last executing test programs:

3m31.272134169s ago: executing program 3 (id=4):
setsockopt$RDS_RECVERR(0xffffffffffffffff, 0x114, 0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f0000003700)=[{{0x0, 0x7f0, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

3m28.681667964s ago: executing program 3 (id=9):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000340)={'ip6tnl0\x00', &(0x7f00000002c0)=@ethtool_cmd={0x4f, 0x5, 0x8, 0x4fec, 0x4, 0x8, 0x1, 0x4, 0x2, 0x3, 0x95, 0x400, 0xfff7, 0x8, 0x6, 0xc3, [0x1, 0x9]}})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000a"], 0x14}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x20000000000000b6, &(0x7f00000001c0)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x7d, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x9, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0x64f, 0x6, 0x6, 0xfffffffffffffffc, 0x4ffff, 0x29]})
bind$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e22, 0x7, @empty, 0x6}, 0x1c)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e2, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, 0x0, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
connect$qrtr(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r7}, &(0x7f0000000240), &(0x7f0000000280)}, 0x20)

3m26.897508603s ago: executing program 3 (id=10):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x10, 0x0, &(0x7f0000000040)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0}) (fail_nth: 5)

3m26.425750964s ago: executing program 3 (id=13):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x36c18523, 0x401, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r3, &(0x7f00000000c0)='!', 0xb7f40}])

3m24.51400982s ago: executing program 32 (id=13):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x36c18523, 0x401, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r3, &(0x7f00000000c0)='!', 0xb7f40}])

14.269334724s ago: executing program 2 (id=575):
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = dup(r0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x200000, 0x10000}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x5, &(0x7f0000000200)={0x77359400}, 0x1, 0x4})
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
socket(0x2b, 0x80801, 0x1)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r2, 0x18, &(0x7f0000000140)={0x5, r2, 0x0, {0x8001, 0x1}, 0x6}, 0x1)
ioprio_set$uid(0x3, 0x0, 0x0)
write$FUSE_GETXATTR(r1, 0x0, 0x0)

13.641655248s ago: executing program 5 (id=576):
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000007640)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x34}}, 0x4000854)
r0 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, 0x0, &(0x7f0000000280))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGPKT(r4, 0x40045431, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
pselect6(0x40, &(0x7f0000000080)={0xe, 0x9, 0x9, 0x10000000, 0x6, 0x8, 0xc2db, 0x7ff}, 0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000600)=""/64, 0x40}, {&(0x7f0000000700)=""/252, 0xfc}, {&(0x7f0000000800)=""/184, 0xb8}, {&(0x7f00000008c0)=""/117, 0x75}, {&(0x7f0000000940)=""/250, 0xfa}], 0x5}}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000000c40)=""/238, 0xee}, {&(0x7f0000000d40)=""/4096, 0x1000}, {&(0x7f0000001d40)=""/191, 0xbf}, {&(0x7f0000001e00)=""/232, 0xe8}, {&(0x7f0000001f00)=""/162, 0xa2}, {&(0x7f0000001fc0)=""/109, 0x6d}, {&(0x7f0000000340)=""/49, 0x31}], 0x7}}], 0x2, 0x10000, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
accept4$ax25(r3, &(0x7f0000000540)={{0x3, @rose}, [@remote, @default, @null, @default, @remote, @remote, @rose, @default]}, &(0x7f0000000640)=0x48, 0x80000)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010c0800000000000000ae0024bd700fa754cbc5393ff90f039d19f9b5cdfc7d05cd45525fdd08624e9480ab707922ba2058ce8d0a957b7571ad6c2872e448ba76233ffe177abe33266f0603f053e8471c37c62cd2201d8459e8c19c4206f7e629cd084f08ac259efbe039560b1bceaf89d501805b9bcd2a4e5bcc6eed7f63252b5605533175c2f417439159478a2ac508215d87b351cc4f94c7ebefff413932d5261a79f949c5441e7e30c5fb35fb5deddcb88b45927f6b30f6644a5ae086f8633257633399705159b78431c2c8cd3ca4a126b0d01bc1d0886d2f96fe007215763a0955649541dfb000"/244, @ANYRES32=r7, @ANYBLOB="08009e009d582ebb1831375abce1e77fef679a50cbb8ba475d2979e9112e8b076cf75a5eef5d083f8f29656ef8feee4980e5060fb1e21392f70c07da54ab56aa7c51343e6d3dae71730eb95f0b122a426be338e7fa78a0cd289bd1d27eced21b8034fd186a3cf17b08b105414ebf1a4a55ee8ad5f8d94f760204f3589bf82c4009510227fa997e8613d7fa7c82493079441c49def120b7"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x4804)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0af90910"], 0xd)

12.480095949s ago: executing program 5 (id=582):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000009004"])
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x3416, 0x13100}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000340)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040), 0x400200, 0x0)
socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000010000000000070000000900010073797a30000000003c000000090a010400000000000000000700000408000a40000000000900020073797a31000000000900010073797a300000000008000540000000062c0000001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000140000001000010000000000000000000084000a"], 0xb0}}, 0x0)

12.478512995s ago: executing program 2 (id=583):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xc0}, [@ldst={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}]}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0xffffffffffffffff, 0x2, &(0x7f0000000200)={0x7, 0x3}, 0x0)
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x3, 0xf46de279176c0856)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x37, 0x1, 0x10100, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x1c, r6, 0xfc5, 0x70bd2a, 0x0, {{0x11}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
setpriority(0x0, 0x0, 0x9)
close(r4)
openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

10.950243753s ago: executing program 0 (id=587):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\\'], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068", 0x9, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/18, @ANYBLOB="ebffffffffffffff280012800b"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x300)

10.743822306s ago: executing program 5 (id=588):
iopl(0x3)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x408, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x97}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x4c, &(0x7f0000000200)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @in={0x2, 0x4e23, @loopback}, @in={0x2, 0x4e24, @broadcast}, @in={0x2, 0x4e21, @remote}]}, &(0x7f0000000180)=0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TIOCSTI(r4, 0x5412, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0xff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='btrfs\x00', 0x4418, &(0x7f0000000100)='barrier')
r5 = gettid()
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="040e44067d0c808fde79bee21c786f1f0f3e53851594ab99b8cd5a7c8bfb1d4047397d952a28ce4457c08f3a41d072b1c0c4cbf2af748513d61bed20b662cdbae80346a4553cf5"], 0x47)
rt_tgsigqueueinfo(0x0, r5, 0x20, &(0x7f0000000000)={0x0, 0x2, 0x6})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={r0, r0, 0x7, 0x0, @void}, 0x10)
tkill(r5, 0x27)

10.501371876s ago: executing program 2 (id=589):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
mknod(&(0x7f00000000c0)='./file0\x00', 0x800, 0x9)

10.449000995s ago: executing program 4 (id=590):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x468, 0x0, 0x25, 0x148, 0x0, 0x60, 0x468, 0x2a8, 0x2a8, 0x468, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2a0, 0x2c8, 0x0, {0x200003ae, 0x7f00}, [@common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0xa214}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xa8, 0x108, 0x0, {}, [@common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, {0xfffffffffffffffc}}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4c8)
socket$alg(0x26, 0x5, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_writepages_result\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x22)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000180)={<r4=>0x0, @in={{0x2, 0x4e24, @rand_addr=0x64010100}}, 0xd9c, 0xfffff810, 0x1000, 0x8, 0x1}, &(0x7f00000000c0)=0x98)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000240)={r4, @in6={{0xa, 0x4e24, 0xbc1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}}, 0x2082, 0x179, 0x2, 0x25, 0xd0, 0x7}, 0x9c)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r6, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket(0x10, 0x3, 0x0)
sendto$inet6(r7, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f000c00100000000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232", 0x77, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='qi_submit\x00', r1, 0x0, 0x2}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r8, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r8, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, &(0x7f0000000480)={0x0, 0xff1f, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000440)={'filter\x00', 0x4}, 0x68)

9.691744658s ago: executing program 2 (id=591):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000680)=ANY=[@ANYBLOB="8c0100001e00810b000000000000000007000000", @ANYRES32=0x0, @ANYBLOB], 0x18c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r2, 0x4b72, &(0x7f0000000000)={0x1, 0x0, 0x7, 0x14, 0x1e8, &(0x7f0000000680)})

9.633868359s ago: executing program 1 (id=592):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x51857000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0xd, 0x8, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
ppoll(&(0x7f0000000080)=[{r0, 0xf542}], 0x1, 0x0, 0x0, 0x0)
signalfd4(r0, &(0x7f0000000340)={[0x1]}, 0x8, 0x80800)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0203"], 0x10}}, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x0, 0x0, 0x3}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = socket$unix(0x1, 0x0, 0x0)
fcntl$lock(r3, 0x6, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x1c})
ioctl(r2, 0x8b32, &(0x7f0000000040))
ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x9, 0x0, &(0x7f0000000040), 0x0, 0x0}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_clone(0x0, 0x0, 0xfffffffffffffdb5, 0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
mremap(&(0x7f00009d1000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f00002a0000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)

9.517896199s ago: executing program 0 (id=593):
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = dup(r0)
ioprio_set$uid(0x3, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r1, &(0x7f00000003c0)=ANY=[], 0xb0)

9.514977013s ago: executing program 5 (id=594):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f00000000c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0xf, 0x400000000000, 0x25, 0x7, 0x8, r1, 0x0, 0x0, 0x40000000000e7, 0x0, 0x2}])
socket$packet(0x11, 0x3, 0x300)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x5)
r7 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x18, 0x0)
landlock_restrict_self(r7, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msgrcv(0x0, 0x0, 0xfffffffffffffff7, 0x1, 0x86b1b18158a7c382)
bpf$LINK_DETACH(0x22, &(0x7f00000000c0), 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x48000}, 0x80)
write$UHID_CREATE(r0, &(0x7f0000000b00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x8, 0x3, 0x5, 0x1635}}, 0x120)
write$UHID_INPUT(r0, &(0x7f0000000c40)={0x8, {"751be3c602a0e5276e79c086adc21270633fb3d067b21d544abb92036ecf489f5b3345ad3d6df45ba403e3d9b1137267182b6c67e967f54aaae1a43f4632e4e173f8ce97adfb7996e5cd702f546f95645b64fc34a8730dc2b3be9d88f47e1f6a862b07ab1d850e3e817f6005dabb3381780aa95a7c31cb78bf8721902712937891e9438cd773ef9e8c64c67bf47ea562d9f71def0c6ea559873b67cbdec5e83ec479104c3b3d54aa973d173522c9779135e0b5d91a1cdec65798dd915f2f59515b9335b256d166d9aace8f6c881272af4514796e6bc6549a4c65a0b1fe100f9136250d114800ff60013f6361bd7a772bdba813242130a6afcd8df14522aeb8ab20c8b7ceaae10e40c273c91c9c6462141ccb4f873279862524f0252c25aabc8386c3e404f0acd9033d24103d662d33be10a409713a13b557843396136ffc3111cbebac293d82cf913a5ea34a5b728d8da1f80327f4386ae7e9c2b6997638c372ef75f40a8688e8c74b2689dafb6b2ad2b3d6b7d558beb22a305e5904ac8a291f188334baeecbabd5d0431d63468e2d456a30da83ce133247a76e72cb1b8794e2967ef0bc18f8fdab10838b725840dba1817f2ba431b5f4ff40c19f5c36195afd79cba926416b0f94283ecb68aab6bf10a562cc3291fd5b2ce009f966fd0a94b388a6c172305e281cfeec6f8688b98b36e9910913b12d7e8c4bee96918f412d409a873a56d863df5c254afed14ce8a8c43fc84d2036b40879290f282faf06a2884c74a79594776f260618a245769ab877c1ef31e27878ea89e4ca8bdd646ce95bab8a7d5a1de735048639a2d3680126211dc9c20085dd8d715e647197a0187d03a985bf06c8da5fd961aa49645b88a927b2a2455cbda4dd3382dd2af7a9430b8606f984f4424d19562d14380b171ef1424b84ea1d22e31555b7758264962a6fa03d39c7887f47a91815189dc63ab0ecef4692b2983025bab06aad0c7ff178aa62cc882a482940f3767ea1c679176a9bd308222625570ce4ce1b49cef27a3e2f50fae9eea4a6819be790a685ede4a36d6eaba696cde1d5b7b05765b84d4b70f750aff9dd455106d816ca6324b85b07d2622150605472b72a36f503dc5e01a5390458747aa3f19c8db247b97cb14222b5e79cc6e3135be812bc8ca7c9a155852cef9dcf017ae378d9ecc9482b4857dc98c403beaf9f8bc4960292777fc58221ad46e9d5976ce2941e4fe427810dfb032c99cef90cf17f4e0083c986d66e0e170c2fea96a7360897a81a57921a9025dd021c2b0f6bbe08f8a49d8ac428a7074930bd2ef7ad28a0f17550b45bbfddd723b710994160bcc0ea2e92dbcbb114fefe22db643b9d392118ec05d7f48807ea1c4b5e39845d8207dc6b24d5d8a573034189b3563cdd14f102e2b41239ad1581a7839981d56cbdb7d8c843560272a075788603ec9b62aec5de81c734e3d8118e271179cfdb9e0ffb460519d769c05ad2b5044c2eca76a2c0824b5275c06b8715c0b6df6625a70ca14cc86ebc401f7abbd6d53e8e5d391371840510a9fb2d515be1bb1581a7e2b3a8610425da60d9ba8a841c324c3e1487036a20bc4d9149cbad2be5ed0e37f5cd21eb0d475f0c5730139d8b790e768ea169ef74069b6ccb4d09c78fcd1f1b791faef2218ce5e2707ffd0e38ada6a96a88a53dfc2ad72c9791a92d6a4d86f0f832062d62d3b425f260f654266196584729971fc3903d24300c9da725d47daa985bddff4b6fe301eb324bf6a35157bd79a0cf213398380de3bd91f583d537415afff80658992a949e433ff048c1d2495dec0461f0dd5bf4c8ac506268cd959f3493d37f8feb754062ca89398ade01f923c850eebc84ba9ee3d8c46d880d6f54f0ceafa451669c44b3e5c64411b0c855c94e8d3c345915412e041d284481e4242a1ae828345d76614979c252316b0f5eec34b98077cf89ff1834c25de73e83ad92873f2da115c02af04b71e7303e6289dbe76aaf9e5400dbbd9952c985283ff18aea8a7cab00ae650d21d235b62d9c21965c9888deebd4102bc75b95d33c6b5548f64c3c3f8fa256f21ab2577354221d5ddbc7247d46fb3532ed6322eef55aa24ac77797a38d1614923e24a9d70f6a24e0a1f28519a202fd91100f4d12ce61c37c819874bfbe5c61b4eb06c1b2b1cce56afaf16d560cf4ea727566f701e10233051dd633f4cca90c09c7aa733ecc0932d855abc08566dffe484de6d498c3625f7c2ba5bb12925d5f12e6194e21df4a4d69e1d0915963a04959348d49de928635128126557f8b5b87e1a47da42b311c47d3f0f969f069404e72d8a0d3cb0147ae6ee87abf994f384959eae9c7a91509f94f53098a8017d62bb1050b28c7976309957c34321d5a9520567970280714857904fb6e8f8c54fcdbb768028e4b37d47fd53ebd9cadb94baecbb54c78c81f7a80dd4c616df98d20ec22a0459844828c18eb7ec6d46cdc535266468bef9cfc6ce844b4b7ec9e3ff9e2619c05b477f72be3448f931312ff85727d8e1f48fbb978cb4b22bf959e97ebf4f25e19710f38a2c518702853410b32e74a68c98d58973a4a5c9d3d99c331f0d918a76fd047bb77a18eb655f72f6867cb3093438a26f080dbff4c4cd9544b9f401da3db9d235921a44c61e8292b83f83e8c9825d50bb0dbe32216e21733da8024343206e571c1d051daa670895566a9a218fb112ab2cdfa6a76bfd6374454ee1c211e5871d4186af9c7fef85af11c5b8a11774a1dd890ed2d5723b8698c339bc32473a1b5a9ec39b093ed24a3ec02b6455479bb34fa5a96c1b38fbe356c36b863e28d1234b64bcc0d071c790283b9b71137948776d6a60b67ff552d64286db810ecb90f1117dbedf6d2ce3162ec4ca4070333d1bce11419c13fdc1772ffe70fb03ad824f285660ec0c1985fff2441eddd0fa4b58dc53256ffa0df94a59a3c4165d4ae8bb883b23a8512d435e026da4583183d5147dfb2e05742803c6e9a3166f9dc40e1565887b3fd5d97c00b97b1ac542c23658d4ff03e8b9f3ecf3e35206e6ab3f38f26b70ee4e101f84ad6e3dce689ebdfa544b27af4a9a78667f6ef3564f1f0ffd0a9ed142c77961c7ae9c9a1b300023b6d79511e65d3db989052be9166b4bf9fc128b05fc500af7e7938f4e7ba7d67a117cde6c6330ca18d57150c2d51281df54d8735410805a92d4e5885a580124ecc54bc49bf451c6110a7fa195ae5691743bc4f0d3ab0a1e434884bbfbe8d0e8a5de217269c54f2f2415dbdb7e9285c7006c21cf3b593eefffd79c52c4a95da668651ed12ffe7ec0d2206588c452d107d543cf90f514a417d67b30082ed8ea7ab609d27b4ef9a7e3ac9c0d32020bca61f1df1c83e0b9625e7d6944f6d1fa3e388fb88dc0fd053fe1f1d2c5fa282a59eb2459475c6f1b556fbc791104a6707b8d37d81e7bdf158417f3e920d07d3b6ff305bafec00291c825ffc7d965e570094853389f6996ef02cc3e2f5ce3468e2d0a4ded990d372c2b234c3c1bbd6b6cff24ce474cdd98c42e7179295ac12740cefaf6e86898fb7180db31116ac7bb6d06a242f1fff5530ac7fc47f6593ac73c1a231a73e28d5b4b90d1a596b981675e4f7e0616095dffa6807c49c9d147f5a81b2822b128b035f4de8e017e54ac06e2e7dd52b3bbd778a76477dbe33e6fce5ae786879ba0739de0dee0987258912445664a405cb12a01bb94a97abccdc6d3afe7b61ba72b403a2e66c4c6b2cad20c427c0daf1d9d2dc57ccd502ff4993367dd0debcadee0e431e9115977e1c51a1905fb54268d25aa71cf056358f6d2c4c8bccdc675e350499f7776a15b41fb9e74d56ce3c82a28e9ee1815e039c6b18c8c551ddd46689e27e4c6b4ec384ee8d7fe1bd0ef40a6c288111fd61f00302f7dc442183e6dc0a2cdbbd6d43e061687989f9fef7ce54b238038461bf941a0706e2dfa8c069f4d90d1381a7429b3e692e346074c4de9e208f473a8794a6aaac2a297c29a396a28a10f4a5fa17863ed592fc39d7e8549af9f952366cee76372cf17812964c7322b370ff7f8f2074cc16b88b7cf8fd44bc3504c77efa6effb0813fe4f8ad6da76054d84d50bd9d7e1ff78b9afb4988d843d298515895d9aeaa29e496492097c79d0ecd887045cbd37cc476decc5836640d9a000e2a0a9e389dd6a996cea1dc0a7f62e2abf25d6ebee990ef19db33783d0485eaf43476b134d6873fd9a4f376ec2e4ae0993407683597ebd9376ca9d9d85d4399b3d24b8b6bf0e4910f257f6f54887f321a3768f82982144c5fe4fdf40068c3c71d34ffec82726e704c40f82f537d41b3621f06c1bb11b1665de3732df4f3eb727c04ad6b25910d9d97163119a2b72ff40109edbc58676682e0f86f75870b6f639d368d11aa1ceae80708288757db2389b16a4420008ce4a7a8487cbb7c922108a1acff54a0da5fc32c4c1e29a483e50ab9818c15c86a4997b4c8ef8dce08f633d2b558823a1c3476e61badcbb4ebcfd5f89f4075f093f5ea52c5c6f6c3025a8558ffb7c38a0662c05b8c44c0af1f15d3df1b1814255e27e9edec3346e2d59202fd643cf51a8ac5fe2a17579433afb9898cdba1c31c6083a8040064cd67c5012738660a09677e2b2156074a6586c76b86b745e7e209884185226fdbc2d826e2264e0b8d9e8896af60d82cc06452366c5dbf959e14a1a12b56bea30e35b1f50cdf95e37e0a5d272a792caec048947dd56abfe85271f0131e8d7f542525230ee0b005fe6bdec05a5f42c7027b555292374b210b7a6d72139574e10500f7db0914270d122ad93a0893c6875008e6b055a0358a48ef9b9309089323a110fcc7c5122c45401532c075957214dd6c86305819ead9cdcddec00faf31b0be040165aee5210c648eb7ac1d856dfce811391876735a05e71f2c8fa0beed3c5489897de524dd52da8a18c5a69d0be29a59dba736addf52ba02bb14121660f973a030d705480ae121b44f6d46441af124982c6b759389977e32de862bf409eeae3eaf7321c779b1c2e32080e031d854c34ce5413a098e18ac7a4b871985c83b0ba4fe68d82061923547d3ea28e004fab11afa63fcd5a6149c4bb3a2480061e5d58899a5d717893c0b73be62d4a42eb3fec479aea240fae76ef79561d4a7bf26c4f67cbe1659557f20f8fce0e183e2b4da3553741cbd764714d3e6ebec6ff0a9fb7efcd99bc71c3938b4142ca0a69faa54bab2b4f7b9143633fd6e9a26f7766b8353f491a0bcb62066df77faaaf7b639d9455bdc8937968c51848e4391c52db579a48dcc3a7f1406053bbf06ee64eb3a5b7d2e0c63efdd5edeef53820e3e52d3d12828e39d698095aa3c3cd84989fc7ca73e541ba7da40aa2297a5e3633096dfb81b5c2ec6fbeb894e41bce4e8ec5096326feece88f5a795cad6097ea7c91ec487092ebad33c06f355a195d64d17afe092a0d7ae2161ad3d33f863336ed1e4055f7f81c065230e0c1fa5b332cd6a57692f3b0f60115dcece23ee7c46a45ac79e8ec19ca091c98f06750c802b103480ebe72849b22b7419ea1e35999d0b374286c20fe64880fc5259c61e300d15659b9f6a43127aaf0587048ca9a4284b2e25f3d079ddc194a7bf12a211bdc8f969be78e6d9a686c8ebdec19bd3518a901fd9bc3ad02065f0b145a8b72abf97d7584c7ebe6054e36d6f095df5a0cfc80e82878c4a5845f31e8f351e7411b0c81880523040585881fd87424e6288fc4b877a39bb81a9a40200c8e7a438d944c268d12d7ff1f234d2a12001d3a97ad15da3d628a420bcecd3f365488120", 0x1000}}, 0x1006)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)

