[ 1015.310610][T15416]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1015.310624][T15416]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1015.310636][T15416]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1015.310647][T15416]  __sock_sendmsg+0x21c/0x270
[ 1015.310669][T15416]  ____sys_sendmsg+0x505/0x830
[ 1015.310684][T15416]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1015.310700][T15416]  ? import_iovec+0x74/0xa0
[ 1015.310718][T15416]  ___sys_sendmsg+0x21f/0x2a0
[ 1015.310730][T15416]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1015.310761][T15416]  ? __fget_files+0x2a/0x420
[ 1015.310773][T15416]  ? __fget_files+0x3a0/0x420
[ 1015.310791][T15416]  __x64_sys_sendmsg+0x19b/0x260
[ 1015.310804][T15416]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1015.310832][T15416]  do_syscall_64+0xfa/0x3b0
[ 1015.310852][T15416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1015.310866][T15416]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1015.310879][T15416]  ? clear_bhb_loop+0x60/0xb0
[ 1015.310898][T15416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1015.310913][T15416] RIP: 0033:0x7f137738e929
[ 1015.310928][T15416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1015.310942][T15416] RSP: 002b:00007f13782c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1015.310959][T15416] RAX: ffffffffffffffda RBX: 00007f13775b5fa0 RCX: 00007f137738e929
[ 1015.310971][T15416] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[ 1015.310982][T15416] RBP: 00007f13782c8090 R08: 0000000000000000 R09: 0000000000000000
[ 1015.310992][T15416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1015.311002][T15416] R13: 0000000000000000 R14: 00007f13775b5fa0 R15: 00007ffe4266fff8
[ 1015.311031][T15416]  </TASK>
[ 1017.625041][T15442] bond10: entered allmulticast mode
[ 1018.214738][T15441] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1018.222938][T15441] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1018.230567][T15441] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1018.237062][T15441] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1018.243264][T15441] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1018.250122][T15441] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1018.259051][T15441] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1018.692226][T15467] dns_resolver: Unsupported server list version (0)
[ 1019.272389][T13413] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1019.555410][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1019.707894][T13413] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[ 1019.724946][T13413] usb 6-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1019.811351][T13413] usb 6-1: Product: syz
[ 1019.920964][T13413] usb 6-1: SerialNumber: syz
[ 1019.952470][T13413] usb 6-1: config 0 descriptor??
[ 1020.371898][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[ 1020.820476][T12096] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1020.884795][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[ 1021.002799][T15462] Bluetooth: hci4: command 0x0406 tx timeout
[ 1021.391078][ T5939] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[ 1022.031487][   T30] audit: type=1107 audit(1751566265.176:95): pid=15504 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1022.038639][ T5939] usb 2-1: Using ep0 maxpacket: 32
[ 1022.140600][ T5939] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.195363][ T5939] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1022.752210][ T5939] usb 2-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[ 1022.767840][ T5939] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1022.798423][ T5939] usb 2-1: config 0 descriptor??
[ 1022.814684][ T5939] usb 2-1: bad CDC descriptors
[ 1023.085179][   T51] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1023.561249][T13413] usb 6-1: USB disconnect, device number 6
[ 1023.706482][ T5939] usb 2-1: USB disconnect, device number 31
[ 1025.141071][   T51] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1025.244949][ T5939] IPVS: starting estimator thread 0...
[ 1025.292391][T15542] FAULT_INJECTION: forcing a failure.
[ 1025.292391][T15542] name failslab, interval 1, probability 0, space 0, times 0
[ 1025.314039][T15542] CPU: 0 UID: 0 PID: 15542 Comm: syz.4.2609 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1025.314065][T15542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1025.314075][T15542] Call Trace:
[ 1025.314080][T15542]  <TASK>
[ 1025.314085][T15542]  dump_stack_lvl+0x189/0x250
[ 1025.314104][T15542]  ? __pfx____ratelimit+0x10/0x10
[ 1025.314118][T15542]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1025.314131][T15542]  ? __pfx__printk+0x10/0x10
[ 1025.314149][T15542]  should_fail_ex+0x414/0x560
[ 1025.314163][T15542]  should_failslab+0xa8/0x100
[ 1025.314177][T15542]  __kmalloc_noprof+0xcb/0x4f0
[ 1025.314188][T15542]  ? __nla_parse+0x40/0x60
[ 1025.314200][T15542]  ? seg6_local_build_state+0x129/0xdb0
[ 1025.314216][T15542]  seg6_local_build_state+0x129/0xdb0
[ 1025.314235][T15542]  ? __lock_acquire+0xab9/0xd20
[ 1025.314250][T15542]  ? __pfx_seg6_local_build_state+0x10/0x10
[ 1025.314271][T15542]  ? lwtunnel_build_state+0xe2/0x4c0
[ 1025.314286][T15542]  lwtunnel_build_state+0x384/0x4c0
[ 1025.314307][T15542]  ? lwtunnel_build_state+0xe2/0x4c0
[ 1025.314321][T15542]  fib_nh_common_init+0x14b/0x430
[ 1025.314331][T15542]  ? in6_dev_get+0x1a/0x290
[ 1025.314343][T15542]  ? __pfx_fib_nh_common_init+0x10/0x10
[ 1025.314352][T15542]  ? in6_dev_get+0x1a/0x290
[ 1025.314365][T15542]  fib6_nh_init+0x1608/0x1ff0
[ 1025.314384][T15542]  ? __pfx_fib6_nh_init+0x10/0x10
[ 1025.314394][T15542]  ? kasan_save_track+0x4f/0x80
[ 1025.314403][T15542]  ? kasan_save_track+0x3e/0x80
[ 1025.314412][T15542]  ? __kasan_kmalloc+0x93/0xb0
[ 1025.314422][T15542]  ? __kmalloc_noprof+0x27a/0x4f0
[ 1025.314432][T15542]  ? fib6_info_alloc+0x30/0xf0
[ 1025.314440][T15542]  ? ip6_route_info_create+0x142/0x860
[ 1025.314450][T15542]  ? ip6_route_add+0x49/0x1b0
[ 1025.314459][T15542]  ? inet6_rtm_newroute+0x1cf/0x18c0
[ 1025.314467][T15542]  ? rtnetlink_rcv_msg+0x7cf/0xb70
[ 1025.314481][T15542]  ? netlink_rcv_skb+0x208/0x470
[ 1025.314490][T15542]  ? netlink_unicast+0x75b/0x8d0
[ 1025.314503][T15542]  ? netlink_sendmsg+0x805/0xb30
[ 1025.314512][T15542]  ? __sock_sendmsg+0x21c/0x270
[ 1025.314524][T15542]  ? ____sys_sendmsg+0x505/0x830
[ 1025.314534][T15542]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1025.314543][T15542]  ? __x64_sys_sendmsg+0x19b/0x260
[ 1025.314552][T15542]  ? do_syscall_64+0xfa/0x3b0
[ 1025.314565][T15542]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.314590][T15542]  ? ip_fib_metrics_init+0x404/0x6f0
[ 1025.314606][T15542]  ip6_route_info_create_nh+0x16a/0xab0
[ 1025.314621][T15542]  ? __pfx_ip6_route_info_create_nh+0x10/0x10
[ 1025.314633][T15542]  ? ip6_route_info_create+0x508/0x860
[ 1025.314647][T15542]  ip6_route_add+0x6e/0x1b0
[ 1025.314659][T15542]  inet6_rtm_newroute+0x1cf/0x18c0
[ 1025.314671][T15542]  ? nlmon_xmit+0xb0/0x100
[ 1025.314683][T15542]  ? kmem_cache_free+0x18f/0x400
[ 1025.314696][T15542]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1025.314711][T15542]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1025.314725][T15542]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1025.314738][T15542]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1025.314751][T15542]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1025.314766][T15542]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1025.314778][T15542]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1025.314788][T15542]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1025.314800][T15542]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1025.314829][T15542]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1025.314843][T15542]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1025.314860][T15542]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1025.314873][T15542]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1025.314893][T15542]  ? ref_tracker_free+0x63a/0x7d0
[ 1025.314910][T15542]  ? __copy_skb_header+0xa7/0x550
[ 1025.314925][T15542]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1025.314943][T15542]  netlink_rcv_skb+0x208/0x470
[ 1025.314953][T15542]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1025.314968][T15542]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1025.314984][T15542]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1025.314994][T15542]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1025.315006][T15542]  netlink_unicast+0x75b/0x8d0
[ 1025.315030][T15542]  netlink_sendmsg+0x805/0xb30
[ 1025.315056][T15542]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1025.315080][T15542]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1025.315099][T15542]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1025.315116][T15542]  __sock_sendmsg+0x21c/0x270
[ 1025.315132][T15542]  ____sys_sendmsg+0x505/0x830
[ 1025.315146][T15542]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1025.315161][T15542]  ? import_iovec+0x74/0xa0
[ 1025.315178][T15542]  ___sys_sendmsg+0x21f/0x2a0
[ 1025.315190][T15542]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1025.315219][T15542]  ? __fget_files+0x2a/0x420
[ 1025.315231][T15542]  ? __fget_files+0x3a0/0x420
[ 1025.315249][T15542]  __x64_sys_sendmsg+0x19b/0x260
[ 1025.315261][T15542]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1025.315277][T15542]  ? __pfx_ksys_write+0x10/0x10
[ 1025.315287][T15542]  ? rcu_is_watching+0x15/0xb0
[ 1025.315308][T15542]  ? do_syscall_64+0xbe/0x3b0
[ 1025.315323][T15542]  do_syscall_64+0xfa/0x3b0
[ 1025.315336][T15542]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1025.315348][T15542]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.315357][T15542]  ? clear_bhb_loop+0x60/0xb0
[ 1025.315369][T15542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.315378][T15542] RIP: 0033:0x7fa5edf8e929
[ 1025.315387][T15542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1025.315395][T15542] RSP: 002b:00007fa5eed10038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1025.315406][T15542] RAX: ffffffffffffffda RBX: 00007fa5ee1b5fa0 RCX: 00007fa5edf8e929
[ 1025.315414][T15542] RDX: 0000000000000010 RSI: 0000200000000680 RDI: 0000000000000010
[ 1025.315420][T15542] RBP: 00007fa5eed10090 R08: 0000000000000000 R09: 0000000000000000
[ 1025.315426][T15542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1025.315432][T15542] R13: 0000000000000000 R14: 00007fa5ee1b5fa0 R15: 00007fff06376f98
[ 1025.315447][T15542]  </TASK>
[ 1025.361108][T15544] IPVS: using max 52 ests per chain, 124800 per kthread
[ 1025.845288][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1026.061766][T15550] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1026.578044][   T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1026.580731][   T10] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1028.891346][ T5939] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1028.916178][ T3526] Bluetooth: Error in BCSP hdr checksum
[ 1029.031302][ T5939] usb 5-1: device descriptor read/64, error -71
[ 1029.236132][ T5994] Bluetooth: Error in BCSP hdr checksum
[ 1029.511915][ T5939] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1029.680666][ T5939] usb 5-1: device descriptor read/64, error -71
[ 1029.728242][T15598] 9pnet_fd: Insufficient options for proto=fd
[ 1029.802270][ T5939] usb usb5-port1: attempt power cycle
[ 1030.049703][T15604] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2622'.