9.342220189s ago: executing program 4 (id=595):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x1}, &(0x7f0000000100), &(0x7f0000000000)=<r5=>0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000003c0), 0x0)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r8, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r7, 0x3b89, &(0x7f00000001c0)={0x28, 0x0, r9, r8, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000140)={0x28, 0x4, r8, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
close(r7)
syz_io_uring_setup(0xa94, &(0x7f0000000280), &(0x7f00000003c0)=<r10=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r10, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r4, 0x48e9, 0x0, 0x0, 0x0, 0x0)

9.336060627s ago: executing program 0 (id=596):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, 0xffffffffffffffff, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x4000000004002, 0x0)
r3 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x89b8, 0x1, 0x0, 0x207}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x12})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0) (fail_nth: 5)

5.742633591s ago: executing program 0 (id=597):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000180)=0x2000000003, 0x12)
sendfile(r3, r2, 0x0, 0x401)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
ioctl$FICLONE(r0, 0x40049409, r4)
r5 = socket$qrtr(0x2a, 0x2, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r7=>r5}, './file0\x00'})
ioctl$sock_qrtr_TIOCINQ(r7, 0x541b, &(0x7f0000000180))
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
lseek(r8, 0x289e0cb5, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f00000001c0)={0x2c, &(0x7f0000000440)=ANY=[@ANYBLOB="0000050000000500b1a7485b253d54d54c3fd6e5eec62a403c971af529e6500697ab2d786d4c1d1d6592a113df66c3f0da772906a4cabd32a42b639222fd5459554ad74ae73c6dfbbb0d91daa2fb1128a7c3d33e919cb2090ec731b2d5e233f198b5186cefb7ff7a8b5501e290656dcb68cf16169e5fb59f05a9075c33bb978a5bf9f3f9354ba42f00d357c1d47b07bd946abf0dad79330757cc2fa13162442b96af6c8b1432ef4baac14b2383c6af4e744a94b72f1963bc410e35b9ea60d6a4e4da461b770253a844a9362ce8e1b460b0eb84bef405738de4c9b20bd08fe28dab64885adea4c40c332a3698fa"], 0x0, 0x0, 0x0, 0x0}, 0x0)
close(r5)
r9 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7f, 0x0, 0x7fff0023}]})
epoll_create1(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRESOCT=r9, @ANYRES16=r9, @ANYRESDEC=r6, @ANYBLOB="e547526a418302cfdb98791fb5ae78fd552128de72e75a792db6c67c69", @ANYRES32=r0, @ANYRES16=r2], 0x50)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r10, <r11=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r11}, 0x4)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f0000000540)=ANY=[@ANYRES64=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r12, 0x0, 0x8, 0x0, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r13}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')

5.601805475s ago: executing program 1 (id=598):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000009004"])
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x186, 0x0, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000340)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040), 0x400200, 0x0)
socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000010000000000070000000900010073797a30000000003c000000090a010400000000000000000700000408000a40000000000900020073797a31000000000900010073797a300000000008000540000000062c0000001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000140000001000010000000000000000000084000a"], 0xb0}}, 0x0)

5.442625698s ago: executing program 4 (id=599):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xc0}, [@ldst={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}]}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0xffffffffffffffff, 0x2, &(0x7f0000000200)={0x7, 0x3}, 0x0)
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x3, 0xf46de279176c0856)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x37, 0x1, 0x10100, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x1c, r6, 0xfc5, 0x70bd2a, 0x0, {{0x11}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
setpriority(0x0, 0x0, 0x9)
close(r4)
openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

5.373063254s ago: executing program 5 (id=600):
mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r1, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r1, 0x0, &(0x7f0000ff6000/0xa000)=nil, 0xa000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x7ffffffe, r1})

5.235659768s ago: executing program 5 (id=601):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00', <r2=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0xf59}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYRESOCT=r2, @ANYRES32=r2, @ANYRES32=r4, @ANYRES32], 0x48)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000c00)=@usbdevfs_driver={0x8, 0x28000000, &(0x7f0000000bc0)})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000004c0)={r2, 0x3, 0x6, @broadcast}, 0x10)
close_range(r1, r1, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB='ya\x00?\b\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00i\x00\v\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b'], 0x20}, 0x1, 0x0, 0x0, 0x200008c4}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004540)={0x2020, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0xffb6)
prctl$PR_SCHED_CORE(0x3e, 0x1, r7, 0x3, &(0x7f0000000000))

4.674155702s ago: executing program 1 (id=602):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 64)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x400c0, 0x20) (rerun: 64)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x4000004) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) (async, rerun: 32)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (rerun: 32)
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4, 0x0, 0x7}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0xb9) (async, rerun: 32)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/psched\x00') (rerun: 32)
lseek(r6, 0x2000, 0x0) (async, rerun: 32)
socket$netlink(0x10, 0x3, 0x4) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000000680)=""/102394, 0x18ffa) (async, rerun: 64)
socket$isdn(0x22, 0x2, 0x25) (rerun: 64)
dup3(r7, r5, 0x0)
capset(&(0x7f0000000080)={0x20071026, r1}, &(0x7f0000000040)={0x200000, 0x6, 0x3, 0x0, 0x3, 0xd3b8})
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000100)=0x15) (async)
socket$nl_route(0x10, 0x3, 0x0)

4.414102702s ago: executing program 1 (id=603):
mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r1, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r1, 0x0, &(0x7f0000ff6000/0xa000)=nil, 0xa000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r1}) (fail_nth: 5)

4.299047094s ago: executing program 4 (id=604):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x85}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x81, 0x0)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_ERRQUEUE(r6, 0x6b, 0x4, &(0x7f0000000000), &(0x7f0000000080)=0x4)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r8 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {0x0, 0x0, 0x0, @multicast1}}}}}, 0x0)
sendmsg(r8, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

3.109414925s ago: executing program 1 (id=605):
setsockopt(0xffffffffffffffff, 0x5, 0x5, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r1, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014) (fail_nth: 5)

2.965934353s ago: executing program 4 (id=606):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
rt_sigaction(0x1, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x102, 0x0, 0x73, 0x11, 0x43}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

1.232252895s ago: executing program 0 (id=607):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) (fail_nth: 5)
dup(r4)
unshare(0x2040400)
r5 = io_uring_setup(0x2e34, &(0x7f0000000180)={0x0, 0xe148})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
read(r6, &(0x7f0000000840)=""/40, 0x28)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0xfef85154c7902b6e)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r7, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a})
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x7c00, 0x0, 0x3)
r8 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x44c0c0, 0x48)
dup(r8)
syz_open_dev$tty20(0xc, 0x4, 0x0)

1.087883384s ago: executing program 4 (id=608):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, &(0x7f0000000280)="e918822466eb840333f0cf083e31b293608de6bbe1a6aaad82af135b89a65f837743cf93119b566a46fae315e3788c38d20cc74d4cc1a209e1d595785fdf197c625e15ea7f532a7bd1228c9483a16bb760b97af5e88e0ca6e13b243f93385e43d63ff4d5457b04865a1b9f2003db502abf8b4d9e62ef17c4d96731", &(0x7f0000000300)=""/230, 0x4}, 0x20)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='cq_alloc\x00', r0, 0x0, 0x9}, 0x18)
ppoll(&(0x7f00000000c0)=[{r2, 0x8040}], 0x1, 0x0, &(0x7f0000000140), 0x8)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x1, 0x5, 0x7}}, 0x30)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000000000", @ANYRES16], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',posixacl'])
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x3, 0x220104, 0xb, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r6, &(0x7f0000001680)={0x2020}, 0x2020)
syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0)

1.053138144s ago: executing program 2 (id=609):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vim2m(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1c0000004a008102e00f80ecdb4cb9020a", 0x11}, {&(0x7f0000001700)="0c74c75350f4a590e15c61", 0xb}], 0x2, 0x0, 0x0, 0x10}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$net_dm(&(0x7f0000000280), r2)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r5, 0x1, 0x7, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4048000)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wpan4\x00', <r8=>0x0})
sendmsg$NL802154_CMD_GET_SEC_DEV(r2, &(0x7f0000000640)={&(0x7f0000000400), 0xc, &(0x7f00000004c0)={&(0x7f00000005c0)={0x54, r3, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x54}, 0x1, 0x0, 0x0, 0x400f0}, 0x4008810)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000500)=<r9=>0x0)
mount$nfs(&(0x7f0000000280)=']\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x48420, &(0x7f0000000540)={[{}], [{@euid_eq}, {@smackfstransmute={'smackfstransmute', 0x3d, '\x00'}}, {@hash}, {@uid_lt={'uid<', r9}}]})
sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x100, 0x2, 0x2, 0x5, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x2}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x3}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x6}, @CTA_EXPECT_FLAGS={0x8}, @CTA_EXPECT_MASK={0x18, 0x3, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x4}, @CTA_EXPECT_TUPLE={0x94, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x38}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010102}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @remote}}}]}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x56f6535b}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}]}, 0x100}, 0x1, 0x0, 0x0, 0x24000010}, 0x200000c4)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000007060300000000000092c6000a010006050001000700000008000640000000036d5301aa5ca7a52e1b6825deb23dd2d1c18c9155fd5705afbdb9d4e44622603e8a169d0d6f5c65d496752e8cdaafb953f5e1e9030ac1c2f167b35a91eb87a9670072a08080fcd0d15a7dc094c0c73b9bef33d7f6647fe9f52b209046855f74bd985ad96e3e90cd67656371e4242a2bce4d0f909e0e5b41d528a46cf6f8ffba552b7c"], 0x24}, 0x1, 0x0, 0x0, 0x40805}, 0x200080d0)

789.874375ms ago: executing program 1 (id=610):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f00000000c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0xf, 0x400000000000, 0x25, 0x7, 0x8, r1, 0x0, 0x0, 0x40000000000e7, 0x0, 0x2}])
socket$packet(0x11, 0x3, 0x300)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x5)
r7 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x18, 0x0)
landlock_restrict_self(r7, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msgrcv(0x0, 0x0, 0xfffffffffffffff7, 0x1, 0x86b1b18158a7c382)
bpf$LINK_DETACH(0x22, &(0x7f00000000c0), 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x48000}, 0x80)
write$UHID_CREATE(r0, &(0x7f0000000b00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x8, 0x3, 0x5, 0x1635}}, 0x120)
write$UHID_INPUT(r0, &(0x7f0000000c40)={0x8, {"751be3c602a0e5276e79c086adc21270633fb3d067b21d544abb92036ecf489f5b3345ad3d6df45ba403e3d9b1137267182b6c67e967f54aaae1a43f4632e4e173f8ce97adfb7996e5cd702f546f95645b64fc34a8730dc2b3be9d88f47e1f6a862b07ab1d850e3e817f6005dabb3381780aa95a7c31cb78bf8721902712937891e9438cd773ef9e8c64c67bf47ea562d9f71def0c6ea559873b67cbdec5e83ec479104c3b3d54aa973d173522c9779135e0b5d91a1cdec65798dd915f2f59515b9335b256d166d9aace8f6c881272af4514796e6bc6549a4c65a0b1fe100f9136250d114800ff60013f6361bd7a772bdba813242130a6afcd8df14522aeb8ab20c8b7ceaae10e40c273c91c9c6462141ccb4f873279862524f0252c25aabc8386c3e404f0acd9033d24103d662d33be10a409713a13b557843396136ffc3111cbebac293d82cf913a5ea34a5b728d8da1f80327f4386ae7e9c2b6997638c372ef75f40a8688e8c74b2689dafb6b2ad2b3d6b7d558beb22a305e5904ac8a291f188334baeecbabd5d0431d63468e2d456a30da83ce133247a76e72cb1b8794e2967ef0bc18f8fdab10838b725840dba1817f2ba431b5f4ff40c19f5c36195afd79cba926416b0f94283ecb68aab6bf10a562cc3291fd5b2ce009f966fd0a94b388a6c172305e281cfeec6f8688b98b36e9910913b12d7e8c4bee96918f412d409a873a56d863df5c254afed14ce8a8c43fc84d2036b40879290f282faf06a2884c74a79594776f260618a245769ab877c1ef31e27878ea89e4ca8bdd646ce95bab8a7d5a1de735048639a2d3680126211dc9c20085dd8d715e647197a0187d03a985bf06c8da5fd961aa49645b88a927b2a2455cbda4dd3382dd2af7a9430b8606f984f4424d19562d14380b171ef1424b84ea1d22e31555b7758264962a6fa03d39c7887f47a91815189dc63ab0ecef4692b2983025bab06aad0c7ff178aa62cc882a482940f3767ea1c679176a9bd308222625570ce4ce1b49cef27a3e2f50fae9eea4a6819be790a685ede4a36d6eaba696cde1d5b7b05765b84d4b70f750aff9dd455106d816ca6324b85b07d2622150605472b72a36f503dc5e01a5390458747aa3f19c8db247b97cb14222b5e79cc6e3135be812bc8ca7c9a155852cef9dcf017ae378d9ecc9482b4857dc98c403beaf9f8bc4960292777fc58221ad46e9d5976ce2941e4fe427810dfb032c99cef90cf17f4e0083c986d66e0e170c2fea96a7360897a81a57921a9025dd021c2b0f6bbe08f8a49d8ac428a7074930bd2ef7ad28a0f17550b45bbfddd723b710994160bcc0ea2e92dbcbb114fefe22db643b9d392118ec05d7f48807ea1c4b5e39845d8207dc6b24d5d8a573034189b3563cdd14f102e2b41239ad1581a7839981d56cbdb7d8c843560272a075788603ec9b62aec5de81c734e3d8118e271179cfdb9e0ffb460519d769c05ad2b5044c2eca76a2c0824b5275c06b8715c0b6df6625a70ca14cc86ebc401f7abbd6d53e8e5d391371840510a9fb2d515be1bb1581a7e2b3a8610425da60d9ba8a841c324c3e1487036a20bc4d9149cbad2be5ed0e37f5cd21eb0d475f0c5730139d8b790e768ea169ef74069b6ccb4d09c78fcd1f1b791faef2218ce5e2707ffd0e38ada6a96a88a53dfc2ad72c9791a92d6a4d86f0f832062d62d3b425f260f654266196584729971fc3903d24300c9da725d47daa985bddff4b6fe301eb324bf6a35157bd79a0cf213398380de3bd91f583d537415afff80658992a949e433ff048c1d2495dec0461f0dd5bf4c8ac506268cd959f3493d37f8feb754062ca89398ade01f923c850eebc84ba9ee3d8c46d880d6f54f0ceafa451669c44b3e5c64411b0c855c94e8d3c345915412e041d284481e4242a1ae828345d76614979c252316b0f5eec34b98077cf89ff1834c25de73e83ad92873f2da115c02af04b71e7303e6289dbe76aaf9e5400dbbd9952c985283ff18aea8a7cab00ae650d21d235b62d9c21965c9888deebd4102bc75b95d33c6b5548f64c3c3f8fa256f21ab2577354221d5ddbc7247d46fb3532ed6322eef55aa24ac77797a38d1614923e24a9d70f6a24e0a1f28519a202fd91100f4d12ce61c37c819874bfbe5c61b4eb06c1b2b1cce56afaf16d560cf4ea727566f701e10233051dd633f4cca90c09c7aa733ecc0932d855abc08566dffe484de6d498c3625f7c2ba5bb12925d5f12e6194e21df4a4d69e1d0915963a04959348d49de928635128126557f8b5b87e1a47da42b311c47d3f0f969f069404e72d8a0d3cb0147ae6ee87abf994f384959eae9c7a91509f94f53098a8017d62bb1050b28c7976309957c34321d5a9520567970280714857904fb6e8f8c54fcdbb768028e4b37d47fd53ebd9cadb94baecbb54c78c81f7a80dd4c616df98d20ec22a0459844828c18eb7ec6d46cdc535266468bef9cfc6ce844b4b7ec9e3ff9e2619c05b477f72be3448f931312ff85727d8e1f48fbb978cb4b22bf959e97ebf4f25e19710f38a2c518702853410b32e74a68c98d58973a4a5c9d3d99c331f0d918a76fd047bb77a18eb655f72f6867cb3093438a26f080dbff4c4cd9544b9f401da3db9d235921a44c61e8292b83f83e8c9825d50bb0dbe32216e21733da8024343206e571c1d051daa670895566a9a218fb112ab2cdfa6a76bfd6374454ee1c211e5871d4186af9c7fef85af11c5b8a11774a1dd890ed2d5723b8698c339bc32473a1b5a9ec39b093ed24a3ec02b6455479bb34fa5a96c1b38fbe356c36b863e28d1234b64bcc0d071c790283b9b71137948776d6a60b67ff552d64286db810ecb90f1117dbedf6d2ce3162ec4ca4070333d1bce11419c13fdc1772ffe70fb03ad824f285660ec0c1985fff2441eddd0fa4b58dc53256ffa0df94a59a3c4165d4ae8bb883b23a8512d435e026da4583183d5147dfb2e05742803c6e9a3166f9dc40e1565887b3fd5d97c00b97b1ac542c23658d4ff03e8b9f3ecf3e35206e6ab3f38f26b70ee4e101f84ad6e3dce689ebdfa544b27af4a9a78667f6ef3564f1f0ffd0a9ed142c77961c7ae9c9a1b300023b6d79511e65d3db989052be9166b4bf9fc128b05fc500af7e7938f4e7ba7d67a117cde6c6330ca18d57150c2d51281df54d8735410805a92d4e5885a580124ecc54bc49bf451c6110a7fa195ae5691743bc4f0d3ab0a1e434884bbfbe8d0e8a5de217269c54f2f2415dbdb7e9285c7006c21cf3b593eefffd79c52c4a95da668651ed12ffe7ec0d2206588c452d107d543cf90f514a417d67b30082ed8ea7ab609d27b4ef9a7e3ac9c0d32020bca61f1df1c83e0b9625e7d6944f6d1fa3e388fb88dc0fd053fe1f1d2c5fa282a59eb2459475c6f1b556fbc791104a6707b8d37d81e7bdf158417f3e920d07d3b6ff305bafec00291c825ffc7d965e570094853389f6996ef02cc3e2f5ce3468e2d0a4ded990d372c2b234c3c1bbd6b6cff24ce474cdd98c42e7179295ac12740cefaf6e86898fb7180db31116ac7bb6d06a242f1fff5530ac7fc47f6593ac73c1a231a73e28d5b4b90d1a596b981675e4f7e0616095dffa6807c49c9d147f5a81b2822b128b035f4de8e017e54ac06e2e7dd52b3bbd778a76477dbe33e6fce5ae786879ba0739de0dee0987258912445664a405cb12a01bb94a97abccdc6d3afe7b61ba72b403a2e66c4c6b2cad20c427c0daf1d9d2dc57ccd502ff4993367dd0debcadee0e431e9115977e1c51a1905fb54268d25aa71cf056358f6d2c4c8bccdc675e350499f7776a15b41fb9e74d56ce3c82a28e9ee1815e039c6b18c8c551ddd46689e27e4c6b4ec384ee8d7fe1bd0ef40a6c288111fd61f00302f7dc442183e6dc0a2cdbbd6d43e061687989f9fef7ce54b238038461bf941a0706e2dfa8c069f4d90d1381a7429b3e692e346074c4de9e208f473a8794a6aaac2a297c29a396a28a10f4a5fa17863ed592fc39d7e8549af9f952366cee76372cf17812964c7322b370ff7f8f2074cc16b88b7cf8fd44bc3504c77efa6effb0813fe4f8ad6da76054d84d50bd9d7e1ff78b9afb4988d843d298515895d9aeaa29e496492097c79d0ecd887045cbd37cc476decc5836640d9a000e2a0a9e389dd6a996cea1dc0a7f62e2abf25d6ebee990ef19db33783d0485eaf43476b134d6873fd9a4f376ec2e4ae0993407683597ebd9376ca9d9d85d4399b3d24b8b6bf0e4910f257f6f54887f321a3768f82982144c5fe4fdf40068c3c71d34ffec82726e704c40f82f537d41b3621f06c1bb11b1665de3732df4f3eb727c04ad6b25910d9d97163119a2b72ff40109edbc58676682e0f86f75870b6f639d368d11aa1ceae80708288757db2389b16a4420008ce4a7a8487cbb7c922108a1acff54a0da5fc32c4c1e29a483e50ab9818c15c86a4997b4c8ef8dce08f633d2b558823a1c3476e61badcbb4ebcfd5f89f4075f093f5ea52c5c6f6c3025a8558ffb7c38a0662c05b8c44c0af1f15d3df1b1814255e27e9edec3346e2d59202fd643cf51a8ac5fe2a17579433afb9898cdba1c31c6083a8040064cd67c5012738660a09677e2b2156074a6586c76b86b745e7e209884185226fdbc2d826e2264e0b8d9e8896af60d82cc06452366c5dbf959e14a1a12b56bea30e35b1f50cdf95e37e0a5d272a792caec048947dd56abfe85271f0131e8d7f542525230ee0b005fe6bdec05a5f42c7027b555292374b210b7a6d72139574e10500f7db0914270d122ad93a0893c6875008e6b055a0358a48ef9b9309089323a110fcc7c5122c45401532c075957214dd6c86305819ead9cdcddec00faf31b0be040165aee5210c648eb7ac1d856dfce811391876735a05e71f2c8fa0beed3c5489897de524dd52da8a18c5a69d0be29a59dba736addf52ba02bb14121660f973a030d705480ae121b44f6d46441af124982c6b759389977e32de862bf409eeae3eaf7321c779b1c2e32080e031d854c34ce5413a098e18ac7a4b871985c83b0ba4fe68d82061923547d3ea28e004fab11afa63fcd5a6149c4bb3a2480061e5d58899a5d717893c0b73be62d4a42eb3fec479aea240fae76ef79561d4a7bf26c4f67cbe1659557f20f8fce0e183e2b4da3553741cbd764714d3e6ebec6ff0a9fb7efcd99bc71c3938b4142ca0a69faa54bab2b4f7b9143633fd6e9a26f7766b8353f491a0bcb62066df77faaaf7b639d9455bdc8937968c51848e4391c52db579a48dcc3a7f1406053bbf06ee64eb3a5b7d2e0c63efdd5edeef53820e3e52d3d12828e39d698095aa3c3cd84989fc7ca73e541ba7da40aa2297a5e3633096dfb81b5c2ec6fbeb894e41bce4e8ec5096326feece88f5a795cad6097ea7c91ec487092ebad33c06f355a195d64d17afe092a0d7ae2161ad3d33f863336ed1e4055f7f81c065230e0c1fa5b332cd6a57692f3b0f60115dcece23ee7c46a45ac79e8ec19ca091c98f06750c802b103480ebe72849b22b7419ea1e35999d0b374286c20fe64880fc5259c61e300d15659b9f6a43127aaf0587048ca9a4284b2e25f3d079ddc194a7bf12a211bdc8f969be78e6d9a686c8ebdec19bd3518a901fd9bc3ad02065f0b145a8b72abf97d7584c7ebe6054e36d6f095df5a0cfc80e82878c4a5845f31e8f351e7411b0c81880523040585881fd87424e6288fc4b877a39bb81a9a40200c8e7a438d944c268d12d7ff1f234d2a12001d3a97ad15da3d628a420bcecd3f365488120", 0x1000}}, 0x1006)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)

63.23583ms ago: executing program 2 (id=611):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c000000010902120001000000000904"], 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x4, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080))
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_usb_ep_write(r0, 0x4, 0xa, &(0x7f0000000000)="c879a8f84a3fb2a37258")

0s ago: executing program 0 (id=612):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000009004"])
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x186, 0x0, 0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000340)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040), 0x400200, 0x0)
socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000010000000000070000000900010073797a30000000003c000000090a010400000000000000000700000408000a40000000000900020073797a31000000000900010073797a300000000008000540000000062c0000001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000140000001000010000000000000000000084000a"], 0xb0}}, 0x0)

kernel console output (not intermixed with test programs):