[ 1030.115504][T15604] 8021q: adding VLAN 0 to HW filter on device team1
[ 1030.191106][ T5939] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1030.277922][ T5939] usb 5-1: device descriptor read/8, error -71
[ 1030.876414][ T5939] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1030.991036][ T5139] Bluetooth: hci0: command 0x1003 tx timeout
[ 1031.023133][   T51] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1031.235040][ T5939] usb 5-1: device descriptor read/8, error -71
[ 1031.352632][ T5939] usb usb5-port1: unable to enumerate USB device
[ 1031.975656][T15634] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2630'.
[ 1032.160630][T15639] NILFS (nullb0): couldn't find nilfs on the device
[ 1032.825411][T15643] 9pnet_fd: Insufficient options for proto=fd
[ 1033.472480][T15652] 9pnet_fd: Insufficient options for proto=fd
[ 1035.435569][T15679] 9pnet_fd: Insufficient options for proto=fd
[ 1035.525347][T15680] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2638'.
[ 1036.008724][T15691] netlink: 'syz.5.2642': attribute type 12 has an invalid length.
[ 1036.088883][T15693] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2643'.
[ 1036.180325][T15695] NILFS (nullb0): couldn't find nilfs on the device
[ 1037.452162][T15703] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2645'.
[ 1040.818516][T15739] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1040.831016][T15739] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1040.839810][T15739] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1040.848717][T15739] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1041.305598][T15749] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2655'.
[ 1041.420355][T15747] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2654'.
[ 1041.776003][   T10] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1042.135090][   T10] usb 4-1: config 0 has an invalid interface number: 15 but max is 0
[ 1042.937280][   T10] usb 4-1: config 0 has no interface number 0
[ 1043.065918][   T10] usb 4-1: too many endpoints for config 0 interface 15 altsetting 121: 208, using maximum allowed: 30
[ 1043.142050][   T10] usb 4-1: config 0 interface 15 altsetting 121 has 0 endpoint descriptors, different from the interface descriptor's value: 208
[ 1043.237302][   T10] usb 4-1: config 0 interface 15 has no altsetting 0
[ 1043.266213][   T10] usb 4-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd
[ 1043.801655][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1044.171637][   T10] usb 4-1: Product: syz
[ 1044.175880][   T10] usb 4-1: Manufacturer: syz
[ 1044.180809][   T10] usb 4-1: SerialNumber: syz
[ 1044.201608][   T10] usb 4-1: config 0 descriptor??
[ 1044.367343][ T5973] usb 4-1: USB disconnect, device number 23
[ 1045.812616][T15792] IPv6: sit1: Disabled Multicast RS
[ 1045.832380][T15792] sit1: entered allmulticast mode
[ 1051.246458][T15847] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1051.257605][T15833] bond12: entered allmulticast mode
[ 1051.779003][T15854] FAULT_INJECTION: forcing a failure.
[ 1051.779003][T15854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1051.810981][T15854] CPU: 1 UID: 0 PID: 15854 Comm: syz.5.2677 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1051.811007][T15854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1051.811016][T15854] Call Trace:
[ 1051.811024][T15854]  <TASK>
[ 1051.811030][T15854]  dump_stack_lvl+0x189/0x250
[ 1051.811059][T15854]  ? __pfx____ratelimit+0x10/0x10
[ 1051.811082][T15854]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1051.811106][T15854]  ? __pfx__printk+0x10/0x10
[ 1051.811122][T15854]  ? __might_fault+0xb0/0x130
[ 1051.811151][T15854]  should_fail_ex+0x414/0x560
[ 1051.811173][T15854]  _copy_from_user+0x2d/0xb0
[ 1051.811196][T15854]  ___sys_sendmsg+0x158/0x2a0
[ 1051.811216][T15854]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1051.811266][T15854]  ? __fget_files+0x2a/0x420
[ 1051.811285][T15854]  ? __fget_files+0x3a0/0x420
[ 1051.811312][T15854]  __x64_sys_sendmsg+0x19b/0x260
[ 1051.811332][T15854]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1051.811360][T15854]  ? __pfx_ksys_write+0x10/0x10
[ 1051.811376][T15854]  ? rcu_is_watching+0x15/0xb0
[ 1051.811402][T15854]  ? do_syscall_64+0xbe/0x3b0
[ 1051.811426][T15854]  do_syscall_64+0xfa/0x3b0
[ 1051.811445][T15854]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1051.811464][T15854]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.811480][T15854]  ? clear_bhb_loop+0x60/0xb0
[ 1051.811498][T15854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.811523][T15854] RIP: 0033:0x7f2ae838e929
[ 1051.811539][T15854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1051.811554][T15854] RSP: 002b:00007f2ae91e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1051.811573][T15854] RAX: ffffffffffffffda RBX: 00007f2ae85b5fa0 RCX: 00007f2ae838e929
[ 1051.811586][T15854] RDX: 0000000002004000 RSI: 00002000000010c0 RDI: 0000000000000004
[ 1051.811597][T15854] RBP: 00007f2ae91e1090 R08: 0000000000000000 R09: 0000000000000000
[ 1051.811609][T15854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1051.811619][T15854] R13: 0000000000000000 R14: 00007f2ae85b5fa0 R15: 00007ffc6c09df88
[ 1051.811649][T15854]  </TASK>
[ 1053.005152][T15865] ALSA: mixer_oss: invalid OSS volume ''
[ 1054.024928][   T30] audit: type=1107 audit(1751566297.176:96): pid=15884 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[ 1054.043608][T15886] nfs: Unknown parameter 'syzkaller'
[ 1054.853993][T15899] netlink: 'syz.1.2687': attribute type 10 has an invalid length.
[ 1054.916070][T15899] syz_tun: entered promiscuous mode
[ 1054.926140][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1055.131318][T15899] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2687'.
[ 1055.166544][T15899] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2687'.
[ 1055.934412][T15904] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1056.195314][T15916] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2691'.
[ 1058.571210][ T5939] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1059.362204][ T5939] usb 6-1: Using ep0 maxpacket: 16
[ 1059.388967][ T5939] usb 6-1: config 0 descriptor has 1 excess byte, ignoring
[ 1059.398347][ T5939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[ 1059.541040][ T5939] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[ 1059.574507][ T5939] usb 6-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[ 1059.592094][ T5939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1059.615950][ T5939] usb 6-1: Product: syz
[ 1059.640806][ T5939] usb 6-1: Manufacturer: syz
[ 1059.649035][ T5939] usb 6-1: SerialNumber: syz
[ 1059.682151][ T5939] usb 6-1: config 0 descriptor??