ORIG_RAX: 0000000000000000
[   97.525253][ T5949] RAX: ffffffffffffffda RBX: 00007f5cd71b5fa0 RCX: 00007f5cd6f8d33c
[   97.525269][ T5949] RDX: 000000000000000f RSI: 00007f5cd4df60a0 RDI: 0000000000000005
[   97.525283][ T5949] RBP: 00007f5cd4df6090 R08: 0000000000000000 R09: 0000000000000000
[   97.525296][ T5949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.525308][ T5949] R13: 0000000000000000 R14: 00007f5cd71b5fa0 R15: 00007ffce58618c8
[   97.525341][ T5949]  </TASK>
[   97.831007][ T5143] Bluetooth: hci4: command tx timeout
[   97.920248][ T5143] Bluetooth: hci3: command tx timeout
[   97.925760][ T5143] Bluetooth: hci0: command tx timeout
[   97.940584][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.958139][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.985794][   T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.999814][ T5143] Bluetooth: hci2: command tx timeout
[   98.003058][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.044587][   T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.070331][ T5143] Bluetooth: hci1: command tx timeout
[   98.180253][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.189659][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   98.364647][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.386179][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.460747][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.628598][ T5953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.725492][ T5953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.008525][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   99.471125][   T24] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   99.482953][ T5962] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[   99.711440][   T24] usb 2-1: Using ep0 maxpacket: 8
[   99.772120][   T24] usb 2-1: config 0 has an invalid interface number: 150 but max is 0
[   99.820126][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.840492][   T24] usb 2-1: config 0 has an invalid interface number: 112 but max is 0
[   99.875721][   T24] usb 2-1: config 0 has an invalid interface number: 3 but max is 0
[   99.999564][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  100.002921][   T24] usb 2-1: config 0 has 3 interfaces, different from the descriptor's value: 1
[  100.082803][   T24] usb 2-1: config 0 has no interface number 0
[  100.100555][   T24] usb 2-1: config 0 has no interface number 1
[  100.106830][   T24] usb 2-1: config 0 has no interface number 2
[  100.120692][   T24] usb 2-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  100.150653][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[  100.159789][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  100.179180][   T24] usb 2-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30
[  100.191184][ T5911] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  100.203344][   T24] usb 2-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104
[  100.227454][   T24] usb 2-1: config 0 interface 150 has no altsetting 0
[  100.238120][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.272378][ T5970] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  100.307669][   T24] usb 2-1: config 0 interface 112 has no altsetting 0
[  100.357145][   T24] usb 2-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  100.357324][ T5911] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  100.379995][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.446932][ T5911] usb 5-1: config 1 has no interface number 0
[  100.454377][   T24] usb 2-1: config 0 descriptor??
[  100.474668][ T5911] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.524763][ T5911] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  100.566689][ T5911] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  100.616285][ T5911] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  100.658205][ T5911] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.703428][ T5971] =======================================================
[  100.703428][ T5971] WARNING: The mand mount option has been deprecated and
[  100.703428][ T5971]          and is ignored by this kernel. Remove the mand
[  100.703428][ T5971]          option from the mount to silence this warning.
[  100.703428][ T5971] =======================================================
[  100.747395][ T5911] usb 5-1: Product: syz
[  100.753673][ T5911] usb 5-1: Manufacturer: syz
[  100.771808][ T5911] usb 5-1: SerialNumber: syz
[  101.030763][ T5974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.041301][ T5974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.056520][ T5974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.068036][ T5974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.374831][ T5968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.387072][ T5968] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.937884][ T5911] cdc_ncm 5-1:1.1: bind() failure
[  102.092540][ T5876] usb 5-1: USB disconnect, device number 2
[  102.112907][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11'.
[  102.126183][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11'.
[  102.306557][ T5986] process 'syz.0.12' launched './file1' with NULL argv: empty string added
[  102.878983][ T1109] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.268573][ T5991] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  103.696337][ T1109] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.772421][   T24] usb 2-1: string descriptor 0 read error: -71
[  103.936568][   T24] usb 2-1: USB disconnect, device number 2
[  104.030066][ T1109] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.285231][ T1109] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.922420][ T6006] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  105.410085][ T1109] bridge_slave_1: left allmulticast mode
[  105.415944][ T1109] bridge_slave_1: left promiscuous mode
[  105.450587][ T1109] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.517815][ T1109] bridge_slave_0: left allmulticast mode
[  105.539573][ T1109] bridge_slave_0: left promiscuous mode
[  105.566456][ T1109] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.104526][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.23'.
[  106.143030][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  106.151666][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  106.159660][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  106.168346][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  106.179387][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  106.207364][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.23'.
[  108.039940][ T6042] netlink: 'syz.4.25': attribute type 11 has an invalid length.
[  108.230275][   T51] Bluetooth: hci1: command tx timeout
[  108.279241][ T6048] netlink: 64 bytes leftover after parsing attributes in process `syz.0.26'.
[  109.044415][ T1109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  109.068876][ T1109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  109.069217][ T6055] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  109.092039][ T1109] bond0 (unregistering): Released all slaves
[  109.120914][ T6019] erspan1: entered promiscuous mode
[  109.129742][ T6019] erspan1: entered allmulticast mode
[  109.658748][ T6061] SET target dimension over the limit!
[  110.309867][   T51] Bluetooth: hci1: command tx timeout
[  111.008271][ T6072] netlink: 'syz.2.32': attribute type 11 has an invalid length.
[  111.366866][ T1109] hsr_slave_0: left promiscuous mode
[  111.384403][ T1109] hsr_slave_1: left promiscuous mode
[  111.406724][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.447376][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.506852][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.554523][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.610796][ T1109] veth1_macvtap: left promiscuous mode
[  111.619287][ T1109] veth0_macvtap: left promiscuous mode
[  111.637026][ T1109] veth1_vlan: left promiscuous mode
[  111.646283][ T1109] veth0_vlan: left promiscuous mode
[  111.976940][ T6104] capability: warning: `syz.4.37' uses deprecated v2 capabilities in a way that may be insecure
[  112.389736][   T51] Bluetooth: hci1: command tx timeout
[  112.940549][ T1109] team0 (unregistering): Port device team_slave_1 removed
[  112.993799][ T1109] team0 (unregistering): Port device team_slave_0 removed
[  113.516296][ T6091] netlink: 356 bytes leftover after parsing attributes in process `syz.2.34'.
[  113.526979][ T6099] warning: `syz.0.35' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  114.480487][   T51] Bluetooth: hci1: command tx timeout
[  115.399169][ T6131] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  115.480435][ T6026] chnl_net:caif_netlink_parms(): no params data found
[  116.848114][ T6026] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.880508][ T6026] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.887901][ T6026] bridge_slave_0: entered allmulticast mode
[  117.284622][ T6026] bridge_slave_0: entered promiscuous mode
[  117.394858][ T6172] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  117.845468][ T6184] Zero length message leads to an empty skb
[  117.897162][ T6026] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.939689][ T5876] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  117.960882][ T6026] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.970018][ T6026] bridge_slave_1: entered allmulticast mode
[  117.979826][ T6026] bridge_slave_1: entered promiscuous mode
[  118.099709][ T5876] usb 5-1: Using ep0 maxpacket: 32
[  118.110301][ T5876] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  118.138278][ T5876] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.187876][ T5876] usb 5-1: config 0 descriptor??
[  118.224869][ T5876] gspca_main: nw80x-2.14.0 probing 055f:d001
[  118.233368][ T6026] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.473039][ T6026] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.149345][ T5876] gspca_nw80x: reg_r err -32
[  119.185128][ T5876] nw80x 5-1:0.0: probe with driver nw80x failed with error -32
[  119.490847][ T6195] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  120.687985][ T6203] netlink: 52 bytes leftover after parsing attributes in process `syz.1.56'.
[  120.697145][ T6203] netlink: 6 bytes leftover after parsing attributes in process `syz.1.56'.
[  120.706199][ T6203] netlink: 52 bytes leftover after parsing attributes in process `syz.1.56'.
[  120.715130][ T6203] netlink: 6 bytes leftover after parsing attributes in process `syz.1.56'.
[  120.724894][ T6203] netlink: 52 bytes leftover after parsing attributes in process `syz.1.56'.
[  122.093343][ T5941] usb 5-1: USB disconnect, device number 3
[  122.133828][ T6026] team0: Port device team_slave_0 added
[  122.241333][ T6026] team0: Port device team_slave_1 added
[  122.302997][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  122.503623][ T6221] netlink: 68 bytes leftover after parsing attributes in process `syz.4.59'.
[  122.529537][   T24] usb 2-1: Using ep0 maxpacket: 32
[  122.925292][   T24] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  122.933755][   T24] usb 2-1: config 0 has no interface number 0
[  123.002329][ T6026] batman_adv: batadv0: Adding interface: batadv_slave_0
[  123.020991][   T24] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  123.062507][ T6026] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.108462][ T6026] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  123.120066][ T6224] netlink: 80 bytes leftover after parsing attributes in process `syz.4.59'.
[  123.141553][ T6026] batman_adv: batadv0: Adding interface: batadv_slave_1
[  123.173438][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.182936][   T24] usb 2-1: Product: syz
[  123.187200][   T24] usb 2-1: Manufacturer: syz
[  123.194418][   T24] usb 2-1: SerialNumber: syz
[  123.210368][   T24] usb 2-1: config 0 descriptor??
[  123.227912][   T24] smsc95xx v2.0.0
[  123.319563][ T6026] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.350385][ T6026] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  123.472055][ T6213] netlink: 12 bytes leftover after parsing attributes in process `syz.1.58'.
[  124.192834][ T6026] hsr_slave_0: entered promiscuous mode
[  124.211979][ T6026] hsr_slave_1: entered promiscuous mode
[  124.220783][ T6026] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  124.234090][ T6026] Cannot create hsr debugfs directory
[  124.639016][   T24] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  124.687613][   T24] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  124.728935][   T24] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  124.765807][   T24] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  124.824477][   T24] usb 2-1: USB disconnect, device number 3
[  124.892988][ T6255] tipc: Started in network mode
[  124.914073][ T6255] tipc: Node identity a6b7dcf7d9df, cluster identity 4711
[  125.014770][ T6255] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  125.248629][ T6250] syzkaller0: entered promiscuous mode
[  125.275784][ T6250] syzkaller0: entered allmulticast mode
[  125.739942][ T6257] netlink: 'syz.2.66': attribute type 11 has an invalid length.
[  125.815401][ T6252] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  126.130513][   T43] tipc: Node number set to 2137578743
[  128.011853][ T6249] tipc: Resetting bearer <eth:syzkaller0>
[  128.366838][ T6249] tipc: Disabling bearer <eth:syzkaller0>
[  128.879717][ T5876] usb 3-1: new low-speed USB device number 2 using dummy_hcd
[  129.005987][ T6026] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  129.036632][ T6026] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  129.058965][ T5876] usb 3-1: device descriptor read/64, error -71
[  129.096290][ T6026] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  129.639650][ T5876] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[  129.760698][ T6026] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  129.889594][ T5876] usb 3-1: device descriptor read/64, error -71
[  130.020170][ T5876] usb usb3-port1: attempt power cycle
[  130.204602][ T6026] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.639554][ T5876] usb 3-1: new low-speed USB device number 4 using dummy_hcd
[  130.656503][ T6026] 8021q: adding VLAN 0 to HW filter on device team0
[  130.690159][ T5876] usb 3-1: device descriptor read/8, error -71
[  130.713839][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.721043][ T5953] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.805089][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.812363][ T5953] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.986276][ T5876] usb 3-1: new low-speed USB device number 5 using dummy_hcd
[  131.038100][ T5876] usb 3-1: device descriptor read/8, error -71
[  131.161194][ T5876] usb usb3-port1: unable to enumerate USB device
[  133.645346][ T6335] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  134.257863][ T6343] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  134.263286][ T6347] XFS (nullb0): Invalid superblock magic number
[  134.280870][ T6353] Bluetooth: MGMT ver 1.23
[  134.366229][ T6026] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.450007][  T978] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  134.644323][  T978] usb 5-1: Using ep0 maxpacket: 8
[  134.719250][  T978] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  134.749582][  T978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.776251][  T978] usb 5-1: config 0 descriptor??
[  136.891663][  T978] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  137.179261][  T978] asix 5-1:0.0: probe with driver asix failed with error -71
[  137.225426][  T978] usb 5-1: USB disconnect, device number 4
[  137.952510][ T6026] veth0_vlan: entered promiscuous mode
[  137.988193][ T6026] veth1_vlan: entered promiscuous mode
[  138.100387][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  138.107013][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  138.138660][ T6026] veth0_macvtap: entered promiscuous mode
[  138.172745][ T6026] veth1_macvtap: entered promiscuous mode
[  138.265602][ T6026] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.314596][ T6026] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.391453][ T6026] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.441030][ T6026] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.476175][ T6026] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.485235][ T6026] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.747070][ T5941] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  138.819742][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.835504][ T6413] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  138.853267][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.909624][ T5941] usb 2-1: Using ep0 maxpacket: 32
[  138.930347][ T5941] usb 2-1: config 0 has an invalid interface number: 63 but max is 0
[  138.938620][ T5941] usb 2-1: config 0 has no interface number 0
[  139.023314][ T5941] usb 2-1: config 0 interface 63 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  139.106593][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.151468][ T5941] usb 2-1: config 0 interface 63 has no altsetting 0
[  139.182041][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.230059][ T5941] usb 2-1: New USB device found, idVendor=0bfd, idProduct=0023, bcdDevice=40.69
[  139.239170][ T5941] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.806569][ T5941] usb 2-1: Product: syz
[  139.820189][ T5941] usb 2-1: Manufacturer: syz
[  139.824830][ T5941] usb 2-1: SerialNumber: syz
[  139.938928][ T5941] usb 2-1: config 0 descriptor??
[  140.031195][ T5941] kvaser_usb 2-1:0.63: error -ENODEV: Cannot get usb endpoint(s)
[  140.151571][ T6434] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16'.
[  140.211712][ T6434] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16'.
[  140.766242][   T43] usb 2-1: USB disconnect, device number 4
[  141.302345][ T6439] netlink: 8 bytes leftover after parsing attributes in process `syz.2.102'.
[  141.401050][ T6439] netlink: 8 bytes leftover after parsing attributes in process `syz.2.102'.
[  141.678099][ T6442] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  141.712501][ T6442] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  141.760965][ T6445] UHID_CREATE from different security context by process 105 (syz.0.104), this is not allowed.
[  143.735454][ T6472] trusted_key: encrypted_key: insufficient parameters specified
[  144.098887][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz.4.114'.
[  144.157093][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz.4.114'.
[  147.070965][ T6517] netlink: 'syz.5.123': attribute type 39 has an invalid length.
[  148.286738][ T6518] syz.5.123 uses obsolete (PF_INET,SOCK_PACKET)
[  148.301687][ T6518] lo: entered promiscuous mode
[  148.307290][ T6518] tunl0: entered promiscuous mode
[  148.313548][ T6518] gre0: entered promiscuous mode
[  148.319764][ T6518] gretap0: entered promiscuous mode
[  148.326397][ T6518] erspan0: entered promiscuous mode
[  148.332318][ T6518] ip_vti0: entered promiscuous mode
[  148.703517][ T6542] netlink: 'syz.1.128': attribute type 11 has an invalid length.
[  150.406192][ T6558] netlink: 'syz.1.131': attribute type 11 has an invalid length.
[  151.389656][ T5876] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  151.529587][ T5876] usb 1-1: device descriptor read/64, error -71
[  151.565163][ T6578] trusted_key: encrypted_key: insufficient parameters specified
[  151.769773][ T5876] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  151.969575][ T5876] usb 1-1: device descriptor read/64, error -71
[  152.101877][ T5876] usb usb1-port1: attempt power cycle
[  152.869967][ T5876] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  152.905959][ T5876] usb 1-1: device descriptor read/8, error -71
[  153.179845][ T5876] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  153.275453][ T5876] usb 1-1: device descriptor read/8, error -71
[  153.425200][ T5876] usb usb1-port1: unable to enumerate USB device
[  155.103546][ T6621] netlink: 12 bytes leftover after parsing attributes in process `syz.5.146'.
[  155.764244][ T6624] tipc: Started in network mode
[  155.769216][ T6624] tipc: Node identity 16da894d54f2, cluster identity 4711
[  155.846557][ T6624] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  156.112324][ T6624] syzkaller0: entered promiscuous mode
[  156.422243][ T6624] syzkaller0: entered allmulticast mode
[  156.781623][ T6633] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  158.692566][ T5941] tipc: Node number set to 1109952845
[  159.192395][ T6623] tipc: Resetting bearer <eth:syzkaller0>
[  159.281549][ T6623] tipc: Disabling bearer <eth:syzkaller0>
[  159.778431][ T6658] FAULT_INJECTION: forcing a failure.
[  159.778431][ T6658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.791894][ T6658] CPU: 0 UID: 0 PID: 6658 Comm: syz.4.155 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  159.791922][ T6658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.791932][ T6658] Call Trace:
[  159.791940][ T6658]  <TASK>
[  159.791948][ T6658]  dump_stack_lvl+0x189/0x250
[  159.791977][ T6658]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.792001][ T6658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.792030][ T6658]  ? dump_stack+0x9/0x20
[  159.792056][ T6658]  should_fail_ex+0x414/0x560
[  159.792079][ T6658]  _copy_to_user+0x31/0xb0
[  159.792102][ T6658]  simple_read_from_buffer+0xe1/0x170
[  159.792126][ T6658]  proc_fail_nth_read+0x1df/0x250
[  159.792150][ T6658]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  159.792175][ T6658]  ? rw_verify_area+0x258/0x650
[  159.792192][ T6658]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  159.792215][ T6658]  vfs_read+0x200/0x980
[  159.792236][ T6658]  ? __pfx___mutex_lock+0x10/0x10
[  159.792260][ T6658]  ? __pfx_vfs_read+0x10/0x10
[  159.792278][ T6658]  ? __fget_files+0x2a/0x420
[  159.792302][ T6658]  ? __fget_files+0x3a0/0x420
[  159.792322][ T6658]  ? __fget_files+0x2a/0x420
[  159.792351][ T6658]  ksys_read+0x145/0x250
[  159.792371][ T6658]  ? __pfx_ksys_read+0x10/0x10
[  159.792397][ T6658]  do_syscall_64+0xfa/0x3b0
[  159.792422][ T6658]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.792437][ T6658]  ? asm_sysvec_call_function_single+0x1a/0x20
[  159.792452][ T6658]  ? clear_bhb_loop+0x60/0xb0
[  159.792471][ T6658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.792486][ T6658] RIP: 0033:0x7fdaa8f8d33c
[  159.792500][ T6658] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  159.792513][ T6658] RSP: 002b:00007fdaa9dfc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  159.792529][ T6658] RAX: ffffffffffffffda RBX: 00007fdaa91b6080 RCX: 00007fdaa8f8d33c
[  159.792540][ T6658] RDX: 000000000000000f RSI: 00007fdaa9dfc0a0 RDI: 0000000000000009
[  159.792549][ T6658] RBP: 00007fdaa9dfc090 R08: 0000000000000000 R09: 0000000000000000
[  159.792558][ T6658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.792567][ T6658] R13: 0000000000000000 R14: 00007fdaa91b6080 R15: 00007ffd5595ad48
[  159.792590][ T6658]  </TASK>
[  160.073430][ T6659] Invalid logical block size (201)
[  161.506450][ T6663] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  161.520732][ T6663] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  161.552665][ T6663] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  161.605668][ T6663] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  161.651559][ T6663] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  161.665422][ T6675] trusted_key: encrypted_key: insufficient parameters specified
[  161.711238][ T6663] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  161.801406][ T6663] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  161.836090][ T6663] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  161.916023][ T6663] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  161.935145][ T6663] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  161.951044][ T6663] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  161.970865][ T6663] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  161.997151][ T6663] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  162.064723][ T6663] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  162.182942][ T6663] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  163.359847][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  163.671780][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  163.831574][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  163.992746][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  164.139048][   T51] Bluetooth: hci1: command 0x0405 tx timeout
[  165.429774][ T5143] Bluetooth: hci0: command 0x0c1a tx timeout
[  165.597415][ T6729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.172'.
[  165.614438][ T6729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.172'.
[  165.763113][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout
[  165.919294][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  166.069572][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  166.231809][ T5143] Bluetooth: hci1: command 0x0405 tx timeout
[  167.325536][ T6743] netlink: 12 bytes leftover after parsing attributes in process `syz.1.175'.
[  167.520189][ T5143] Bluetooth: hci0: command 0x0c1a tx timeout
[  167.830244][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout
[  167.989673][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  168.159987][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  168.519766][ T5143] Bluetooth: hci1: command 0x0405 tx timeout
[  168.649029][ T6757] netlink: 'syz.5.178': attribute type 11 has an invalid length.
[  169.372639][ T6767] netlink: 'syz.1.180': attribute type 11 has an invalid length.
[  169.807385][ T6769] netlink: 'syz.2.182': attribute type 39 has an invalid length.
[  170.550142][   T51] Bluetooth: hci1: command 0x0405 tx timeout
[  170.621632][ T6787] lo: entered promiscuous mode
[  170.627510][ T6787] tunl0: entered promiscuous mode
[  170.634136][ T6787] gre0: entered promiscuous mode
[  170.640471][ T6787] gretap0: entered promiscuous mode
[  170.646812][ T6787] erspan0: entered promiscuous mode
[  170.653083][ T6787] ip_vti0: entered promiscuous mode
[  171.220590][ T6798] FAULT_INJECTION: forcing a failure.
[  171.220590][ T6798] name failslab, interval 1, probability 0, space 0, times 0
[  171.233274][ T6798] CPU: 0 UID: 0 PID: 6798 Comm: syz.4.186 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  171.233295][ T6798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.233305][ T6798] Call Trace:
[  171.233311][ T6798]  <TASK>
[  171.233318][ T6798]  dump_stack_lvl+0x189/0x250
[  171.233346][ T6798]  ? __pfx____ratelimit+0x10/0x10
[  171.233369][ T6798]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.233392][ T6798]  ? __pfx__printk+0x10/0x10
[  171.233412][ T6798]  ? __pfx___might_resched+0x10/0x10
[  171.233434][ T6798]  ? fs_reclaim_acquire+0x7d/0x100
[  171.233460][ T6798]  should_fail_ex+0x414/0x560
[  171.233483][ T6798]  should_failslab+0xa8/0x100
[  171.233505][ T6798]  __kmalloc_noprof+0xcb/0x4f0
[  171.233522][ T6798]  ? kfree+0x4d/0x440
[  171.233536][ T6798]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  171.233564][ T6798]  tomoyo_realpath_from_path+0xe3/0x5d0
[  171.233589][ T6798]  ? tomoyo_domain+0xda/0x130
[  171.233617][ T6798]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  171.233637][ T6798]  tomoyo_path_number_perm+0x1e8/0x5a0
[  171.233658][ T6798]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.233691][ T6798]  ? __lock_acquire+0xab9/0xd20
[  171.233727][ T6798]  ? __fget_files+0x2a/0x420
[  171.233749][ T6798]  ? __fget_files+0x2a/0x420
[  171.233769][ T6798]  ? __fget_files+0x3a0/0x420
[  171.233788][ T6798]  ? __fget_files+0x2a/0x420
[  171.233814][ T6798]  security_file_ioctl+0xcb/0x2d0
[  171.233837][ T6798]  __se_sys_ioctl+0x47/0x170
[  171.233855][ T6798]  do_syscall_64+0xfa/0x3b0
[  171.233883][ T6798]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.233906][ T6798]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.233921][ T6798]  ? clear_bhb_loop+0x60/0xb0
[  171.233940][ T6798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.233955][ T6798] RIP: 0033:0x7fdaa8f8e929
[  171.233969][ T6798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.233981][ T6798] RSP: 002b:00007fdaa9e1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.233997][ T6798] RAX: ffffffffffffffda RBX: 00007fdaa91b5fa0 RCX: 00007fdaa8f8e929
[  171.234008][ T6798] RDX: 0000200000000000 RSI: 00000000c0d05605 RDI: 0000000000000007
[  171.234018][ T6798] RBP: 00007fdaa9e1d090 R08: 0000000000000000 R09: 0000000000000000
[  171.234027][ T6798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.234036][ T6798] R13: 0000000000000000 R14: 00007fdaa91b5fa0 R15: 00007ffd5595ad48
[  171.234059][ T6798]  </TASK>
[  171.234066][ T6798] ERROR: Out of memory at tomoyo_realpath_from_path.
[  172.675043][ T5143] Bluetooth: hci1: command 0x0405 tx timeout
[  173.062480][ T6821] netlink: 40 bytes leftover after parsing attributes in process `syz.0.191'.
[  173.091201][ T6821] FAULT_INJECTION: forcing a failure.
[  173.091201][ T6821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.104512][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: syz.0.191 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  173.104543][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  173.104558][ T6821] Call Trace:
[  173.104565][ T6821]  <TASK>
[  173.104572][ T6821]  dump_stack_lvl+0x189/0x250
[  173.104599][ T6821]  ? __pfx____ratelimit+0x10/0x10
[  173.104622][ T6821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.104645][ T6821]  ? __pfx__printk+0x10/0x10
[  173.104667][ T6821]  ? __might_fault+0xb0/0x130
[  173.104693][ T6821]  should_fail_ex+0x414/0x560
[  173.104716][ T6821]  _copy_from_user+0x2d/0xb0
[  173.104732][ T6821]  __sys_bpf+0x1ed/0x860
[  173.104753][ T6821]  ? __pfx___sys_bpf+0x10/0x10
[  173.104782][ T6821]  ? ksys_write+0x22a/0x250
[  173.104801][ T6821]  ? __pfx_ksys_write+0x10/0x10
[  173.104824][ T6821]  __x64_sys_bpf+0x7c/0x90
[  173.104842][ T6821]  do_syscall_64+0xfa/0x3b0
[  173.104866][ T6821]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.104881][ T6821]  ? asm_sysvec_call_function_single+0x1a/0x20
[  173.104896][ T6821]  ? clear_bhb_loop+0x60/0xb0
[  173.104915][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.104930][ T6821] RIP: 0033:0x7f2b7358e929
[  173.104943][ T6821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.104956][ T6821] RSP: 002b:00007f2b74452038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  173.104972][ T6821] RAX: ffffffffffffffda RBX: 00007f2b737b6160 RCX: 00007f2b7358e929
[  173.104983][ T6821] RDX: 0000000000000020 RSI: 0000200000000180 RDI: 0000000000000002
[  173.104992][ T6821] RBP: 00007f2b74452090 R08: 0000000000000000 R09: 0000000000000000
[  173.105002][ T6821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.105010][ T6821] R13: 0000000000000000 R14: 00007f2b737b6160 R15: 00007ffe7e4cb748
[  173.105032][ T6821]  </TASK>
[  174.053277][ T6833] netlink: 40 bytes leftover after parsing attributes in process `syz.5.194'.
[  175.746152][ T6857] netem: change failed
[  176.870421][ T5888] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  177.319518][ T5888] usb 2-1: Using ep0 maxpacket: 8
[  177.352170][ T5888] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  177.427362][ T5888] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[  177.460702][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.485842][ T5888] usb 2-1: config 0 descriptor??
[  177.540226][ T6878] Invalid logical block size (32)
[  177.647287][ T6882] netlink: 'syz.4.205': attribute type 39 has an invalid length.
[  177.947144][ T6887] netlink: 52 bytes leftover after parsing attributes in process `syz.5.206'.
[  178.181862][ T6857] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.307536][ T6890] 9pnet_fd: Insufficient options for proto=fd
[  178.750762][ T6857] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.797675][ T5888] usbhid 2-1:0.0: can't add hid device: -71
[  178.822411][ T5888] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  178.861685][ T5888] usb 2-1: USB disconnect, device number 5
[  179.143088][ T6901] mmap: syz.5.208 (6901) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  182.724777][ T6934] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  183.195984][ T6941] 9pnet_fd: Insufficient options for proto=fd
[  185.013275][ T6966] netlink: 'syz.1.224': attribute type 39 has an invalid length.
[  186.737486][ T6988] lo: entered promiscuous mode
[  186.743078][ T6988] tunl0: entered promiscuous mode
[  186.748840][ T6988] gre0: entered promiscuous mode
[  186.754690][ T6988] gretap0: entered promiscuous mode
[  186.760828][ T6988] erspan0: entered promiscuous mode
[  186.767822][ T6988] ip_vti0: entered promiscuous mode
[  186.853020][ T6990] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  186.907440][ T6990] syzkaller0: entered promiscuous mode
[  187.131811][ T6990] syzkaller0: entered allmulticast mode
[  187.622393][ T6994] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  188.699672][ T6989] tipc: Resetting bearer <eth:syzkaller0>
[  189.162901][ T6989] tipc: Disabling bearer <eth:syzkaller0>
[  190.398678][ T7027] 9pnet_fd: Insufficient options for proto=fd
[  191.757527][ T7043] netlink: 364 bytes leftover after parsing attributes in process `syz.2.238'.
[  197.016872][ T7108] use of bytesused == 0 is deprecated and will be removed in the future,
[  197.079777][ T7108] use the actual size instead.
[  197.297774][ T7113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.255'.
[  198.000479][ T7113] 9pnet_fd: Insufficient options for proto=fd
[  198.347555][ T7125] FAULT_INJECTION: forcing a failure.
[  198.347555][ T7125] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  198.395412][ T7125] CPU: 0 UID: 0 PID: 7125 Comm: syz.5.257 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  198.395444][ T7125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.395457][ T7125] Call Trace:
[  198.395466][ T7125]  <TASK>
[  198.395475][ T7125]  dump_stack_lvl+0x189/0x250
[  198.395526][ T7125]  ? __pfx____ratelimit+0x10/0x10
[  198.395558][ T7125]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.395590][ T7125]  ? __pfx__printk+0x10/0x10
[  198.395613][ T7125]  ? fs_reclaim_acquire+0x7d/0x100
[  198.395654][ T7125]  should_fail_ex+0x414/0x560
[  198.395686][ T7125]  prepare_alloc_pages+0x213/0x610
[  198.395727][ T7125]  __alloc_frozen_pages_noprof+0x123/0x370
[  198.395763][ T7125]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  198.395800][ T7125]  ? __lock_acquire+0xab9/0xd20
[  198.395841][ T7125]  alloc_pages_mpol+0x232/0x4a0
[  198.395874][ T7125]  alloc_pages_noprof+0xa9/0x190
[  198.395904][ T7125]  pte_alloc_one+0x21/0x170
[  198.395936][ T7125]  __pte_alloc+0x25/0x1a0
[  198.395972][ T7125]  __handle_mm_fault+0x4b8a/0x5620
[  198.396018][ T7125]  ? __pfx___handle_mm_fault+0x10/0x10
[  198.396065][ T7125]  ? find_vma+0xe7/0x160
[  198.396088][ T7125]  ? __pfx_find_vma+0x10/0x10
[  198.396115][ T7125]  handle_mm_fault+0x2d5/0x7f0
[  198.396151][ T7125]  do_user_addr_fault+0x764/0x1390
[  198.396201][ T7125]  exc_page_fault+0x76/0xf0
[  198.396235][ T7125]  asm_exc_page_fault+0x26/0x30
[  198.396255][ T7125] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  198.396281][ T7125] Code: f6 03 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 cf f6 03 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  198.396298][ T7125] RSP: 0018:ffffc9000ea67ad8 EFLAGS: 00050202
[  198.396323][ T7125] RAX: 00007ffffffff001 RBX: 0000000000000060 RCX: 0000000000000060
[  198.396337][ T7125] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: ffffc9000ea67bd0
[  198.396352][ T7125] RBP: ffffc9000ea67d38 R08: ffffc9000ea67c2f R09: 1ffff92001d4cf85
[  198.396367][ T7125] R10: dffffc0000000000 R11: fffff52001d4cf86 R12: dffffc0000000000
[  198.396383][ T7125] R13: 00002000000001c0 R14: ffffc9000ea67bd0 R15: 00002000000001c0
[  198.396418][ T7125]  _copy_from_user+0x7a/0xb0
[  198.396440][ T7125]  do_ipt_set_ctl+0x696/0xcd0
[  198.396474][ T7125]  ? rcu_is_watching+0x15/0xb0
[  198.396504][ T7125]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  198.396547][ T7125]  ? __pfx___mutex_lock+0x10/0x10
[  198.396580][ T7125]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  198.396630][ T7125]  nf_setsockopt+0x26f/0x290
[  198.396661][ T7125]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  198.396685][ T7125]  do_sock_setsockopt+0x257/0x3e0
[  198.396714][ T7125]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  198.396745][ T7125]  ? __fget_files+0x2a/0x420
[  198.396781][ T7125]  __x64_sys_setsockopt+0x18b/0x220
[  198.396813][ T7125]  do_syscall_64+0xfa/0x3b0
[  198.396845][ T7125]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.396875][ T7125]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.396897][ T7125]  ? clear_bhb_loop+0x60/0xb0
[  198.396928][ T7125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.396949][ T7125] RIP: 0033:0x7fb87ff8e929
[  198.396973][ T7125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.396991][ T7125] RSP: 002b:00007fb880d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  198.397012][ T7125] RAX: ffffffffffffffda RBX: 00007fb8801b5fa0 RCX: 00007fb87ff8e929
[  198.397028][ T7125] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[  198.397041][ T7125] RBP: 00007fb880d77090 R08: 00000000000002d8 R09: 0000000000000000
[  198.397054][ T7125] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  198.397068][ T7125] R13: 0000000000000000 R14: 00007fb8801b5fa0 R15: 00007ffd76573e58
[  198.397100][ T7125]  </TASK>
[  198.770996][    C0] vkms_vblank_simulate: vblank timer overrun
[  199.517624][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  199.524219][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  201.299613][ T5955] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  201.518350][   T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  201.529611][ T5955] usb 2-1: Using ep0 maxpacket: 8
[  201.542109][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.568221][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.604212][ T5955] usb 2-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  201.632606][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.679126][ T5955] usb 2-1: config 0 descriptor??
[  201.692123][ T7156] netlink: 'syz.5.265': attribute type 39 has an invalid length.
[  201.717644][   T24] usb 3-1: Using ep0 maxpacket: 32
[  201.756218][   T24] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  201.765352][   T24] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  201.794002][   T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  201.816059][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  201.836411][   T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  201.847325][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  201.871189][   T24] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  201.885934][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.937652][ T5143] Bluetooth: hci2: Unknown advertising packet type: 0x75
[  201.937722][ T5143] Bluetooth: hci2: Malformed LE Event: 0x0d
[  201.951620][ T5955] usbhid 2-1:0.0: can't add hid device: -71
[  202.141967][ T5955] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  202.185683][   T24] usb 3-1: config 0 descriptor??
[  202.199566][ T5955] usb 2-1: USB disconnect, device number 6
[  203.197809][   T24] usb 3-1: can't set config #0, error -71
[  203.224110][   T24] usb 3-1: USB disconnect, device number 6
[  203.923026][ T7167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.267'.
[  203.965322][ T7167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.267'.
[  206.399961][ T7177] sctp: failed to load transform for md5: -2
[  206.905529][ T7195] netlink: 'syz.4.274': attribute type 1 has an invalid length.
[  206.931115][ T7195] netlink: 4 bytes leftover after parsing attributes in process `syz.4.274'.
[  206.978760][ T7199] netlink: 'syz.4.274': attribute type 10 has an invalid length.
[  207.055308][ T7199] netlink: 40 bytes leftover after parsing attributes in process `syz.4.274'.
[  207.098791][ T7199] batman_adv: batadv0: Adding interface: vlan1