[ 1059.709571][T15931] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1059.799584][    C1] mcba_usb 6-1:0.0 can0: Tx URB aborted (-71)
[ 1059.815683][    C1] mcba_usb 6-1:0.0 can0: Tx URB aborted (-71)
[ 1059.822005][ T5939] mcba_usb 6-1:0.0: Microchip CAN BUS Analyzer connected
[ 1061.134139][ T5973] usb 6-1: USB disconnect, device number 7
[ 1061.208789][ T5973] mcba_usb 6-1:0.0 can0: device disconnected
[ 1061.327797][T15950] 9pnet_fd: Insufficient options for proto=fd
[ 1063.188048][T15981] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1063.433594][T15990] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1066.235012][T15983] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1066.242826][T15983] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1066.301664][T15983] bridge0: entered allmulticast mode
[ 1069.259834][T16080] FAULT_INJECTION: forcing a failure.
[ 1069.259834][T16080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1069.441253][T16080] CPU: 1 UID: 0 PID: 16080 Comm: syz.0.2737 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1069.441278][T16080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1069.441289][T16080] Call Trace:
[ 1069.441296][T16080]  <TASK>
[ 1069.441304][T16080]  dump_stack_lvl+0x189/0x250
[ 1069.441330][T16080]  ? __pfx____ratelimit+0x10/0x10
[ 1069.441349][T16080]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1069.441369][T16080]  ? __pfx__printk+0x10/0x10
[ 1069.441386][T16080]  ? __might_fault+0xb0/0x130
[ 1069.441416][T16080]  should_fail_ex+0x414/0x560
[ 1069.441439][T16080]  _copy_from_user+0x2d/0xb0
[ 1069.441463][T16080]  ___sys_sendmsg+0x158/0x2a0
[ 1069.441484][T16080]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1069.441532][T16080]  ? __fget_files+0x2a/0x420
[ 1069.441550][T16080]  ? __fget_files+0x3a0/0x420
[ 1069.441579][T16080]  __x64_sys_sendmsg+0x19b/0x260
[ 1069.441599][T16080]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1069.441624][T16080]  ? __pfx_ksys_write+0x10/0x10
[ 1069.441640][T16080]  ? rcu_is_watching+0x15/0xb0
[ 1069.441665][T16080]  ? do_syscall_64+0xbe/0x3b0
[ 1069.441690][T16080]  do_syscall_64+0xfa/0x3b0
[ 1069.441710][T16080]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1069.441729][T16080]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1069.441744][T16080]  ? clear_bhb_loop+0x60/0xb0
[ 1069.441764][T16080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1069.441779][T16080] RIP: 0033:0x7eff9478e929
[ 1069.441794][T16080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1069.441808][T16080] RSP: 002b:00007eff955c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1069.441826][T16080] RAX: ffffffffffffffda RBX: 00007eff949b5fa0 RCX: 00007eff9478e929
[ 1069.441838][T16080] RDX: 0000000002004000 RSI: 00002000000010c0 RDI: 0000000000000004
[ 1069.441849][T16080] RBP: 00007eff955c3090 R08: 0000000000000000 R09: 0000000000000000
[ 1069.441863][T16080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1069.441873][T16080] R13: 0000000000000000 R14: 00007eff949b5fa0 R15: 00007ffdac754db8
[ 1069.441900][T16080]  </TASK>
[ 1071.740348][T16110] FAULT_INJECTION: forcing a failure.
[ 1071.740348][T16110] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.777791][T16110] CPU: 0 UID: 0 PID: 16110 Comm: syz.5.2744 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1071.777829][T16110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1071.777840][T16110] Call Trace:
[ 1071.777846][T16110]  <TASK>
[ 1071.777853][T16110]  dump_stack_lvl+0x189/0x250
[ 1071.777881][T16110]  ? __pfx____ratelimit+0x10/0x10
[ 1071.777903][T16110]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1071.777923][T16110]  ? __pfx__printk+0x10/0x10
[ 1071.777946][T16110]  ? __pfx___might_resched+0x10/0x10
[ 1071.777966][T16110]  ? fs_reclaim_acquire+0x7d/0x100
[ 1071.777991][T16110]  should_fail_ex+0x414/0x560
[ 1071.778016][T16110]  should_failslab+0xa8/0x100
[ 1071.778038][T16110]  __kmalloc_noprof+0xcb/0x4f0
[ 1071.778055][T16110]  ? kfree+0x4d/0x440
[ 1071.778070][T16110]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1071.778096][T16110]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1071.778119][T16110]  ? tomoyo_domain+0xda/0x130
[ 1071.778145][T16110]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1071.778161][T16110]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1071.778182][T16110]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1071.778217][T16110]  ? __lock_acquire+0xab9/0xd20
[ 1071.778255][T16110]  ? __fget_files+0x2a/0x420
[ 1071.778278][T16110]  ? __fget_files+0x2a/0x420
[ 1071.778296][T16110]  ? __fget_files+0x3a0/0x420
[ 1071.778312][T16110]  ? __fget_files+0x2a/0x420
[ 1071.778335][T16110]  security_file_ioctl+0xcb/0x2d0
[ 1071.778357][T16110]  __se_sys_ioctl+0x47/0x170
[ 1071.778378][T16110]  do_syscall_64+0xfa/0x3b0
[ 1071.778399][T16110]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1071.778419][T16110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1071.778434][T16110]  ? clear_bhb_loop+0x60/0xb0
[ 1071.778454][T16110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1071.778469][T16110] RIP: 0033:0x7f2ae838e929
[ 1071.778483][T16110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1071.778497][T16110] RSP: 002b:00007f2ae91e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1071.778514][T16110] RAX: ffffffffffffffda RBX: 00007f2ae85b5fa0 RCX: 00007f2ae838e929
[ 1071.778524][T16110] RDX: 00002000000003c0 RSI: 00000000c0386105 RDI: 0000000000000003
[ 1071.778535][T16110] RBP: 00007f2ae91e1090 R08: 0000000000000000 R09: 0000000000000000
[ 1071.778544][T16110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1071.778553][T16110] R13: 0000000000000000 R14: 00007f2ae85b5fa0 R15: 00007ffc6c09df88
[ 1071.778579][T16110]  </TASK>
[ 1072.048488][T16110] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1072.077446][T16105] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2743'.
[ 1075.461226][ T5939] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1075.716638][ T5939] usb 4-1: config 0 has an invalid interface number: 219 but max is 0
[ 1075.754138][ T5939] usb 4-1: config 0 has no interface number 0
[ 1075.766682][ T5939] usb 4-1: config 0 interface 219 altsetting 0 endpoint 0xF has invalid maxpacket 1479, setting to 64
[ 1075.780972][ T5939] usb 4-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=65.bf
[ 1075.790309][ T5939] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1076.092011][ T5939] usb 4-1: config 0 descriptor??
[ 1076.118456][ T5939] rndis_host 4-1:0.219: invalid descriptor buffer length
[ 1076.140938][ T5939] usb 4-1: bad CDC descriptors
[ 1076.151719][ T5939] cdc_acm 4-1:0.219: invalid descriptor buffer length
[ 1076.798912][T16150] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2758'.
[ 1078.087064][T13969] usb 4-1: USB disconnect, device number 24
[ 1078.133698][ T5939] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1078.296517][ T5939] usb 5-1: Using ep0 maxpacket: 8
[ 1078.986494][ T5939] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1079.169599][ T5939] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1079.208388][ T5939] usb 5-1: Product: syz
[ 1079.213741][ T5939] usb 5-1: Manufacturer: syz
[ 1079.219621][ T5939] usb 5-1: SerialNumber: syz
[ 1079.274441][ T5939] usb 5-1: config 0 descriptor??
[ 1080.458996][T16195] FAULT_INJECTION: forcing a failure.
[ 1080.458996][T16195] name failslab, interval 1, probability 0, space 0, times 0
[ 1080.471962][T16195] CPU: 0 UID: 0 PID: 16195 Comm: syz.5.2768 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1080.471977][T16195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1080.471983][T16195] Call Trace:
[ 1080.471988][T16195]  <TASK>
[ 1080.471993][T16195]  dump_stack_lvl+0x189/0x250
[ 1080.472011][T16195]  ? __pfx____ratelimit+0x10/0x10
[ 1080.472026][T16195]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1080.472039][T16195]  ? __pfx__printk+0x10/0x10
[ 1080.472053][T16195]  ? __pfx___might_resched+0x10/0x10
[ 1080.472066][T16195]  ? fs_reclaim_acquire+0x7d/0x100
[ 1080.472083][T16195]  should_fail_ex+0x414/0x560
[ 1080.472098][T16195]  should_failslab+0xa8/0x100
[ 1080.472112][T16195]  __kmalloc_noprof+0xcb/0x4f0
[ 1080.472123][T16195]  ? taskstats_user_cmd+0x291/0x1160
[ 1080.472138][T16195]  taskstats_user_cmd+0x291/0x1160
[ 1080.472158][T16195]  ? __pfx_taskstats_user_cmd+0x10/0x10
[ 1080.472173][T16195]  ? __nla_parse+0x40/0x60
[ 1080.472188][T16195]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1080.472207][T16195]  genl_family_rcv_msg_doit+0x212/0x300
[ 1080.472227][T16195]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1080.472248][T16195]  ? bpf_lsm_capable+0x9/0x20
[ 1080.472261][T16195]  ? security_capable+0x7e/0x2e0
[ 1080.472279][T16195]  genl_rcv_msg+0x60e/0x790
[ 1080.472295][T16195]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1080.472306][T16195]  ? ref_tracker_free+0x63a/0x7d0
[ 1080.472318][T16195]  ? __pfx_taskstats_user_cmd+0x10/0x10
[ 1080.472329][T16195]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1080.472347][T16195]  netlink_rcv_skb+0x208/0x470
[ 1080.472358][T16195]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1080.472371][T16195]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1080.472391][T16195]  ? down_read+0x1ad/0x2e0
[ 1080.472401][T16195]  genl_rcv+0x28/0x40
[ 1080.472413][T16195]  netlink_unicast+0x75b/0x8d0
[ 1080.472434][T16195]  netlink_sendmsg+0x805/0xb30
[ 1080.472450][T16195]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1080.472471][T16195]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1080.472482][T16195]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1080.472505][T16195]  __sock_sendmsg+0x21c/0x270
[ 1080.472522][T16195]  ____sys_sendmsg+0x505/0x830
[ 1080.472536][T16195]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1080.472552][T16195]  ? import_iovec+0x74/0xa0
[ 1080.472570][T16195]  ___sys_sendmsg+0x21f/0x2a0
[ 1080.472582][T16195]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1080.472613][T16195]  ? __fget_files+0x2a/0x420
[ 1080.472626][T16195]  ? __fget_files+0x3a0/0x420
[ 1080.472644][T16195]  __x64_sys_sendmsg+0x19b/0x260
[ 1080.472656][T16195]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1080.472673][T16195]  ? __pfx_ksys_write+0x10/0x10
[ 1080.472683][T16195]  ? rcu_is_watching+0x15/0xb0
[ 1080.472699][T16195]  ? do_syscall_64+0xbe/0x3b0
[ 1080.472714][T16195]  do_syscall_64+0xfa/0x3b0
[ 1080.472727][T16195]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1080.472739][T16195]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.472749][T16195]  ? clear_bhb_loop+0x60/0xb0
[ 1080.472761][T16195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.472770][T16195] RIP: 0033:0x7f2ae838e929
[ 1080.472780][T16195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1080.472788][T16195] RSP: 002b:00007f2ae91e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1080.472800][T16195] RAX: ffffffffffffffda RBX: 00007f2ae85b5fa0 RCX: 00007f2ae838e929
[ 1080.472807][T16195] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1080.472813][T16195] RBP: 00007f2ae91e1090 R08: 0000000000000000 R09: 0000000000000000
[ 1080.472819][T16195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1080.472825][T16195] R13: 0000000000000000 R14: 00007f2ae85b5fa0 R15: 00007ffc6c09df88
[ 1080.472841][T16195]  </TASK>
[ 1081.397940][T16189] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2767'.
[ 1082.156069][ T5891] usb 5-1: USB disconnect, device number 25
[ 1083.674063][T16206] 9pnet_fd: Insufficient options for proto=fd
[ 1083.890451][T16213] netlink: 'syz.4.2775': attribute type 1 has an invalid length.
[ 1083.898464][T16213] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2775'.
[ 1083.907609][T16213] NCSI netlink: No device for ifindex 0
[ 1083.925557][T16213] /dev/nullb0: Can't open blockdev
[ 1087.398815][T16242] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.2780'.
[ 1087.408961][T16242] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.2780'.
[ 1090.588761][T16267] 9pnet_fd: Insufficient options for proto=fd
[ 1090.832245][T16272] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2788'.
[ 1090.906045][T16271] netlink: 'syz.3.2787': attribute type 1 has an invalid length.
[ 1090.914397][T16271] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2787'.
[ 1090.924468][T16271] NCSI netlink: No device for ifindex 0
[ 1090.946918][T16271] NILFS (nullb0): couldn't find nilfs on the device
[ 1091.259646][T16272] team0: Port device team_slave_1 removed
[ 1092.471240][ T5891] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1092.751213][ T5891] usb 6-1: Using ep0 maxpacket: 8
[ 1092.770682][ T5891] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1092.784543][ T5891] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1093.413597][ T5891] usb 6-1: config 1 has no interface number 1
[ 1093.830042][ T5891] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1093.839835][ T5891] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1093.860668][ T5891] usb 6-1: Product: syz
[ 1093.868817][ T5891] usb 6-1: Manufacturer: syz
[ 1093.881160][ T5891] usb 6-1: SerialNumber: syz
[ 1094.713333][ T5891] usb 6-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1094.728149][ T5891] usb 6-1: 2:1 : sample bitwidth 220 in over sample bytes 2
[ 1094.817365][ T5891] usb 6-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1094.889484][ T5891] usb 6-1: USB disconnect, device number 8
[ 1095.031718][T16316] 9pnet_fd: Insufficient options for proto=fd
[ 1095.420144][T14792] udevd[14792]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1095.817429][T16322] dvmrp0: entered allmulticast mode
[ 1098.191385][T16347] 9pnet_fd: Insufficient options for proto=fd
[ 1102.591731][T16387] netlink: 'syz.0.2818': attribute type 1 has an invalid length.
[ 1104.690570][T16408] 9pnet_fd: Insufficient options for proto=fd
[ 1108.575984][T16443] netlink: 'syz.5.2830': attribute type 16 has an invalid length.
[ 1109.059674][T16443] netlink: 'syz.5.2830': attribute type 17 has an invalid length.
[ 1109.089199][T16437] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1110.082991][T16437] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1111.243248][T16461] 9pnet_fd: Insufficient options for proto=fd
[ 1111.276649][T16451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2833'.
[ 1111.584443][T16443] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1111.591589][T16443] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1111.624240][T16443] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1111.631524][T16443] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1112.134855][T16474] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1116.471960][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1117.210272][   T30] audit: type=1326 audit(1751566360.296:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16512 comm="syz.1.2849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137738e929 code=0x7fc00000
[ 1117.268211][T16530] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2849'.
[ 1117.308505][T16532] 9pnet_fd: Insufficient options for proto=fd
[ 1117.372771][T16535] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1117.412380][T16536] netlink: 'syz.5.2852': attribute type 16 has an invalid length.
[ 1117.413118][T16535] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1117.509562][T16536] netlink: 'syz.5.2852': attribute type 17 has an invalid length.
[ 1118.043432][   T30] audit: type=1326 audit(1751566361.176:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16512 comm="syz.1.2849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f137738e929 code=0x7fc00000
[ 1118.385358][T16536] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.392605][T16536] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1118.633908][T16536] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.641203][T16536] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1120.937502][T16576] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2861'.
[ 1120.947986][T16576] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2861'.
[ 1120.957362][T16576] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2861'.
[ 1121.979325][ T5139] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1121.995265][ T5139] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1122.004762][ T5139] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1122.022694][ T5139] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1122.043857][ T5139] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1122.092573][T16579] dummy0 speed is unknown, defaulting to 1000
[ 1122.325374][T16579] chnl_net:caif_netlink_parms(): no params data found
[ 1122.563685][T16591] netlink: 160720 bytes leftover after parsing attributes in process `syz.4.2863'.
[ 1122.961861][T16597] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1122.963397][T16579] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.316464][T16579] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1123.325997][T16579] bridge_slave_0: entered allmulticast mode
[ 1123.512167][T16579] bridge_slave_0: entered promiscuous mode
[ 1123.612713][T16579] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1124.027645][T16579] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.086408][T16579] bridge_slave_1: entered allmulticast mode
[ 1124.100931][ T5139] Bluetooth: hci0: command tx timeout
[ 1124.119072][T16579] bridge_slave_1: entered promiscuous mode
[ 1124.451044][ T5139] Bluetooth: hci4: unexpected cc 0x2039 length: 9 > 1
[ 1124.458906][ T5139] Bluetooth: hci4: unexpected event for opcode 0x2039
[ 1124.545716][   T30] audit: type=1800 audit(1751566367.496:99): pid=16615 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.2869" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1124.950155][T16579] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1124.964635][T16579] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1125.023644][T16619] netlink: 'syz.3.2871': attribute type 1 has an invalid length.
[ 1125.031610][T16619] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2871'.