[  207.125595][ T7199] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.150943][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.168977][ T7199] batman_adv: batadv0: Interface activated: vlan1
[  209.040406][ T7218] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  209.577740][ T7225] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  210.105501][ T7231] netlink: 'syz.4.285': attribute type 11 has an invalid length.
[  210.749541][ T5941] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  211.001737][ T5941] usb 2-1: device descriptor read/64, error -71
[  211.510394][ T5941] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  211.669803][ T5941] usb 2-1: device descriptor read/64, error -71
[  211.704639][ T7256] syzkaller0: tun_chr_ioctl cmd 2147767507
[  211.820455][ T5941] usb usb2-port1: attempt power cycle
[  212.269689][ T5941] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  212.402467][ T5941] usb 2-1: device descriptor read/8, error -71
[  212.842396][ T5941] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  212.900587][ T5941] usb 2-1: device descriptor read/8, error -71
[  213.009943][ T5941] usb usb2-port1: unable to enumerate USB device
[  213.431895][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.296'.
[  213.470411][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.296'.
[  214.669961][ T7285] syz_tun: entered promiscuous mode
[  214.686185][ T7285] syz_tun: entered allmulticast mode
[  214.849032][ T7291] netlink: 'syz.1.304': attribute type 39 has an invalid length.
[  216.238167][ T7304] tipc: Started in network mode
[  216.244080][ T7304] tipc: Node identity 06be224b4ccf, cluster identity 4711
[  216.251960][ T7304] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  216.486733][ T7304] syzkaller0: entered promiscuous mode
[  216.553089][ T7304] syzkaller0: entered allmulticast mode
[  216.864686][ T7308] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  216.959992][ T7312] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  217.370332][ T5941] tipc: Node number set to 1248928331
[  217.851101][ T7302] tipc: Resetting bearer <eth:syzkaller0>
[  219.300767][ T7302] tipc: Disabling bearer <eth:syzkaller0>
[  219.312386][ T7323] FAULT_INJECTION: forcing a failure.
[  219.312386][ T7323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.332134][ T7323] CPU: 0 UID: 0 PID: 7323 Comm: syz.5.314 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  219.332164][ T7323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.332178][ T7323] Call Trace:
[  219.332186][ T7323]  <TASK>
[  219.332195][ T7323]  dump_stack_lvl+0x189/0x250
[  219.332233][ T7323]  ? __pfx____ratelimit+0x10/0x10
[  219.332266][ T7323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.332298][ T7323]  ? __pfx__printk+0x10/0x10
[  219.332320][ T7323]  ? __might_fault+0xb0/0x130
[  219.332357][ T7323]  should_fail_ex+0x414/0x560
[  219.332390][ T7323]  _copy_from_user+0x2d/0xb0
[  219.332413][ T7323]  snd_ctl_ioctl+0x37d/0x1ad0
[  219.332441][ T7323]  ? stack_trace_save+0x9c/0xe0
[  219.332467][ T7323]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  219.332503][ T7323]  ? kasan_save_track+0x4f/0x80
[  219.332525][ T7323]  ? kasan_save_track+0x3e/0x80
[  219.332545][ T7323]  ? kasan_save_free_info+0x46/0x50
[  219.332585][ T7323]  ? __kasan_slab_free+0x62/0x70
[  219.332607][ T7323]  ? kfree+0x18e/0x440
[  219.332628][ T7323]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  219.332653][ T7323]  ? security_file_ioctl+0xcb/0x2d0
[  219.332680][ T7323]  ? __se_sys_ioctl+0x47/0x170
[  219.332700][ T7323]  ? do_syscall_64+0xfa/0x3b0
[  219.332731][ T7323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.332813][ T7323]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  219.332842][ T7323]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  219.332870][ T7323]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  219.332896][ T7323]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  219.332924][ T7323]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  219.332948][ T7323]  ? smack_log+0xef/0x3f0
[  219.332971][ T7323]  ? __pfx_smack_log+0x10/0x10
[  219.332992][ T7323]  ? smk_access+0x14c/0x4e0
[  219.333019][ T7323]  ? smk_tskacc+0x2fc/0x370
[  219.333045][ T7323]  ? smack_file_ioctl+0x2a9/0x340
[  219.333072][ T7323]  ? __pfx_smack_file_ioctl+0x10/0x10
[  219.333115][ T7323]  ? __fget_files+0x2a/0x420
[  219.333143][ T7323]  ? __fget_files+0x3a0/0x420
[  219.333170][ T7323]  ? __fget_files+0x2a/0x420
[  219.333201][ T7323]  ? bpf_lsm_file_ioctl+0x9/0x20
[  219.333231][ T7323]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  219.333257][ T7323]  __se_sys_ioctl+0xf9/0x170
[  219.333282][ T7323]  do_syscall_64+0xfa/0x3b0
[  219.333313][ T7323]  ? lockdep_hardirqs_on+0x9c/0x150
[  219.333350][ T7323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.333371][ T7323]  ? clear_bhb_loop+0x60/0xb0
[  219.333396][ T7323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.333417][ T7323] RIP: 0033:0x7fb87ff8e929
[  219.333436][ T7323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.333453][ T7323] RSP: 002b:00007fb880d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  219.333476][ T7323] RAX: ffffffffffffffda RBX: 00007fb8801b5fa0 RCX: 00007fb87ff8e929
[  219.333491][ T7323] RDX: 0000200000000340 RSI: 00000000c1105517 RDI: 0000000000000003
[  219.333505][ T7323] RBP: 00007fb880d77090 R08: 0000000000000000 R09: 0000000000000000
[  219.333518][ T7323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.333530][ T7323] R13: 0000000000000000 R14: 00007fb8801b5fa0 R15: 00007ffd76573e58
[  219.333562][ T7323]  </TASK>
[  219.653605][    C0] vkms_vblank_simulate: vblank timer overrun
[  219.692652][ T7321] FAULT_INJECTION: forcing a failure.
[  219.692652][ T7321] name failslab, interval 1, probability 0, space 0, times 0
[  219.705533][ T7321] CPU: 0 UID: 0 PID: 7321 Comm: syz.4.315 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  219.705555][ T7321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.705564][ T7321] Call Trace:
[  219.705570][ T7321]  <TASK>
[  219.705576][ T7321]  dump_stack_lvl+0x189/0x250
[  219.705612][ T7321]  ? __pfx____ratelimit+0x10/0x10
[  219.705635][ T7321]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.705658][ T7321]  ? __pfx__printk+0x10/0x10
[  219.705679][ T7321]  ? ref_tracker_alloc+0x318/0x460
[  219.705702][ T7321]  should_fail_ex+0x414/0x560
[  219.705725][ T7321]  should_failslab+0xa8/0x100
[  219.705747][ T7321]  kmem_cache_alloc_noprof+0x73/0x3c0
[  219.705765][ T7321]  ? skb_clone+0x212/0x3a0
[  219.705788][ T7321]  skb_clone+0x212/0x3a0
[  219.705811][ T7321]  __netlink_deliver_tap+0x404/0x850
[  219.705840][ T7321]  ? netlink_deliver_tap+0x2e/0x1b0
[  219.705858][ T7321]  netlink_deliver_tap+0x19c/0x1b0
[  219.705877][ T7321]  netlink_unicast+0x72f/0x8d0
[  219.705900][ T7321]  netlink_sendmsg+0x805/0xb30
[  219.705925][ T7321]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.705949][ T7321]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  219.705968][ T7321]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.705986][ T7321]  __sock_sendmsg+0x21c/0x270
[  219.706012][ T7321]  ____sys_sendmsg+0x505/0x830
[  219.706035][ T7321]  ? __pfx_____sys_sendmsg+0x10/0x10
[  219.706062][ T7321]  ? import_iovec+0x74/0xa0
[  219.706079][ T7321]  ___sys_sendmsg+0x21f/0x2a0
[  219.706099][ T7321]  ? __pfx____sys_sendmsg+0x10/0x10
[  219.706145][ T7321]  ? __fget_files+0x2a/0x420
[  219.706165][ T7321]  ? __fget_files+0x3a0/0x420
[  219.706194][ T7321]  __x64_sys_sendmsg+0x19b/0x260
[  219.706215][ T7321]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  219.706246][ T7321]  ? __pfx_ksys_write+0x10/0x10
[  219.706269][ T7321]  ? rcu_is_watching+0x15/0xb0
[  219.706308][ T7321]  ? do_syscall_64+0xbe/0x3b0
[  219.706348][ T7321]  do_syscall_64+0xfa/0x3b0
[  219.706371][ T7321]  ? lockdep_hardirqs_on+0x9c/0x150
[  219.706394][ T7321]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.706409][ T7321]  ? clear_bhb_loop+0x60/0xb0
[  219.706427][ T7321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.706442][ T7321] RIP: 0033:0x7fdaa8f8e929
[  219.706456][ T7321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.706469][ T7321] RSP: 002b:00007fdaa9e1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.706485][ T7321] RAX: ffffffffffffffda RBX: 00007fdaa91b5fa0 RCX: 00007fdaa8f8e929
[  219.706496][ T7321] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  219.706506][ T7321] RBP: 00007fdaa9e1d090 R08: 0000000000000000 R09: 0000000000000000
[  219.706515][ T7321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.706523][ T7321] R13: 0000000000000000 R14: 00007fdaa91b5fa0 R15: 00007ffd5595ad48
[  219.706546][ T7321]  </TASK>
[  220.929029][ T7339] netlink: 4 bytes leftover after parsing attributes in process `syz.4.317'.
[  221.064279][ T7339] bridge_slave_1: left allmulticast mode
[  221.139585][ T7339] bridge_slave_1: left promiscuous mode
[  221.146797][ T7339] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.303659][ T7339] bridge_slave_0: left allmulticast mode
[  221.309684][ T7339] bridge_slave_0: left promiscuous mode
[  221.330180][ T7339] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.786902][ T7367] FAULT_INJECTION: forcing a failure.
[  223.786902][ T7367] name failslab, interval 1, probability 0, space 0, times 0
[  223.830413][ T7367] CPU: 0 UID: 0 PID: 7367 Comm: syz.5.326 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  223.830449][ T7367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  223.830464][ T7367] Call Trace:
[  223.830474][ T7367]  <TASK>
[  223.830484][ T7367]  dump_stack_lvl+0x189/0x250
[  223.830525][ T7367]  ? __pfx____ratelimit+0x10/0x10
[  223.830560][ T7367]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.830596][ T7367]  ? __pfx__printk+0x10/0x10
[  223.830628][ T7367]  ? ref_tracker_alloc+0x318/0x460
[  223.830664][ T7367]  should_fail_ex+0x414/0x560
[  223.830700][ T7367]  should_failslab+0xa8/0x100
[  223.830733][ T7367]  kmem_cache_alloc_noprof+0x73/0x3c0
[  223.830761][ T7367]  ? skb_clone+0x212/0x3a0
[  223.830798][ T7367]  skb_clone+0x212/0x3a0
[  223.830835][ T7367]  __netlink_deliver_tap+0x404/0x850
[  223.830879][ T7367]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.830908][ T7367]  netlink_deliver_tap+0x19c/0x1b0
[  223.830938][ T7367]  netlink_unicast+0x72f/0x8d0
[  223.830977][ T7367]  netlink_sendmsg+0x805/0xb30
[  223.831017][ T7367]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.831056][ T7367]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  223.831100][ T7367]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.831126][ T7367]  __sock_sendmsg+0x21c/0x270
[  223.831162][ T7367]  ____sys_sendmsg+0x505/0x830
[  223.831196][ T7367]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.831233][ T7367]  ? import_iovec+0x74/0xa0
[  223.831258][ T7367]  ___sys_sendmsg+0x21f/0x2a0
[  223.831287][ T7367]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.831356][ T7367]  ? __fget_files+0x2a/0x420
[  223.831383][ T7367]  ? __fget_files+0x3a0/0x420
[  223.831424][ T7367]  __x64_sys_sendmsg+0x19b/0x260
[  223.831463][ T7367]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  223.831500][ T7367]  ? __pfx_ksys_write+0x10/0x10
[  223.831523][ T7367]  ? rcu_is_watching+0x15/0xb0
[  223.831559][ T7367]  ? do_syscall_64+0xbe/0x3b0
[  223.831596][ T7367]  do_syscall_64+0xfa/0x3b0
[  223.831633][ T7367]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.831664][ T7367]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.831685][ T7367]  ? clear_bhb_loop+0x60/0xb0
[  223.831711][ T7367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.831731][ T7367] RIP: 0033:0x7fb87ff8e929
[  223.831750][ T7367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.831768][ T7367] RSP: 002b:00007fb880d77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.831790][ T7367] RAX: ffffffffffffffda RBX: 00007fb8801b5fa0 RCX: 00007fb87ff8e929
[  223.831806][ T7367] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  223.831820][ T7367] RBP: 00007fb880d77090 R08: 0000000000000000 R09: 0000000000000000
[  223.831833][ T7367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.831845][ T7367] R13: 0000000000000000 R14: 00007fb8801b5fa0 R15: 00007ffd76573e58
[  223.831878][ T7367]  </TASK>
[  223.836325][ T7367] netlink: 100 bytes leftover after parsing attributes in process `syz.5.326'.
[  224.157353][ T7369] FAULT_INJECTION: forcing a failure.
[  224.157353][ T7369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.196128][ T7369] CPU: 1 UID: 0 PID: 7369 Comm: syz.0.328 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  224.196160][ T7369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.196172][ T7369] Call Trace:
[  224.196181][ T7369]  <TASK>
[  224.196189][ T7369]  dump_stack_lvl+0x189/0x250
[  224.196226][ T7369]  ? __pfx____ratelimit+0x10/0x10
[  224.196256][ T7369]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.196288][ T7369]  ? __pfx__printk+0x10/0x10
[  224.196319][ T7369]  ? __might_fault+0xb0/0x130
[  224.196356][ T7369]  should_fail_ex+0x414/0x560
[  224.196387][ T7369]  _copy_from_user+0x2d/0xb0
[  224.196409][ T7369]  ___sys_sendmsg+0x158/0x2a0
[  224.196440][ T7369]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.196506][ T7369]  ? __fget_files+0x2a/0x420
[  224.196535][ T7369]  ? __fget_files+0x3a0/0x420
[  224.196575][ T7369]  __x64_sys_sendmsg+0x19b/0x260
[  224.196605][ T7369]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  224.196643][ T7369]  ? __pfx_ksys_write+0x10/0x10
[  224.196665][ T7369]  ? rcu_is_watching+0x15/0xb0
[  224.196702][ T7369]  ? do_syscall_64+0xbe/0x3b0
[  224.196739][ T7369]  do_syscall_64+0xfa/0x3b0
[  224.196771][ T7369]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.196802][ T7369]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.196824][ T7369]  ? clear_bhb_loop+0x60/0xb0
[  224.196851][ T7369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.196873][ T7369] RIP: 0033:0x7f2b7358e929
[  224.196893][ T7369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.196910][ T7369] RSP: 002b:00007f2b74494038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.196933][ T7369] RAX: ffffffffffffffda RBX: 00007f2b737b5fa0 RCX: 00007f2b7358e929
[  224.196949][ T7369] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  224.196962][ T7369] RBP: 00007f2b74494090 R08: 0000000000000000 R09: 0000000000000000
[  224.196975][ T7369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.196987][ T7369] R13: 0000000000000000 R14: 00007f2b737b5fa0 R15: 00007ffe7e4cb748
[  224.197019][ T7369]  </TASK>
[  224.527998][ T7372] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  225.543660][ T7386] trusted_key: encrypted_key: insufficient parameters specified
[  225.682544][ T7391] netlink: 80 bytes leftover after parsing attributes in process `syz.5.336'.
[  226.245654][ T7405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.259569][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  226.426329][ T7417] syz_tun: entered allmulticast mode
[  226.440101][   T24] usb 1-1: Using ep0 maxpacket: 8
[  226.458466][   T24] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  226.472851][ T7416] syz_tun: left allmulticast mode
[  226.488285][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.510360][   T24] usb 1-1: Product: syz
[  226.514600][   T24] usb 1-1: Manufacturer: syz
[  226.530897][   T24] usb 1-1: SerialNumber: syz
[  226.576209][   T24] usb 1-1: config 0 descriptor??
[  226.581639][ T5955] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  226.619129][   T24] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  226.653136][   T24] usb 1-1: setting power ON
[  226.658198][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  226.671016][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  226.682352][   T24] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  226.719205][   T24] usb 1-1: media controller created
[  226.796845][ T7424] syz_tun: entered allmulticast mode
[  226.811917][ T5955] usb 5-1: Using ep0 maxpacket: 16
[  226.818731][ T7399] FAULT_INJECTION: forcing a failure.
[  226.818731][ T7399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.846185][ T5955] usb 5-1: config 64 has an invalid interface number: 176 but max is 4
[  226.856810][ T7422] syz_tun: left allmulticast mode
[  226.859536][ T7399] CPU: 0 UID: 0 PID: 7399 Comm: syz.0.338 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  226.859569][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.859582][ T7399] Call Trace:
[  226.859594][ T7399]  <TASK>
[  226.859604][ T7399]  dump_stack_lvl+0x189/0x250
[  226.859647][ T7399]  ? __pfx____ratelimit+0x10/0x10
[  226.859684][ T7399]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.859719][ T7399]  ? __pfx__printk+0x10/0x10
[  226.859745][ T7399]  ? __might_fault+0xb0/0x130
[  226.859799][ T7399]  should_fail_ex+0x414/0x560
[  226.859837][ T7399]  _copy_from_user+0x2d/0xb0
[  226.859860][ T7399]  memdup_user+0x5e/0xd0
[  226.859898][ T7399]  i2cdev_ioctl+0x604/0x7f0
[  226.859928][ T7399]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  226.859958][ T7399]  ? __fget_files+0x3a0/0x420
[  226.859990][ T7399]  ? __fget_files+0x2a/0x420
[  226.860027][ T7399]  ? bpf_lsm_file_ioctl+0x9/0x20
[  226.860059][ T7399]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  226.860087][ T7399]  __se_sys_ioctl+0xf9/0x170
[  226.860116][ T7399]  do_syscall_64+0xfa/0x3b0
[  226.860152][ T7399]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.860187][ T7399]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.860212][ T7399]  ? clear_bhb_loop+0x60/0xb0
[  226.860241][ T7399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.860263][ T7399] RIP: 0033:0x7f2b7358e929
[  226.860286][ T7399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.860305][ T7399] RSP: 002b:00007f2b74494038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  226.860329][ T7399] RAX: ffffffffffffffda RBX: 00007f2b737b5fa0 RCX: 00007f2b7358e929
[  226.860347][ T7399] RDX: 0000200000000040 RSI: 0000000000000707 RDI: 0000000000000007
[  226.860362][ T7399] RBP: 00007f2b74494090 R08: 0000000000000000 R09: 0000000000000000
[  226.860378][ T7399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.860391][ T7399] R13: 0000000000000000 R14: 00007f2b737b5fa0 R15: 00007ffe7e4cb748
[  226.860427][ T7399]  </TASK>
[  227.074191][ T5955] usb 5-1: config 64 has 1 interface, different from the descriptor's value: 5
[  227.095608][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  227.112797][ T5955] usb 5-1: config 64 has no interface number 0
[  227.119154][ T5955] usb 5-1: config 64 interface 176 has no altsetting 0
[  227.277085][ T5955] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=14.8d
[  227.460429][ T5955] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.774545][ T5955] usb 5-1: Product: syz
[  227.798546][ T5955] usb 5-1: Manufacturer: syz
[  227.840046][   T24] usb 1-1: selecting invalid altsetting 6
[  227.848736][ T5955] usb 5-1: SerialNumber: syz
[  227.901547][   T24] usb 1-1: digital interface selection failed (-22)
[  227.908248][   T24] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  227.957244][   T24] usb 1-1: setting power OFF
[  227.982710][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  227.988785][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  228.050127][   T24] (NULL device *): no alternate interface
[  228.218624][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  228.267298][ T5955] peak_usb 5-1:64.176 can0: unable to request usb[type=0 value=1] err=-71
[  228.292421][ T5955] peak_usb 5-1:64.176: unable to read PCAN-USB X6 firmware info (err -71)
[  228.313774][   T24] usb 1-1: USB disconnect, device number 6
[  228.899657][ T7453] input: syz1 as /devices/virtual/input/input6
[  229.010559][ T5955] peak_usb 5-1:64.176: probe with driver peak_usb failed with error -71
[  229.355462][ T5955] usb 5-1: USB disconnect, device number 5
[  230.940122][ T7480] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  232.013560][ T7485] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  232.116350][ T7490] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  232.341931][ T7500] FAULT_INJECTION: forcing a failure.
[  232.341931][ T7500] name failslab, interval 1, probability 0, space 0, times 0
[  232.375566][ T7500] CPU: 0 UID: 0 PID: 7500 Comm: syz.2.376 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  232.375598][ T7500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  232.375611][ T7500] Call Trace:
[  232.375620][ T7500]  <TASK>
[  232.375630][ T7500]  dump_stack_lvl+0x189/0x250
[  232.375668][ T7500]  ? __pfx____ratelimit+0x10/0x10
[  232.375700][ T7500]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.375744][ T7500]  ? __pfx__printk+0x10/0x10
[  232.375773][ T7500]  ? ref_tracker_alloc+0x318/0x460
[  232.375804][ T7500]  should_fail_ex+0x414/0x560
[  232.375853][ T7500]  should_failslab+0xa8/0x100
[  232.375884][ T7500]  kmem_cache_alloc_noprof+0x73/0x3c0
[  232.375909][ T7500]  ? skb_clone+0x212/0x3a0
[  232.375943][ T7500]  skb_clone+0x212/0x3a0
[  232.375975][ T7500]  __netlink_deliver_tap+0x404/0x850
[  232.376015][ T7500]  ? netlink_deliver_tap+0x2e/0x1b0
[  232.376041][ T7500]  netlink_deliver_tap+0x19c/0x1b0
[  232.376068][ T7500]  netlink_unicast+0x72f/0x8d0
[  232.376102][ T7500]  netlink_sendmsg+0x805/0xb30
[  232.376139][ T7500]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.376174][ T7500]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  232.376200][ T7500]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.376227][ T7500]  __sock_sendmsg+0x21c/0x270
[  232.376264][ T7500]  ____sys_sendmsg+0x505/0x830
[  232.376297][ T7500]  ? __pfx_____sys_sendmsg+0x10/0x10
[  232.376335][ T7500]  ? import_iovec+0x74/0xa0
[  232.376360][ T7500]  ___sys_sendmsg+0x21f/0x2a0
[  232.376390][ T7500]  ? __pfx____sys_sendmsg+0x10/0x10
[  232.376468][ T7500]  ? __fget_files+0x2a/0x420
[  232.376495][ T7500]  ? __fget_files+0x3a0/0x420
[  232.376537][ T7500]  __x64_sys_sendmsg+0x19b/0x260
[  232.376567][ T7500]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  232.376606][ T7500]  ? __pfx_ksys_write+0x10/0x10
[  232.376628][ T7500]  ? rcu_is_watching+0x15/0xb0
[  232.376666][ T7500]  ? do_syscall_64+0xbe/0x3b0
[  232.376703][ T7500]  do_syscall_64+0xfa/0x3b0
[  232.376734][ T7500]  ? lockdep_hardirqs_on+0x9c/0x150
[  232.376764][ T7500]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.376786][ T7500]  ? clear_bhb_loop+0x60/0xb0
[  232.376813][ T7500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.376834][ T7500] RIP: 0033:0x7f5cd6f8e929
[  232.376853][ T7500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.376871][ T7500] RSP: 002b:00007f5cd4df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  232.376894][ T7500] RAX: ffffffffffffffda RBX: 00007f5cd71b5fa0 RCX: 00007f5cd6f8e929
[  232.376909][ T7500] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  232.376923][ T7500] RBP: 00007f5cd4df6090 R08: 0000000000000000 R09: 0000000000000000
[  232.376936][ T7500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.376948][ T7500] R13: 0000000000000000 R14: 00007f5cd71b5fa0 R15: 00007ffce58618c8
[  232.376982][ T7500]  </TASK>
[  232.661450][    C0] vkms_vblank_simulate: vblank timer overrun
[  234.028787][ T7529] trusted_key: encrypted_key: insufficient parameters specified
[  234.489294][ T5876] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  234.572133][ T7531] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  234.729525][ T5876] usb 3-1: Using ep0 maxpacket: 8
[  234.759950][ T5876] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[  234.784720][ T5876] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  234.813352][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.849472][ T5876] usb 3-1: Product: syz
[  234.853744][ T5876] usb 3-1: Manufacturer: syz
[  234.872629][ T5876] usb 3-1: SerialNumber: syz
[  234.923776][ T5876] usb 3-1: config 0 descriptor??
[  234.967379][ T5876] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  234.978875][ T5876] usb 3-1: setting power ON
[  234.991824][ T5876] dvb-usb: bulk message failed: -22 (2/0)
[  235.013198][ T5876] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  235.076327][ T5876] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  235.109602][ T5876] usb 3-1: media controller created
[  235.244312][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  235.389979][ T5876] usb 3-1: selecting invalid altsetting 6
[  235.463874][ T5876] usb 3-1: digital interface selection failed (-22)
[  235.559957][ T5876] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  235.651213][ T5876] usb 3-1: setting power OFF
[  235.683925][ T5876] dvb-usb: bulk message failed: -22 (2/0)
[  235.714698][ T5876] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  235.754820][ T5876] (NULL device *): no alternate interface
[  236.187436][ T5876] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  236.680413][ T5876] usb 3-1: USB disconnect, device number 7
[  237.933948][ T7574] FAULT_INJECTION: forcing a failure.
[  237.933948][ T7574] name failslab, interval 1, probability 0, space 0, times 0
[  238.044910][ T7574] CPU: 1 UID: 0 PID: 7574 Comm: syz.1.402 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  238.044943][ T7574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.044956][ T7574] Call Trace:
[  238.044965][ T7574]  <TASK>
[  238.044975][ T7574]  dump_stack_lvl+0x189/0x250
[  238.045012][ T7574]  ? __pfx____ratelimit+0x10/0x10
[  238.045045][ T7574]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.045078][ T7574]  ? __pfx__printk+0x10/0x10
[  238.045103][ T7574]  ? __pfx___might_resched+0x10/0x10
[  238.045135][ T7574]  ? fs_reclaim_acquire+0x7d/0x100
[  238.045172][ T7574]  should_fail_ex+0x414/0x560
[  238.045205][ T7574]  should_failslab+0xa8/0x100
[  238.045235][ T7574]  __kmalloc_noprof+0xcb/0x4f0
[  238.045261][ T7574]  ? tomoyo_encode+0x28b/0x550
[  238.045299][ T7574]  tomoyo_encode+0x28b/0x550
[  238.045338][ T7574]  tomoyo_realpath_from_path+0x58d/0x5d0
[  238.045384][ T7574]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  238.045412][ T7574]  tomoyo_path_number_perm+0x1e8/0x5a0
[  238.045444][ T7574]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  238.045492][ T7574]  ? __lock_acquire+0xab9/0xd20
[  238.045545][ T7574]  ? __fget_files+0x2a/0x420
[  238.045578][ T7574]  ? __fget_files+0x2a/0x420
[  238.045605][ T7574]  ? __fget_files+0x3a0/0x420
[  238.045632][ T7574]  ? __fget_files+0x2a/0x420
[  238.045666][ T7574]  security_file_ioctl+0xcb/0x2d0
[  238.045698][ T7574]  __se_sys_ioctl+0x47/0x170
[  238.045724][ T7574]  do_syscall_64+0xfa/0x3b0
[  238.045756][ T7574]  ? lockdep_hardirqs_on+0x9c/0x150
[  238.045787][ T7574]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.045816][ T7574]  ? clear_bhb_loop+0x60/0xb0
[  238.045843][ T7574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.045864][ T7574] RIP: 0033:0x7f084238e929
[  238.045883][ T7574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.045901][ T7574] RSP: 002b:00007f0843131038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  238.045923][ T7574] RAX: ffffffffffffffda RBX: 00007f08425b5fa0 RCX: 00007f084238e929
[  238.045939][ T7574] RDX: 0000200000000040 RSI: 00000000c1105518 RDI: 0000000000000003
[  238.045953][ T7574] RBP: 00007f0843131090 R08: 0000000000000000 R09: 0000000000000000
[  238.045966][ T7574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.045978][ T7574] R13: 0000000000000000 R14: 00007f08425b5fa0 R15: 00007ffc1a7639a8
[  238.046013][ T7574]  </TASK>
[  238.046035][ T7574] ERROR: Out of memory at tomoyo_realpath_from_path.
[  238.186126][ T7578] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  238.368871][ T7578] syzkaller0: entered promiscuous mode
[  238.377956][ T7578] syzkaller0: entered allmulticast mode
[  238.574138][ T7583] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  239.178962][ T7577] tipc: Resetting bearer <eth:syzkaller0>
[  239.261114][ T7577] tipc: Disabling bearer <eth:syzkaller0>
[  239.292905][   T43] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  240.539571][   T43] usb 3-1: Using ep0 maxpacket: 8
[  240.549398][   T43] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[  240.624004][   T43] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  240.747513][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.764351][   T43] usb 3-1: Product: syz
[  240.768693][   T43] usb 3-1: Manufacturer: syz
[  240.785798][   T43] usb 3-1: SerialNumber: syz
[  240.799049][   T43] usb 3-1: config 0 descriptor??
[  240.853379][   T43] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  240.866333][   T43] usb 3-1: setting power ON
[  240.871611][   T43] dvb-usb: bulk message failed: -22 (2/0)
[  241.420894][   T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  241.451892][   T43] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  241.463126][   T43] usb 3-1: media controller created
[  241.748383][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  241.805442][ T7608] FAULT_INJECTION: forcing a failure.
[  241.805442][ T7608] name failslab, interval 1, probability 0, space 0, times 0
[  241.814014][ T7610] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  241.863769][ T7608] CPU: 1 UID: 0 PID: 7608 Comm: syz.5.415 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  241.863798][ T7608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.863821][ T7608] Call Trace:
[  241.863833][ T7608]  <TASK>
[  241.863842][ T7608]  dump_stack_lvl+0x189/0x250
[  241.863881][ T7608]  ? __pfx____ratelimit+0x10/0x10
[  241.863913][ T7608]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.863945][ T7608]  ? __pfx__printk+0x10/0x10
[  241.863970][ T7608]  ? __pfx___might_resched+0x10/0x10
[  241.864006][ T7608]  should_fail_ex+0x414/0x560
[  241.864038][ T7608]  should_failslab+0xa8/0x100
[  241.864066][ T7608]  kmem_cache_alloc_noprof+0x73/0x3c0
[  241.864089][ T7608]  ? getname_flags+0xb8/0x540
[  241.864123][ T7608]  getname_flags+0xb8/0x540
[  241.864155][ T7608]  user_path_at+0x24/0x60
[  241.864177][ T7608]  __se_sys_mount+0x2d3/0x410
[  241.864214][ T7608]  ? __pfx___se_sys_mount+0x10/0x10
[  241.864240][ T7608]  ? rcu_is_watching+0x15/0xb0
[  241.864277][ T7608]  ? do_syscall_64+0xbe/0x3b0
[  241.864308][ T7608]  ? __x64_sys_mount+0x20/0xc0
[  241.864339][ T7608]  do_syscall_64+0xfa/0x3b0
[  241.864373][ T7608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.864402][ T7608]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  241.864422][ T7608]  ? clear_bhb_loop+0x60/0xb0
[  241.864448][ T7608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.864469][ T7608] RIP: 0033:0x7fb87ff8e929
[  241.864488][ T7608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.864505][ T7608] RSP: 002b:00007fb880d77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  241.864528][ T7608] RAX: ffffffffffffffda RBX: 00007fb8801b5fa0 RCX: 00007fb87ff8e929
[  241.864544][ T7608] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  241.864558][ T7608] RBP: 00007fb880d77090 R08: 0000200000000080 R09: 0000000000000000
[  241.864571][ T7608] R10: 0000000002004000 R11: 0000000000000246 R12: 0000000000000001
[  241.864584][ T7608] R13: 0000000000000000 R14: 00007fb8801b5fa0 R15: 00007ffd76573e58
[  241.864617][ T7608]  </TASK>
[  242.381362][   T43] usb 3-1: selecting invalid altsetting 6
[  242.411685][   T43] usb 3-1: digital interface selection failed (-22)
[  242.476002][   T43] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  242.503594][   T43] usb 3-1: setting power OFF
[  242.544814][   T43] dvb-usb: bulk message failed: -22 (2/0)
[  242.591844][   T43] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  242.626137][   T43] (NULL device *): no alternate interface
[  242.726290][ T7617] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!Ý
[  242.884903][   T43] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  242.952598][   T43] usb 3-1: USB disconnect, device number 8
[  243.859576][   T43] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  244.072091][   T43] usb 3-1: Using ep0 maxpacket: 32
[  244.083443][   T43] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  244.242834][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.282454][   T43] usb 3-1: config 0 descriptor??
[  244.302401][   T43] gspca_main: nw80x-2.14.0 probing 055f:d001
[  244.434853][ T7652] netlink: 8 bytes leftover after parsing attributes in process `syz.4.430'.
[  244.480331][ T7652] netlink: 8 bytes leftover after parsing attributes in process `syz.4.430'.
[  244.716974][   T43] gspca_nw80x: reg_r err -32
[  244.738022][   T43] nw80x 3-1:0.0: probe with driver nw80x failed with error -32
[  244.859717][ T5941] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  245.039930][ T5941] usb 1-1: Using ep0 maxpacket: 16
[  245.066105][ T5941] usb 1-1: config 0 has an invalid interface number: 134 but max is 0
[  245.079997][ T5941] usb 1-1: config 0 has no interface number 0
[  245.093218][ T5941] usb 1-1: too many endpoints for config 0 interface 134 altsetting 161: 120, using maximum allowed: 30
[  245.128992][ T5941] usb 1-1: config 0 interface 134 altsetting 161 has 0 endpoint descriptors, different from the interface descriptor's value: 120
[  245.147489][ T5941] usb 1-1: config 0 interface 134 has no altsetting 0
[  245.303008][ T5941] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  245.312500][ T5941] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  245.321118][ T5941] usb 1-1: Product: syz
[  245.325515][ T5941] usb 1-1: Manufacturer: syz
[  245.390168][ T5941] usb 1-1: SerialNumber: syz
[  245.420929][ T7671] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  245.742181][ T5941] usb 1-1: config 0 descriptor??
[  246.006101][ T5941] usb 1-1: USB disconnect, device number 7
[  246.721845][ T7682] netlink: 'syz.5.440': attribute type 1 has an invalid length.
[  246.823034][ T7682] bond1: entered promiscuous mode
[  246.853247][ T7682] 8021q: adding VLAN 0 to HW filter on device bond1
[  246.984835][ T5955] usb 3-1: USB disconnect, device number 9
[  247.070603][ T7686] 8021q: adding VLAN 0 to HW filter on device bond1
[  247.103048][ T7686] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  247.114630][ T7686] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  247.123396][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.0.441'.
[  247.145911][ T7695] FAULT_INJECTION: forcing a failure.
[  247.145911][ T7695] name failslab, interval 1, probability 0, space 0, times 0
[  247.168650][ T7686] bond1: (slave ip6gre1): making interface the new active one
[  247.176881][ T7695] CPU: 1 UID: 0 PID: 7695 Comm: syz.2.444 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  247.176910][ T7695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.176922][ T7695] Call Trace:
[  247.176931][ T7695]  <TASK>
[  247.176941][ T7695]  dump_stack_lvl+0x189/0x250
[  247.176977][ T7695]  ? __pfx____ratelimit+0x10/0x10
[  247.177008][ T7695]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.177039][ T7695]  ? __pfx__printk+0x10/0x10
[  247.177068][ T7695]  ? ref_tracker_alloc+0x318/0x460
[  247.177100][ T7695]  should_fail_ex+0x414/0x560
[  247.177131][ T7695]  should_failslab+0xa8/0x100
[  247.177161][ T7695]  kmem_cache_alloc_noprof+0x73/0x3c0
[  247.177186][ T7695]  ? skb_clone+0x212/0x3a0
[  247.177218][ T7695]  skb_clone+0x212/0x3a0
[  247.177250][ T7695]  __netlink_deliver_tap+0x404/0x850
[  247.177287][ T7695]  ? netlink_deliver_tap+0x2e/0x1b0
[  247.177313][ T7695]  netlink_deliver_tap+0x19c/0x1b0
[  247.177339][ T7695]  netlink_unicast+0x72f/0x8d0
[  247.177373][ T7695]  netlink_sendmsg+0x805/0xb30
[  247.177407][ T7695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.177441][ T7695]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  247.177466][ T7695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.177492][ T7695]  __sock_sendmsg+0x21c/0x270
[  247.177527][ T7695]  ____sys_sendmsg+0x505/0x830
[  247.177561][ T7695]  ? __pfx_____sys_sendmsg+0x10/0x10
[  247.177598][ T7695]  ? import_iovec+0x74/0xa0
[  247.177622][ T7695]  ___sys_sendmsg+0x21f/0x2a0
[  247.177651][ T7695]  ? __pfx____sys_sendmsg+0x10/0x10
[  247.177718][ T7695]  ? __fget_files+0x2a/0x420
[  247.177745][ T7695]  ? __fget_files+0x3a0/0x420
[  247.177784][ T7695]  __x64_sys_sendmsg+0x19b/0x260
[  247.177819][ T7695]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  247.177857][ T7695]  ? __pfx_ksys_write+0x10/0x10
[  247.177879][ T7695]  ? rcu_is_watching+0x15/0xb0
[  247.177915][ T7695]  ? do_syscall_64+0xbe/0x3b0
[  247.177952][ T7695]  do_syscall_64+0xfa/0x3b0
[  247.177982][ T7695]  ? lockdep_hardirqs_on+0x9c/0x150
[  247.178012][ T7695]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.178032][ T7695]  ? clear_bhb_loop+0x60/0xb0
[  247.178058][ T7695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.178078][ T7695] RIP: 0033:0x7f5cd6f8e929
[  247.178096][ T7695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.178114][ T7695] RSP: 002b:00007f5cd4df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.178135][ T7695] RAX: ffffffffffffffda RBX: 00007f5cd71b5fa0 RCX: 00007f5cd6f8e929
[  247.178151][ T7695] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[  247.178164][ T7695] RBP: 00007f5cd4df6090 R08: 0000000000000000 R09: 0000000000000000
[  247.178177][ T7695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.178187][ T7695] R13: 0000000000000000 R14: 00007f5cd71b5fa0 R15: 00007ffce58618c8
[  247.178220][ T7695]  </TASK>
[  247.178373][ T7686] ip6gre1: entered promiscuous mode
[  247.525442][ T7686] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  247.548141][ T7693] IPVS: Error joining to the multicast group
[  248.148724][ T7704] ceph: No mds server is up or the cluster is laggy
[  248.164931][   T43] libceph: connect (1)[c::]:6789 error -101
[  248.495635][ T5941] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  248.520072][   T43] libceph: mon0 (1)[c::]:6789 connect error
[  248.711219][ T5941] usb 5-1: Using ep0 maxpacket: 8
[  248.723056][ T5941] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  248.758133][ T5941] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  248.784454][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.817062][ T5941] usb 5-1: config 0 descriptor??
[  248.834448][ T5941] gspca_main: vc032x-2.14.0 probing 046d:0892
[  249.298783][ T7721] trusted_key: encrypted_key: insufficient parameters specified
[  249.816912][ T5941] gspca_vc032x: reg_r err -71
[  249.822276][ T5941] vc032x 5-1:0.0: probe with driver vc032x failed with error -71
[  249.989996][ T5941] usb 5-1: USB disconnect, device number 6
[  250.023197][ T5876] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  250.193842][ T7728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.454'.
[  250.199665][ T5876] usb 3-1: Using ep0 maxpacket: 32
[  250.225870][ T5876] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  250.245953][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.272454][ T5876] usb 3-1: config 0 descriptor??
[  250.278149][ T7728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.454'.
[  250.282835][ T5876] gspca_main: nw80x-2.14.0 probing 055f:d001
[  251.018251][ T7739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.457'.
[  251.035307][ T5876] gspca_nw80x: reg_r err -32
[  251.040301][ T5876] nw80x 3-1:0.0: probe with driver nw80x failed with error -32
[  251.090643][ T7739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.457'.
[  251.701885][ T7744] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  253.304996][ T7750] ceph: No mds server is up or the cluster is laggy
[  253.305962][ T5955] libceph: connect (1)[c::]:6789 error -101
[  253.325798][ T5955] libceph: mon0 (1)[c::]:6789 connect error
[  253.483724][ T5955] usb 3-1: USB disconnect, device number 10
[  255.615733][ T7772] FAULT_INJECTION: forcing a failure.
[  255.615733][ T7772] name failslab, interval 1, probability 0, space 0, times 0
[  255.677081][ T7772] CPU: 0 UID: 0 PID: 7772 Comm: syz.2.466 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  255.677112][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  255.677125][ T7772] Call Trace:
[  255.677133][ T7772]  <TASK>
[  255.677143][ T7772]  dump_stack_lvl+0x189/0x250
[  255.677178][ T7772]  ? __pfx____ratelimit+0x10/0x10
[  255.677209][ T7772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.677241][ T7772]  ? __pfx__printk+0x10/0x10