[ 1125.040743][T16619] NCSI netlink: No device for ifindex 0
[ 1125.049457][T16619] NILFS (nullb0): couldn't find nilfs on the device
[ 1125.112636][T16579] team0: Port device team_slave_0 added
[ 1125.200277][   T30] audit: type=1326 audit(1751566368.346:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1125.485519][   T30] audit: type=1326 audit(1751566368.346:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1125.500289][T16579] team0: Port device team_slave_1 added
[ 1125.761134][   T30] audit: type=1326 audit(1751566368.346:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1125.857554][   T30] audit: type=1326 audit(1751566368.346:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1126.147172][   T30] audit: type=1326 audit(1751566368.346:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1126.228316][ T5139] Bluetooth: hci0: command tx timeout
[ 1126.261060][   T30] audit: type=1326 audit(1751566368.346:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1126.306770][   T30] audit: type=1326 audit(1751566368.346:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1126.333003][   T30] audit: type=1326 audit(1751566368.346:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16616 comm="syz.5.2870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f2ae838e929 code=0x7ffc0000
[ 1128.261495][ T5139] Bluetooth: hci0: command tx timeout
[ 1128.308825][T16579] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1128.318866][T16579] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1128.347382][T16579] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1128.503344][ T5139] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1128.512912][ T5139] Bluetooth: hci4: Injecting HCI hardware error event
[ 1128.523896][   T51] Bluetooth: hci4: hardware error 0x00
[ 1128.702863][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.724747][T16579] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1128.741647][T16579] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1129.120476][T16579] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1129.743886][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1129.964548][T16664] netlink: 'syz.0.2882': attribute type 12 has an invalid length.
[ 1130.001130][T16664] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2882'.
[ 1130.342815][ T5139] Bluetooth: hci0: command tx timeout
[ 1130.581300][   T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1130.770751][T16669] netlink: 'syz.3.2883': attribute type 1 has an invalid length.
[ 1130.781766][T16669] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2883'.
[ 1130.791814][T16669] NCSI netlink: No device for ifindex 0
[ 1130.936456][T16669] NILFS (nullb0): couldn't find nilfs on the device
[ 1131.852925][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.889729][T16579] hsr_slave_0: entered promiscuous mode
[ 1131.932329][T16579] hsr_slave_1: entered promiscuous mode
[ 1131.938761][T16579] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1131.993117][T16579] Cannot create hsr debugfs directory
[ 1132.342890][T16684] 9pnet_fd: Insufficient options for proto=fd
[ 1132.721367][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1137.744198][T16730] 9pnet_fd: Insufficient options for proto=fd
[ 1138.019490][T16736] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2900'.
[ 1138.028556][T16736] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1139.607323][   T13] bridge_slave_1: left allmulticast mode
[ 1139.619878][   T13] bridge_slave_1: left promiscuous mode
[ 1139.763880][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1140.134137][T13969] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[ 1140.774679][   T13] bridge_slave_0: left allmulticast mode
[ 1140.783580][   T13] bridge_slave_0: left promiscuous mode
[ 1140.882427][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1140.921466][T13969] usb 6-1: device descriptor read/64, error -71
[ 1141.201449][T13969] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[ 1141.450277][T13969] usb 6-1: device descriptor read/64, error -71
[ 1141.942980][T13969] usb usb6-port1: attempt power cycle
[ 1142.126217][   T13] bridge0 (unregistering): left allmulticast mode
[ 1142.258278][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1142.280666][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1142.297139][   T13] bond0 (unregistering): Released all slaves
[ 1142.303778][T13969] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[ 1142.345286][T13969] usb 6-1: device descriptor read/8, error -71
[ 1142.442214][   T13] bond1 (unregistering): (slave veth3): Releasing backup interface
[ 1142.452405][   T13] bond1 (unregistering): Released all slaves
[ 1142.468860][   T13] bond2 (unregistering): Released all slaves
[ 1142.487171][   T13] bond3 (unregistering): Released all slaves
[ 1142.501658][   T13] bond4 (unregistering): Released all slaves
[ 1142.519496][   T13] bond5 (unregistering): Released all slaves
[ 1142.549248][   T13] bond6 (unregistering): Released all slaves
[ 1142.564996][   T13] bond7 (unregistering): Released all slaves
[ 1142.578761][   T13] bond8 (unregistering): Released all slaves
[ 1142.593713][   T13] bond9 (unregistering): Released all slaves
[ 1142.598347][T13969] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[ 1142.634171][   T13] bond10 (unregistering): Released all slaves
[ 1142.652589][T13969] usb 6-1: device descriptor read/8, error -71
[ 1142.818082][T13969] usb usb6-port1: unable to enumerate USB device
[ 1143.121765][   T13] : left promiscuous mode
[ 1145.927149][   T30] audit: type=1107 audit(1751566389.046:108): pid=16789 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1148.845625][T16825] tmpfs: Bad value for 'size'
[ 1148.929157][T16830] input: syz1 as /devices/virtual/input/input55
[ 1149.531376][   T13] hsr_slave_0: left promiscuous mode
[ 1149.557131][   T13] hsr_slave_1: left promiscuous mode
[ 1149.614426][   T13] veth1_macvtap: left promiscuous mode
[ 1149.670768][   T13] veth0_macvtap: left promiscuous mode
[ 1149.690560][   T13] veth1_vlan: left promiscuous mode
[ 1149.737793][   T13] veth0_vlan: left promiscuous mode
[ 1151.561035][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1151.603412][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1152.855424][T16579] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1152.937431][T16579] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1153.045246][T16579] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1153.271105][T16579] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1154.346775][T16579] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1154.451943][T16906] 9pnet_fd: Insufficient options for proto=fd
[ 1154.515061][T16579] 8021q: adding VLAN 0 to HW filter on device team0
[ 1154.530097][   T13] IPVS: stop unused estimator thread 0...
[ 1154.544310][ T5994] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1154.551562][ T5994] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1154.619813][ T5994] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1154.627173][ T5994] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1155.784069][T16919] FAULT_INJECTION: forcing a failure.
[ 1155.784069][T16919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1155.823231][T16919] CPU: 0 UID: 0 PID: 16919 Comm: syz.4.2936 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1155.823259][T16919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1155.823270][T16919] Call Trace:
[ 1155.823278][T16919]  <TASK>
[ 1155.823286][T16919]  dump_stack_lvl+0x189/0x250
[ 1155.823314][T16919]  ? __pfx____ratelimit+0x10/0x10
[ 1155.823337][T16919]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1155.823365][T16919]  ? __pfx__printk+0x10/0x10
[ 1155.823396][T16919]  should_fail_ex+0x414/0x560
[ 1155.823422][T16919]  _copy_to_user+0x31/0xb0
[ 1155.823447][T16919]  drm_ioctl+0x6a4/0xb10
[ 1155.823465][T16919]  ? smk_tskacc+0x2fc/0x370
[ 1155.823492][T16919]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[ 1155.823518][T16919]  ? __pfx_drm_ioctl+0x10/0x10
[ 1155.823551][T16919]  ? __fget_files+0x2a/0x420
[ 1155.823575][T16919]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1155.823597][T16919]  ? __pfx_drm_ioctl+0x10/0x10
[ 1155.823616][T16919]  __se_sys_ioctl+0xfc/0x170
[ 1155.823637][T16919]  do_syscall_64+0xfa/0x3b0
[ 1155.823657][T16919]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1155.823677][T16919]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.823694][T16919]  ? clear_bhb_loop+0x60/0xb0
[ 1155.823714][T16919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.823730][T16919] RIP: 0033:0x7fa5edf8e929
[ 1155.823745][T16919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1155.823759][T16919] RSP: 002b:00007fa5eed10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1155.823778][T16919] RAX: ffffffffffffffda RBX: 00007fa5ee1b5fa0 RCX: 00007fa5edf8e929
[ 1155.823790][T16919] RDX: 0000200000000400 RSI: 00000000c06864a2 RDI: 0000000000000008
[ 1155.823801][T16919] RBP: 00007fa5eed10090 R08: 0000000000000000 R09: 0000000000000000
[ 1155.823811][T16919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1155.823821][T16919] R13: 0000000000000000 R14: 00007fa5ee1b5fa0 R15: 00007fff06376f98
[ 1155.823848][T16919]  </TASK>
[ 1155.887710][T16579] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1156.173455][T16579] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1157.965497][T16579] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1158.162262][T13969] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1158.168683][T16579] veth0_vlan: entered promiscuous mode
[ 1158.245167][T16579] veth1_vlan: entered promiscuous mode
[ 1158.311855][T13969] usb 6-1: device descriptor read/64, error -71
[ 1158.422645][T16579] veth0_macvtap: entered promiscuous mode
[ 1158.452573][T16579] veth1_macvtap: entered promiscuous mode
[ 1158.701529][T13969] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1159.001158][T13969] usb 6-1: device descriptor read/64, error -71
[ 1159.074701][T16579] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1159.111197][T13969] usb usb6-port1: attempt power cycle
[ 1159.159713][T16579] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1159.227250][T16579] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1159.249872][T16579] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1159.279381][T16579] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1159.303853][T16579] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1159.352964][T16970] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[ 1159.376347][T16970] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1159.491959][T13969] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1159.523313][T13969] usb 6-1: device descriptor read/8, error -71
[ 1159.830998][T13969] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1159.844414][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1159.883019][T13969] usb 6-1: device descriptor read/8, error -71
[ 1159.901274][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1159.943980][T16983] netlink: 201856 bytes leftover after parsing attributes in process `syz.3.2947'.
[ 1159.966623][T16983] netlink: zone id is out of range
[ 1159.977716][T16983] netlink: zone id is out of range
[ 1159.983783][T16983] netlink: zone id is out of range
[ 1159.989141][T16983] netlink: zone id is out of range
[ 1160.008359][T16983] netlink: zone id is out of range
[ 1160.022168][T13969] usb usb6-port1: unable to enumerate USB device
[ 1160.038311][ T2933] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1160.047135][T16983] netlink: zone id is out of range
[ 1160.057021][T16983] netlink: zone id is out of range
[ 1160.067946][ T2933] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1160.078350][T16983] netlink: zone id is out of range
[ 1160.090617][T16983] netlink: zone id is out of range
[ 1161.743308][T17000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2857'.
[ 1162.104101][T17000] hsr_slave_0: left promiscuous mode
[ 1162.187247][T17000] hsr_slave_1: left promiscuous mode
[ 1164.231968][T17028] FAULT_INJECTION: forcing a failure.
[ 1164.231968][T17028] name failslab, interval 1, probability 0, space 0, times 0
[ 1164.829565][T17028] CPU: 0 UID: 0 PID: 17028 Comm: syz.0.2957 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1164.829593][T17028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1164.829603][T17028] Call Trace:
[ 1164.829611][T17028]  <TASK>
[ 1164.829619][T17028]  dump_stack_lvl+0x189/0x250
[ 1164.829648][T17028]  ? __pfx____ratelimit+0x10/0x10
[ 1164.829670][T17028]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1164.829691][T17028]  ? __pfx__printk+0x10/0x10
[ 1164.829713][T17028]  ? __pfx___might_resched+0x10/0x10
[ 1164.829736][T17028]  ? fs_reclaim_acquire+0x7d/0x100
[ 1164.829771][T17028]  should_fail_ex+0x414/0x560
[ 1164.829797][T17028]  should_failslab+0xa8/0x100
[ 1164.829819][T17028]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1164.829836][T17028]  ? p9_client_prepare_req+0x171/0xeb0
[ 1164.829862][T17028]  p9_client_prepare_req+0x171/0xeb0
[ 1164.829891][T17028]  ? kasan_save_track+0x4f/0x80
[ 1164.829907][T17028]  ? kasan_save_track+0x3e/0x80
[ 1164.829922][T17028]  ? __kasan_kmalloc+0x93/0xb0
[ 1164.829940][T17028]  ? __pfx_p9_client_prepare_req+0x10/0x10
[ 1164.829959][T17028]  ? v9fs_fid_lookup+0x9ab/0xb70
[ 1164.829973][T17028]  ? v9fs_file_open+0x20b/0x990
[ 1164.829992][T17028]  ? do_dentry_open+0xdf3/0x1970
[ 1164.830010][T17028]  ? vfs_open+0x3b/0x340
[ 1164.830028][T17028]  ? path_openat+0x2ee5/0x3830
[ 1164.830043][T17028]  ? do_filp_open+0x1fa/0x410
[ 1164.830056][T17028]  ? do_sys_openat2+0x121/0x1c0
[ 1164.830076][T17028]  ? __x64_sys_openat+0x138/0x170
[ 1164.830097][T17028]  ? do_syscall_64+0xfa/0x3b0
[ 1164.830130][T17028]  p9_client_rpc+0x188/0xa70
[ 1164.830164][T17028]  ? __pfx_p9_client_rpc+0x10/0x10
[ 1164.830196][T17028]  ? rcu_is_watching+0x15/0xb0
[ 1164.830218][T17028]  ? trace_9p_fid_ref+0x7c/0x1d0
[ 1164.830240][T17028]  p9_client_attach+0x168/0x3c0
[ 1164.830262][T17028]  ? __pfx_p9_client_attach+0x10/0x10
[ 1164.830282][T17028]  ? _raw_spin_unlock+0x28/0x50
[ 1164.830302][T17028]  ? v9fs_fid_find_inode+0x1d2/0x220
[ 1164.830321][T17028]  v9fs_fid_lookup+0x9ab/0xb70
[ 1164.830341][T17028]  ? smack_file_open+0x200/0x260
[ 1164.830361][T17028]  v9fs_file_open+0x20b/0x990
[ 1164.830391][T17028]  ? __pfx_v9fs_file_open+0x10/0x10
[ 1164.830411][T17028]  ? tomoyo_file_open+0x166/0x220
[ 1164.830440][T17028]  ? __pfx_v9fs_file_open+0x10/0x10
[ 1164.830461][T17028]  do_dentry_open+0xdf3/0x1970
[ 1164.830495][T17028]  vfs_open+0x3b/0x340
[ 1164.830514][T17028]  ? path_openat+0x2ecd/0x3830
[ 1164.830532][T17028]  path_openat+0x2ee5/0x3830
[ 1164.830548][T17028]  ? arch_stack_walk+0xfc/0x150
[ 1164.830604][T17028]  ? __pfx_path_openat+0x10/0x10
[ 1164.830618][T17028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.830655][T17028]  do_filp_open+0x1fa/0x410
[ 1164.830670][T17028]  ? __lock_acquire+0xab9/0xd20
[ 1164.830693][T17028]  ? __pfx_do_filp_open+0x10/0x10
[ 1164.830728][T17028]  ? _raw_spin_unlock+0x28/0x50
[ 1164.830752][T17028]  ? alloc_fd+0x64c/0x6c0
[ 1164.830780][T17028]  do_sys_openat2+0x121/0x1c0
[ 1164.830802][T17028]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1164.830824][T17028]  ? exc_page_fault+0x76/0xf0
[ 1164.830846][T17028]  ? do_user_addr_fault+0xc8a/0x1390
[ 1164.830868][T17028]  __x64_sys_openat+0x138/0x170
[ 1164.830896][T17028]  do_syscall_64+0xfa/0x3b0
[ 1164.830917][T17028]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1164.830937][T17028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.830953][T17028]  ? clear_bhb_loop+0x60/0xb0
[ 1164.830973][T17028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.830990][T17028] RIP: 0033:0x7eff9478d290
[ 1164.831005][T17028] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1164.831018][T17028] RSP: 002b:00007eff955c2b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1164.831037][T17028] RAX: ffffffffffffffda RBX: 0000000000000400 RCX: 00007eff9478d290
[ 1164.831048][T17028] RDX: 0000000000000400 RSI: 00007eff955c2c10 RDI: 00000000ffffff9c
[ 1164.831057][T17028] RBP: 00007eff955c2c10 R08: 0000000000000000 R09: 0000000000000000
[ 1164.831067][T17028] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[ 1164.831078][T17028] R13: 0000000000000000 R14: 00007eff949b5fa0 R15: 00007ffdac754db8
[ 1164.831105][T17028]  </TASK>
[ 1165.427111][ T5139] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1165.446227][ T5139] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1165.470349][ T5139] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1165.483893][ T5139] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1165.491208][ T5939] usb 2-1: new full-speed USB device number 32 using dummy_hcd
[ 1165.500717][ T5139] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1165.737358][ T5939] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1165.786504][ T5939] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1165.810053][ T5939] usb 2-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[ 1165.845555][ T5939] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1165.908222][ T5939] usb 2-1: Product: syz
[ 1165.929653][ T5939] usb 2-1: Manufacturer: syz
[ 1165.959013][ T5939] usb 2-1: SerialNumber: syz
[ 1166.247667][ T5939] usb 2-1: config 0 descriptor??
[ 1166.273656][ T5939] radioshark2 2-1:0.0: Invalid radioSHARK2 device
[ 1166.307382][ T5939] radioshark2 2-1:0.0: probe with driver radioshark2 failed with error -22
[ 1166.330600][ T5939] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1166.840520][T17037] dummy0 speed is unknown, defaulting to 1000
[ 1167.004492][T17046] omfs: Invalid superblock (0)
[ 1167.134887][ T5994] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1167.360962][ T5939] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1167.956072][ T5139] Bluetooth: hci1: command tx timeout
[ 1168.149486][   T43] usb 2-1: USB disconnect, device number 32
[ 1168.221403][ T5939] usb 6-1: Using ep0 maxpacket: 32
[ 1168.244556][ T5939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1168.346737][ T5939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1168.348677][ T5994] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1168.424182][ T5939] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1168.474548][ T5939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.530412][ T5939] usb 6-1: config 0 descriptor??
[ 1168.636340][T17071] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2964'.
[ 1171.635750][ T5139] Bluetooth: hci1: command tx timeout
[ 1171.694862][ T5939] usbhid 6-1:0.0: can't add hid device: -71
[ 1171.706438][ T5939] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1171.723100][ T5939] usb 6-1: USB disconnect, device number 17
[ 1171.836049][ T5994] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1171.888334][T17073] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1171.902524][T17073] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1172.039071][ T5994] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1172.051019][T17081] usb 4-1: new low-speed USB device number 25 using dummy_hcd
[ 1172.112678][T17097] FAULT_INJECTION: forcing a failure.
[ 1172.112678][T17097] name failslab, interval 1, probability 0, space 0, times 0
[ 1172.189496][T17097] CPU: 1 UID: 0 PID: 17097 Comm: syz.5.2970 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1172.189519][T17097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1172.189527][T17097] Call Trace:
[ 1172.189532][T17097]  <TASK>
[ 1172.189538][T17097]  dump_stack_lvl+0x189/0x250
[ 1172.189563][T17097]  ? __pfx____ratelimit+0x10/0x10
[ 1172.189582][T17097]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1172.189608][T17097]  ? __pfx__printk+0x10/0x10
[ 1172.189628][T17097]  ? __pfx___might_resched+0x10/0x10
[ 1172.189650][T17097]  should_fail_ex+0x414/0x560
[ 1172.189670][T17097]  should_failslab+0xa8/0x100
[ 1172.189690][T17097]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1172.189706][T17097]  ? __alloc_skb+0x112/0x2d0
[ 1172.189722][T17097]  __alloc_skb+0x112/0x2d0
[ 1172.189739][T17097]  netlink_sendmsg+0x5c6/0xb30
[ 1172.189763][T17097]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1172.189786][T17097]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1172.189801][T17097]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1172.189817][T17097]  __sock_sendmsg+0x21c/0x270
[ 1172.189838][T17097]  ____sys_sendmsg+0x505/0x830
[ 1172.189859][T17097]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1172.189883][T17097]  ? import_iovec+0x74/0xa0
[ 1172.189907][T17097]  ___sys_sendmsg+0x21f/0x2a0
[ 1172.189927][T17097]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1172.189983][T17097]  ? __fget_files+0x2a/0x420
[ 1172.189999][T17097]  ? __fget_files+0x3a0/0x420
[ 1172.190022][T17097]  __x64_sys_sendmsg+0x19b/0x260
[ 1172.190040][T17097]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1172.190063][T17097]  ? __pfx_ksys_write+0x10/0x10
[ 1172.190078][T17097]  ? rcu_is_watching+0x15/0xb0
[ 1172.190103][T17097]  ? do_syscall_64+0xbe/0x3b0
[ 1172.190125][T17097]  do_syscall_64+0xfa/0x3b0
[ 1172.190140][T17097]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1172.190159][T17097]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.190179][T17097]  ? clear_bhb_loop+0x60/0xb0
[ 1172.190197][T17097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.190210][T17097] RIP: 0033:0x7f2ae838e929
[ 1172.190224][T17097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1172.190237][T17097] RSP: 002b:00007f2ae91e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1172.190255][T17097] RAX: ffffffffffffffda RBX: 00007f2ae85b5fa0 RCX: 00007f2ae838e929
[ 1172.190267][T17097] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1172.190279][T17097] RBP: 00007f2ae91e1090 R08: 0000000000000000 R09: 0000000000000000
[ 1172.190289][T17097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1172.190297][T17097] R13: 0000000000000000 R14: 00007f2ae85b5fa0 R15: 00007ffc6c09df88
[ 1172.190321][T17097]  </TASK>
[ 1172.452451][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1172.572610][T17081] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1172.583050][T17081] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1172.647133][T17081] usb 4-1: config 0 descriptor??
[ 1172.901980][T17073] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1172.940942][T17073] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1173.364944][T17073] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1173.374845][T17073] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1173.388816][T17037] chnl_net:caif_netlink_parms(): no params data found
[ 1173.662586][T17073] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1173.676480][T17073] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1173.700941][    C0] ------------[ cut here ]------------
[ 1173.706820][    C0] workqueue: cannot queue hci_cmd_timeout on wq hci1
[ 1173.713626][    C0] WARNING: CPU: 0 PID: 5805 at kernel/workqueue.c:2258 __queue_work+0xd62/0xfe0
[ 1173.722706][    C0] Modules linked in:
[ 1173.727069][    C0] CPU: 0 UID: 0 PID: 5805 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1173.739252][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1173.749333][    C0] RIP: 0010:__queue_work+0xd62/0xfe0
[ 1173.754653][    C0] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 c9 e3 96 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 c0 e0 89 8b 4c 89 fa e8 5f 34 f9 ff 90 <0f> 0b 90 90 e9 f1 f4 ff ff e8 90 8b 35 00 90 0f 0b 90 e9 dd fc ff
[ 1173.774281][    C0] RSP: 0018:ffffc90000007b08 EFLAGS: 00010046
[ 1173.780366][    C0] RAX: 66410cccf681ae00 RBX: 0000000000000100 RCX: ffff888067b88000
[ 1173.788358][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1173.796327][    C0] RBP: 1ffff1100690f438 R08: 0000000000000003 R09: 0000000000000004
[ 1173.804297][    C0] R10: dffffc0000000000 R11: fffffbfff1bfa9fc R12: dffffc0000000000
[ 1173.812274][    C0] R13: ffff888027b7c988 R14: 0000000000000008 R15: ffff88803487a178
[ 1173.820255][    C0] FS:  0000555582699500(0000) GS:ffff888125c84000(0000) knlGS:0000000000000000
[ 1173.829205][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1173.835799][    C0] CR2: 00007f157abe0e00 CR3: 000000007f6f0000 CR4: 00000000003526f0
[ 1173.843781][    C0] Call Trace:
[ 1173.847060][    C0]  <IRQ>
[ 1173.849933][    C0]  call_timer_fn+0x17e/0x5f0
[ 1173.854542][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1173.860355][    C0]  ? call_timer_fn+0xbe/0x5f0
[ 1173.865035][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[ 1173.870169][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1173.875380][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1173.881215][    C0]  __run_timer_base+0x646/0x860
[ 1173.886087][    C0]  ? ktime_get+0x3e/0x1f0
[ 1173.890429][    C0]  ? __pfx___run_timer_base+0x10/0x10
[ 1173.895814][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[ 1173.902074][    C0]  run_timer_softirq+0xb7/0x180
[ 1173.906948][    C0]  handle_softirqs+0x283/0x870
[ 1173.911709][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[ 1173.916467][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1173.921797][    C0]  __irq_exit_rcu+0xca/0x1f0
[ 1173.926385][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1173.931597][    C0]  irq_exit_rcu+0x9/0x30
[ 1173.935834][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1173.941470][    C0]  </IRQ>
[ 1173.944410][    C0]  <TASK>
[ 1173.947357][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1173.953356][    C0] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1173.959160][    C0] Code: 00 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f 00 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1173.978756][    C0] RSP: 0018:ffffc90003e9f678 EFLAGS: 00050206
[ 1173.984824][    C0] RAX: ffffffff84b86501 RBX: ffff88806eec0000 RCX: 0000000000006940
[ 1173.992803][    C0] RDX: 0000000000000001 RSI: 00007f157abea0d0 RDI: ffff88806eec13c0
[ 1174.000775][    C0] RBP: ffffc90003e9f7d0 R08: ffff88806eec7cff R09: 1ffff1100ddd8f9f
[ 1174.008757][    C0] R10: dffffc0000000000 R11: ffffed100ddd8fa0 R12: 1ffff920007d3f77
[ 1174.016728][    C0] R13: 00007f157abe8d10 R14: ffffc90003e9fbc8 R15: 0000000000007d00
[ 1174.024726][    C0]  ? _copy_from_iter+0x1f1/0x16f0
[ 1174.029781][    C0]  _copy_from_iter+0x24c/0x16f0
[ 1174.034636][    C0]  ? trace_kmem_cache_alloc+0x1f/0xc0
[ 1174.040018][    C0]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1174.046098][    C0]  ? tcp_leave_memory_pressure+0xea/0x100
[ 1174.051831][    C0]  ? __pfx_tcp_leave_memory_pressure+0x10/0x10
[ 1174.057991][    C0]  ? __pfx__copy_from_iter+0x10/0x10
[ 1174.063279][    C0]  ? __sk_mem_raise_allocated+0x2c0/0x1240
[ 1174.069078][    C0]  ? alloc_pages_noprof+0xbe/0x190
[ 1174.074206][    C0]  ? __sk_mem_schedule+0x7f/0xf0
[ 1174.079158][    C0]  tcp_sendmsg_locked+0x225e/0x56f0
[ 1174.084387][    C0]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1174.089949][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1174.095318][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1174.100709][    C0]  tcp_sendmsg+0x2f/0x50
[ 1174.104966][    C0]  __sock_sendmsg+0x19c/0x270
[ 1174.109674][    C0]  sock_write_iter+0x258/0x330
[ 1174.112280][T17081] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1174.114453][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[ 1174.129725][    C0]  ? css_rstat_updated+0x1a5/0xca0
[ 1174.133525][T17081] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1174.134846][    C0]  ? bpf_lsm_file_permission+0x9/0x20
[ 1174.150395][    C0]  ? security_file_permission+0x75/0x290
[ 1174.151790][T17081] asix 4-1:0.0: probe with driver asix failed with error -71
[ 1174.156043][    C0]  vfs_write+0x548/0xa90
[ 1174.156077][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[ 1174.172964][    C0]  ? __pfx_vfs_write+0x10/0x10
[ 1174.173818][T17081] usb 4-1: USB disconnect, device number 25
[ 1174.177739][    C0]  ? count_memcg_event_mm+0x21/0x260
[ 1174.177779][    C0]  ksys_write+0x145/0x250
[ 1174.193278][    C0]  ? __pfx_ksys_write+0x10/0x10
[ 1174.198161][    C0]  ? do_syscall_64+0xbe/0x3b0
[ 1174.202879][    C0]  do_syscall_64+0xfa/0x3b0
[ 1174.207402][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1174.212594][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.218648][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1174.223318][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.229212][    C0] RIP: 0033:0x7f157fd8d3a0
[ 1174.233637][    C0] Code: 40 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d a1 81 1f 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 1174.253234][    C0] RSP: 002b:00007fffd401c008 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 1174.261655][    C0] RAX: ffffffffffffffda RBX: 00000000460913c0 RCX: 00007f157fd8d3a0
[ 1174.269647][    C0] RDX: 000000000001f2f0 RSI: 00007f157abe0d10 RDI: 0000000000000003
[ 1174.277605][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 00000000005ffde8
[ 1174.285567][    C0] R10: 3e6d5cf22d4bc4c4 R11: 0000000000000202 R12: 000000000001f2f0
[ 1174.293528][    C0] R13: 00005555826b2240 R14: 00007fffd401c4d0 R15: 00007f157abe0d10
[ 1174.301523][    C0]  </TASK>
[ 1174.304565][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1174.311836][    C0] CPU: 0 UID: 0 PID: 5805 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[ 1174.323977][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1174.334023][    C0] Call Trace:
[ 1174.337294][    C0]  <IRQ>
[ 1174.340128][    C0]  dump_stack_lvl+0x99/0x250
[ 1174.344716][    C0]  ? __asan_memcpy+0x40/0x70
[ 1174.349297][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1174.354528][    C0]  ? __pfx__printk+0x10/0x10
[ 1174.359112][    C0]  panic+0x2db/0x790
[ 1174.363005][    C0]  ? __pfx_panic+0x10/0x10
[ 1174.367410][    C0]  ? show_trace_log_lvl+0x4fb/0x550
[ 1174.372608][    C0]  __warn+0x31b/0x4b0
[ 1174.376586][    C0]  ? __queue_work+0xd62/0xfe0
[ 1174.381266][    C0]  ? __queue_work+0xd62/0xfe0
[ 1174.385951][    C0]  report_bug+0x2be/0x4f0
[ 1174.390272][    C0]  ? __queue_work+0xd62/0xfe0
[ 1174.394942][    C0]  ? __queue_work+0xd62/0xfe0
[ 1174.399608][    C0]  ? __queue_work+0xd64/0xfe0
[ 1174.404273][    C0]  handle_bug+0x84/0x160
[ 1174.408504][    C0]  exc_invalid_op+0x1a/0x50
[ 1174.412995][    C0]  asm_exc_invalid_op+0x1a/0x20
[ 1174.417833][    C0] RIP: 0010:__queue_work+0xd62/0xfe0
[ 1174.423132][    C0] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 c9 e3 96 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 c0 e0 89 8b 4c 89 fa e8 5f 34 f9 ff 90 <0f> 0b 90 90 e9 f1 f4 ff ff e8 90 8b 35 00 90 0f 0b 90 e9 dd fc ff
[ 1174.442727][    C0] RSP: 0018:ffffc90000007b08 EFLAGS: 00010046
[ 1174.448786][    C0] RAX: 66410cccf681ae00 RBX: 0000000000000100 RCX: ffff888067b88000
[ 1174.456748][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1174.464706][    C0] RBP: 1ffff1100690f438 R08: 0000000000000003 R09: 0000000000000004
[ 1174.472665][    C0] R10: dffffc0000000000 R11: fffffbfff1bfa9fc R12: dffffc0000000000
[ 1174.480625][    C0] R13: ffff888027b7c988 R14: 0000000000000008 R15: ffff88803487a178
[ 1174.488594][    C0]  ? __queue_work+0xd61/0xfe0
[ 1174.493274][    C0]  call_timer_fn+0x17e/0x5f0
[ 1174.497852][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1174.503653][    C0]  ? call_timer_fn+0xbe/0x5f0
[ 1174.508333][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[ 1174.513451][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1174.518641][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1174.524441][    C0]  __run_timer_base+0x646/0x860
[ 1174.529284][    C0]  ? ktime_get+0x3e/0x1f0
[ 1174.533608][    C0]  ? __pfx___run_timer_base+0x10/0x10
[ 1174.538964][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[ 1174.545200][    C0]  run_timer_softirq+0xb7/0x180
[ 1174.550041][    C0]  handle_softirqs+0x283/0x870
[ 1174.554800][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[ 1174.559562][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1174.564848][    C0]  __irq_exit_rcu+0xca/0x1f0
[ 1174.569430][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1174.574621][    C0]  irq_exit_rcu+0x9/0x30
[ 1174.578847][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1174.584475][    C0]  </IRQ>
[ 1174.587392][    C0]  <TASK>
[ 1174.590310][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1174.596281][    C0] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1174.602084][    C0] Code: 00 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f 00 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1174.621712][    C0] RSP: 0018:ffffc90003e9f678 EFLAGS: 00050206
[ 1174.627769][    C0] RAX: ffffffff84b86501 RBX: ffff88806eec0000 RCX: 0000000000006940
[ 1174.635736][    C0] RDX: 0000000000000001 RSI: 00007f157abea0d0 RDI: ffff88806eec13c0
[ 1174.643706][    C0] RBP: ffffc90003e9f7d0 R08: ffff88806eec7cff R09: 1ffff1100ddd8f9f
[ 1174.651672][    C0] R10: dffffc0000000000 R11: ffffed100ddd8fa0 R12: 1ffff920007d3f77
[ 1174.659662][    C0] R13: 00007f157abe8d10 R14: ffffc90003e9fbc8 R15: 0000000000007d00
[ 1174.667654][    C0]  ? _copy_from_iter+0x1f1/0x16f0
[ 1174.672693][    C0]  _copy_from_iter+0x24c/0x16f0
[ 1174.677546][    C0]  ? trace_kmem_cache_alloc+0x1f/0xc0
[ 1174.682918][    C0]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1174.688989][    C0]  ? tcp_leave_memory_pressure+0xea/0x100
[ 1174.694717][    C0]  ? __pfx_tcp_leave_memory_pressure+0x10/0x10
[ 1174.700877][    C0]  ? __pfx__copy_from_iter+0x10/0x10
[ 1174.706177][    C0]  ? __sk_mem_raise_allocated+0x2c0/0x1240
[ 1174.711984][    C0]  ? alloc_pages_noprof+0xbe/0x190
[ 1174.717096][    C0]  ? __sk_mem_schedule+0x7f/0xf0
[ 1174.722034][    C0]  tcp_sendmsg_locked+0x225e/0x56f0
[ 1174.727273][    C0]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1174.732818][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1174.738193][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1174.743573][    C0]  tcp_sendmsg+0x2f/0x50
[ 1174.747818][    C0]  __sock_sendmsg+0x19c/0x270
[ 1174.752495][    C0]  sock_write_iter+0x258/0x330
[ 1174.757258][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[ 1174.762549][    C0]  ? css_rstat_updated+0x1a5/0xca0
[ 1174.767658][    C0]  ? bpf_lsm_file_permission+0x9/0x20
[ 1174.773026][    C0]  ? security_file_permission+0x75/0x290
[ 1174.778661][    C0]  vfs_write+0x548/0xa90
[ 1174.782922][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[ 1174.788219][    C0]  ? __pfx_vfs_write+0x10/0x10
[ 1174.792989][    C0]  ? count_memcg_event_mm+0x21/0x260
[ 1174.798287][    C0]  ksys_write+0x145/0x250
[ 1174.802619][    C0]  ? __pfx_ksys_write+0x10/0x10
[ 1174.807476][    C0]  ? do_syscall_64+0xbe/0x3b0
[ 1174.812160][    C0]  do_syscall_64+0xfa/0x3b0
[ 1174.816666][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1174.821865][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.827930][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1174.832605][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.838493][    C0] RIP: 0033:0x7f157fd8d3a0
[ 1174.842907][    C0] Code: 40 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d a1 81 1f 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 1174.862508][    C0] RSP: 002b:00007fffd401c008 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 1174.870920][    C0] RAX: ffffffffffffffda RBX: 00000000460913c0 RCX: 00007f157fd8d3a0
[ 1174.878883][    C0] RDX: 000000000001f2f0 RSI: 00007f157abe0d10 RDI: 0000000000000003
[ 1174.886847][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 00000000005ffde8
[ 1174.894810][    C0] R10: 3e6d5cf22d4bc4c4 R11: 0000000000000202 R12: 000000000001f2f0
[ 1174.902780][    C0] R13: 00005555826b2240 R14: 00007fffd401c4d0 R15: 00007f157abe0d10
[ 1174.910757][    C0]  </TASK>
[ 1174.914014][    C0] Kernel Offset: disabled
[ 1174.918334][    C0] Rebooting in 86400 seconds..