[  255.677266][ T7772]  ? ref_tracker_alloc+0x318/0x460
[  255.677298][ T7772]  should_fail_ex+0x414/0x560
[  255.677331][ T7772]  should_failslab+0xa8/0x100
[  255.677362][ T7772]  kmem_cache_alloc_noprof+0x73/0x3c0
[  255.677387][ T7772]  ? skb_clone+0x212/0x3a0
[  255.677421][ T7772]  skb_clone+0x212/0x3a0
[  255.677454][ T7772]  __netlink_deliver_tap+0x404/0x850
[  255.677494][ T7772]  ? netlink_deliver_tap+0x2e/0x1b0
[  255.677520][ T7772]  netlink_deliver_tap+0x19c/0x1b0
[  255.677547][ T7772]  netlink_unicast+0x72f/0x8d0
[  255.677581][ T7772]  netlink_sendmsg+0x805/0xb30
[  255.677617][ T7772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.677653][ T7772]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  255.677679][ T7772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.677705][ T7772]  __sock_sendmsg+0x21c/0x270
[  255.677742][ T7772]  ____sys_sendmsg+0x505/0x830
[  255.677775][ T7772]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.677813][ T7772]  ? import_iovec+0x74/0xa0
[  255.677838][ T7772]  ___sys_sendmsg+0x21f/0x2a0
[  255.677867][ T7772]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.677943][ T7772]  ? __fget_files+0x2a/0x420
[  255.677970][ T7772]  ? __fget_files+0x3a0/0x420
[  255.678010][ T7772]  __x64_sys_sendmsg+0x19b/0x260
[  255.678040][ T7772]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  255.678079][ T7772]  ? __pfx_ksys_write+0x10/0x10
[  255.678101][ T7772]  ? rcu_is_watching+0x15/0xb0
[  255.678139][ T7772]  ? do_syscall_64+0xbe/0x3b0
[  255.678176][ T7772]  do_syscall_64+0xfa/0x3b0
[  255.678208][ T7772]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.678239][ T7772]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.678260][ T7772]  ? clear_bhb_loop+0x60/0xb0
[  255.678287][ T7772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.678307][ T7772] RIP: 0033:0x7f5cd6f8e929
[  255.678326][ T7772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.678344][ T7772] RSP: 002b:00007f5cd4df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.678366][ T7772] RAX: ffffffffffffffda RBX: 00007f5cd71b5fa0 RCX: 00007f5cd6f8e929
[  255.678382][ T7772] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  255.678395][ T7772] RBP: 00007f5cd4df6090 R08: 0000000000000000 R09: 0000000000000000
[  255.678408][ T7772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.678420][ T7772] R13: 0000000000000000 R14: 00007f5cd71b5fa0 R15: 00007ffce58618c8
[  255.678454][ T7772]  </TASK>
[  255.972273][ T7772] netlink: 100 bytes leftover after parsing attributes in process `syz.2.466'.
[  256.107016][ T7776] tipc: Can't bind to reserved service type 2
[  256.572768][ T7784] netlink: 8 bytes leftover after parsing attributes in process `syz.4.471'.
[  256.609656][ T7784] netlink: 8 bytes leftover after parsing attributes in process `syz.4.471'.
[  257.531514][ T7791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.472'.
[  257.705447][ T7791] sctp: failed to load transform for md5: -2
[  257.912699][ T7806] netlink: 'syz.4.476': attribute type 39 has an invalid length.
[  258.129400][ T5941] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  258.259002][ T7810] lo: entered promiscuous mode
[  258.267773][ T7810] tunl0: entered promiscuous mode
[  258.277227][ T7810] gre0: entered promiscuous mode
[  258.287127][ T7810] gretap0: entered promiscuous mode
[  258.297428][ T7810] erspan0: entered promiscuous mode
[  258.306352][ T7810] ip_vti0: entered promiscuous mode
[  259.212465][ T5941] usb 1-1: Using ep0 maxpacket: 32
[  259.255532][ T5941] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  259.326060][ T5941] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.446693][ T5941] usb 1-1: config 0 descriptor??
[  259.496235][ T5941] gspca_main: nw80x-2.14.0 probing 055f:d001
[  260.686902][ T5941] gspca_nw80x: reg_r err -32
[  260.700441][ T5941] nw80x 1-1:0.0: probe with driver nw80x failed with error -32
[  260.893149][ T7830] trusted_key: encrypted_key: insufficient parameters specified
[  261.380376][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  261.387184][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  262.069118][ T7835] FAULT_INJECTION: forcing a failure.
[  262.069118][ T7835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.175458][ T7835] CPU: 1 UID: 0 PID: 7835 Comm: syz.2.483 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  262.175489][ T7835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  262.175502][ T7835] Call Trace:
[  262.175511][ T7835]  <TASK>
[  262.175520][ T7835]  dump_stack_lvl+0x189/0x250
[  262.175559][ T7835]  ? __pfx____ratelimit+0x10/0x10
[  262.175592][ T7835]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.175623][ T7835]  ? __pfx__printk+0x10/0x10
[  262.175645][ T7835]  ? __might_fault+0xb0/0x130
[  262.175684][ T7835]  should_fail_ex+0x414/0x560
[  262.175717][ T7835]  _copy_from_user+0x2d/0xb0
[  262.175739][ T7835]  btf_new_fd+0x33a/0xc90
[  262.175772][ T7835]  ? __pfx_btf_new_fd+0x10/0x10
[  262.175795][ T7835]  ? bpf_token_put+0x143/0x160
[  262.175821][ T7835]  ? bpf_btf_load+0x126/0x190
[  262.175853][ T7835]  __sys_bpf+0x635/0x860
[  262.175884][ T7835]  ? __pfx___sys_bpf+0x10/0x10
[  262.175925][ T7835]  ? ksys_write+0x22a/0x250
[  262.175956][ T7835]  ? __pfx_ksys_write+0x10/0x10
[  262.175980][ T7835]  __x64_sys_bpf+0x7c/0x90
[  262.175998][ T7835]  do_syscall_64+0xfa/0x3b0
[  262.176020][ T7835]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.176043][ T7835]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.176059][ T7835]  ? clear_bhb_loop+0x60/0xb0
[  262.176077][ T7835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.176092][ T7835] RIP: 0033:0x7f5cd6f8e929
[  262.176105][ T7835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.176118][ T7835] RSP: 002b:00007f5cd4df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  262.176134][ T7835] RAX: ffffffffffffffda RBX: 00007f5cd71b5fa0 RCX: 00007f5cd6f8e929
[  262.176145][ T7835] RDX: 0000000000000028 RSI: 0000200000000040 RDI: 0000000000000012
[  262.176155][ T7835] RBP: 00007f5cd4df6090 R08: 0000000000000000 R09: 0000000000000000
[  262.176164][ T7835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.176173][ T7835] R13: 0000000000000001 R14: 00007f5cd71b5fa0 R15: 00007ffce58618c8
[  262.176196][ T7835]  </TASK>
[  263.241007][ T7843] netlink: 'syz.2.488': attribute type 1 has an invalid length.
[  263.390747][ T7850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.485'.
[  263.395484][ T5955] usb 1-1: USB disconnect, device number 8
[  263.441014][ T7850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.485'.
[  263.507177][ T7847] bond1: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  263.695130][ T5876] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  263.736680][ T7855] netlink: 5 bytes leftover after parsing attributes in process `syz.0.489'.
[  263.831577][ T7855] netlink: 5 bytes leftover after parsing attributes in process `syz.0.489'.
[  263.892410][ T5876] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  263.923393][ T5876] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  264.039882][   T30] audit: type=1326 audit(1749941646.967:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7857 comm="syz.5.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb87ff8e929 code=0x7ffc0000
[  264.104192][ T5876] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  264.147671][ T5876] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  264.228592][   T30] audit: type=1326 audit(1749941646.967:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7857 comm="syz.5.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb87ff8e929 code=0x7ffc0000
[  264.275537][ T5876] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  264.299030][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  264.326010][   T30] audit: type=1326 audit(1749941646.967:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7857 comm="syz.5.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb87ff8e929 code=0x7ffc0000
[  264.347895][ T5876] usb 3-1: SerialNumber: syz
[  264.362093][ T7851] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  264.371066][ T7851] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  264.453819][   T30] audit: type=1326 audit(1749941646.967:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7857 comm="syz.5.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb87ff8e929 code=0x7ffc0000
[  264.490609][ T5876] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[  264.758261][ T5876] cdc_acm 3-1:1.0: ttyACM0: USB ACM device
[  264.769258][ T5876] usb 3-1: USB disconnect, device number 11
[  264.972628][ T7869] trusted_key: encrypted_key: insufficient parameters specified
[  265.735787][ T7876] netlink: 'syz.5.497': attribute type 15 has an invalid length.
[  266.539792][ T7880] netlink: 56 bytes leftover after parsing attributes in process `syz.5.497'.
[  266.867434][ T7882] bridge1: entered promiscuous mode
[  267.378006][ T5876] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  267.877228][ T5876] usb 1-1: Using ep0 maxpacket: 32
[  267.891144][ T5876] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  267.900700][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.985035][ T5876] usb 1-1: config 0 descriptor??
[  268.014289][ T5876] gspca_main: nw80x-2.14.0 probing 055f:d001
[  268.348203][ T7893] netlink: 60 bytes leftover after parsing attributes in process `syz.4.501'.
[  268.491433][ T5876] gspca_nw80x: reg_r err -32
[  268.503253][ T5876] nw80x 1-1:0.0: probe with driver nw80x failed with error -32
[  269.373856][ T7895] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  271.510449][ T5941] usb 1-1: USB disconnect, device number 9
[  271.732722][ T7931] FAULT_INJECTION: forcing a failure.
[  271.732722][ T7931] name failslab, interval 1, probability 0, space 0, times 0
[  271.746103][ T7931] CPU: 1 UID: 0 PID: 7931 Comm: syz.4.513 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  271.746132][ T7931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.746145][ T7931] Call Trace:
[  271.746155][ T7931]  <TASK>
[  271.746165][ T7931]  dump_stack_lvl+0x189/0x250
[  271.746203][ T7931]  ? __pfx____ratelimit+0x10/0x10
[  271.746236][ T7931]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.746268][ T7931]  ? __pfx__printk+0x10/0x10
[  271.746298][ T7931]  ? ref_tracker_alloc+0x318/0x460
[  271.746331][ T7931]  should_fail_ex+0x414/0x560
[  271.746364][ T7931]  should_failslab+0xa8/0x100
[  271.746394][ T7931]  kmem_cache_alloc_noprof+0x73/0x3c0
[  271.746420][ T7931]  ? skb_clone+0x212/0x3a0
[  271.746454][ T7931]  skb_clone+0x212/0x3a0
[  271.746486][ T7931]  __netlink_deliver_tap+0x404/0x850
[  271.746527][ T7931]  ? netlink_deliver_tap+0x2e/0x1b0
[  271.746554][ T7931]  netlink_deliver_tap+0x19c/0x1b0
[  271.746585][ T7931]  netlink_unicast+0x72f/0x8d0
[  271.746620][ T7931]  netlink_sendmsg+0x805/0xb30
[  271.746656][ T7931]  ? __pfx_netlink_sendmsg+0x10/0x10
[  271.746691][ T7931]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  271.746717][ T7931]  ? __pfx_netlink_sendmsg+0x10/0x10
[  271.746742][ T7931]  __sock_sendmsg+0x21c/0x270
[  271.746777][ T7931]  ____sys_sendmsg+0x505/0x830
[  271.746810][ T7931]  ? __pfx_____sys_sendmsg+0x10/0x10
[  271.746846][ T7931]  ? import_iovec+0x74/0xa0
[  271.746871][ T7931]  ___sys_sendmsg+0x21f/0x2a0
[  271.746899][ T7931]  ? __pfx____sys_sendmsg+0x10/0x10
[  271.746973][ T7931]  ? __fget_files+0x2a/0x420
[  271.746997][ T7931]  ? __fget_files+0x3a0/0x420
[  271.747032][ T7931]  __x64_sys_sendmsg+0x19b/0x260
[  271.747062][ T7931]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  271.747101][ T7931]  ? __pfx_ksys_write+0x10/0x10
[  271.747122][ T7931]  ? rcu_is_watching+0x15/0xb0
[  271.747160][ T7931]  ? do_syscall_64+0xbe/0x3b0
[  271.747198][ T7931]  do_syscall_64+0xfa/0x3b0
[  271.747230][ T7931]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.747260][ T7931]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.747282][ T7931]  ? clear_bhb_loop+0x60/0xb0
[  271.747308][ T7931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.747330][ T7931] RIP: 0033:0x7fdaa8f8e929
[  271.747350][ T7931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.747369][ T7931] RSP: 002b:00007fdaa9e1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  271.747391][ T7931] RAX: ffffffffffffffda RBX: 00007fdaa91b5fa0 RCX: 00007fdaa8f8e929
[  271.747407][ T7931] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: 0000000000000003
[  271.747421][ T7931] RBP: 00007fdaa9e1d090 R08: 0000000000000000 R09: 0000000000000000
[  271.747435][ T7931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.747448][ T7931] R13: 0000000000000000 R14: 00007fdaa91b5fa0 R15: 00007ffd5595ad48
[  271.747483][ T7931]  </TASK>
[  272.181010][ T7937] FAULT_INJECTION: forcing a failure.
[  272.181010][ T7937] name failslab, interval 1, probability 0, space 0, times 0
[  272.231310][ T7937] CPU: 0 UID: 0 PID: 7937 Comm: syz.0.514 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  272.231343][ T7937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.231357][ T7937] Call Trace:
[  272.231366][ T7937]  <TASK>
[  272.231376][ T7937]  dump_stack_lvl+0x189/0x250
[  272.231414][ T7937]  ? __pfx____ratelimit+0x10/0x10
[  272.231446][ T7937]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.231479][ T7937]  ? __pfx__printk+0x10/0x10
[  272.231509][ T7937]  ? ref_tracker_alloc+0x318/0x460
[  272.231542][ T7937]  should_fail_ex+0x414/0x560
[  272.231574][ T7937]  should_failslab+0xa8/0x100
[  272.231606][ T7937]  kmem_cache_alloc_noprof+0x73/0x3c0
[  272.231632][ T7937]  ? skb_clone+0x212/0x3a0
[  272.231666][ T7937]  skb_clone+0x212/0x3a0
[  272.231698][ T7937]  __netlink_deliver_tap+0x404/0x850
[  272.231738][ T7937]  ? netlink_deliver_tap+0x2e/0x1b0
[  272.231765][ T7937]  netlink_deliver_tap+0x19c/0x1b0
[  272.231791][ T7937]  netlink_unicast+0x72f/0x8d0
[  272.231827][ T7937]  netlink_sendmsg+0x805/0xb30
[  272.231863][ T7937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.231898][ T7937]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  272.231925][ T7937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.231951][ T7937]  __sock_sendmsg+0x21c/0x270
[  272.231988][ T7937]  ____sys_sendmsg+0x505/0x830
[  272.232021][ T7937]  ? __pfx_____sys_sendmsg+0x10/0x10
[  272.232059][ T7937]  ? import_iovec+0x74/0xa0
[  272.232084][ T7937]  ___sys_sendmsg+0x21f/0x2a0
[  272.232122][ T7937]  ? __pfx____sys_sendmsg+0x10/0x10
[  272.232192][ T7937]  ? __fget_files+0x2a/0x420
[  272.232220][ T7937]  ? __fget_files+0x3a0/0x420
[  272.232262][ T7937]  __x64_sys_sendmsg+0x19b/0x260
[  272.232296][ T7937]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  272.232335][ T7937]  ? __pfx_ksys_write+0x10/0x10
[  272.232357][ T7937]  ? rcu_is_watching+0x15/0xb0
[  272.232395][ T7937]  ? do_syscall_64+0xbe/0x3b0
[  272.232432][ T7937]  do_syscall_64+0xfa/0x3b0
[  272.232464][ T7937]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.232495][ T7937]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.232516][ T7937]  ? clear_bhb_loop+0x60/0xb0
[  272.232543][ T7937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.232564][ T7937] RIP: 0033:0x7f2b7358e929
[  272.232584][ T7937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.232602][ T7937] RSP: 002b:00007f2b74494038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.232625][ T7937] RAX: ffffffffffffffda RBX: 00007f2b737b5fa0 RCX: 00007f2b7358e929
[  272.232642][ T7937] RDX: 0000000004000040 RSI: 00002000000000c0 RDI: 0000000000000003
[  272.232656][ T7937] RBP: 00007f2b74494090 R08: 0000000000000000 R09: 0000000000000000
[  272.232670][ T7937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.232683][ T7937] R13: 0000000000000000 R14: 00007f2b737b5fa0 R15: 00007ffe7e4cb748
[  272.232718][ T7937]  </TASK>
[  272.521359][    C0] vkms_vblank_simulate: vblank timer overrun
[  272.585082][ T7935] blkio.reset_stats is deprecated
[  272.594998][ T7935] netlink: 104 bytes leftover after parsing attributes in process `syz.1.515'.
[  273.528910][   T30] audit: type=1326 audit(1749941655.874:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7953 comm="syz.4.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa8f8e929 code=0x7ffc0000
[  273.551692][ T7945] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  273.559473][   T30] audit: type=1326 audit(1749941655.902:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7953 comm="syz.4.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdaa8f8e929 code=0x7ffc0000
[  273.569260][ T7945] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  273.591210][   T30] audit: type=1326 audit(1749941655.902:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7953 comm="syz.4.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa8f8e929 code=0x7ffc0000
[  273.592942][ T7945] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  273.646431][ T7945] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  273.664389][ T7945] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  273.678600][   T30] audit: type=1326 audit(1749941655.902:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7953 comm="syz.4.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa8f8e929 code=0x7ffc0000
[  274.625138][ T7968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.525'.
[  274.671259][ T7968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.525'.
[  275.381448][ T5143] Bluetooth: hci0: command 0x0c1a tx timeout
[  275.574762][ T7976] netlink: 60 bytes leftover after parsing attributes in process `syz.0.527'.
[  275.724146][ T5143] Bluetooth: hci2: command 0x0c1a tx timeout
[  275.808719][ T5143] Bluetooth: hci1: command 0x0405 tx timeout
[  275.814779][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  275.821318][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  277.301424][ T7991] FAULT_INJECTION: forcing a failure.
[  277.301424][ T7991] name failslab, interval 1, probability 0, space 0, times 0
[  277.336604][ T7991] CPU: 0 UID: 0 PID: 7991 Comm: syz.5.535 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  277.336638][ T7991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  277.336652][ T7991] Call Trace:
[  277.336660][ T7991]  <TASK>
[  277.336670][ T7991]  dump_stack_lvl+0x189/0x250
[  277.336709][ T7991]  ? __pfx____ratelimit+0x10/0x10
[  277.336742][ T7991]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.336774][ T7991]  ? __pfx__printk+0x10/0x10
[  277.336804][ T7991]  ? ref_tracker_alloc+0x318/0x460
[  277.336838][ T7991]  should_fail_ex+0x414/0x560
[  277.336871][ T7991]  should_failslab+0xa8/0x100
[  277.336902][ T7991]  kmem_cache_alloc_noprof+0x73/0x3c0
[  277.336928][ T7991]  ? skb_clone+0x212/0x3a0
[  277.336963][ T7991]  skb_clone+0x212/0x3a0
[  277.336996][ T7991]  __netlink_deliver_tap+0x404/0x850
[  277.337040][ T7991]  ? netlink_deliver_tap+0x2e/0x1b0
[  277.337068][ T7991]  netlink_deliver_tap+0x19c/0x1b0
[  277.337094][ T7991]  netlink_unicast+0x72f/0x8d0
[  277.337128][ T7991]  netlink_sendmsg+0x805/0xb30
[  277.337163][ T7991]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.337197][ T7991]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  277.337223][ T7991]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.337271][ T7991]  __sock_sendmsg+0x21c/0x270
[  277.337310][ T7991]  ____sys_sendmsg+0x505/0x830
[  277.337344][ T7991]  ? __pfx_____sys_sendmsg+0x10/0x10
[  277.337382][ T7991]  ? import_iovec+0x74/0xa0
[  277.337407][ T7991]  ___sys_sendmsg+0x21f/0x2a0
[  277.337438][ T7991]  ? __pfx____sys_sendmsg+0x10/0x10
[  277.337509][ T7991]  ? __fget_files+0x2a/0x420
[  277.337544][ T7991]  ? __fget_files+0x3a0/0x420
[  277.337585][ T7991]  __x64_sys_sendmsg+0x19b/0x260
[  277.337617][ T7991]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  277.337656][ T7991]  ? __pfx_ksys_write+0x10/0x10
[  277.337678][ T7991]  ? rcu_is_watching+0x15/0xb0
[  277.337716][ T7991]  ? do_syscall_64+0xbe/0x3b0
[  277.337755][ T7991]  do_syscall_64+0xfa/0x3b0
[  277.337786][ T7991]  ? lockdep_hardirqs_on+0x9c/0x150
[  277.337818][ T7991]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.337839][ T7991]  ? clear_bhb_loop+0x60/0xb0
[  277.337867][ T7991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.337888][ T7991] RIP: 0033:0x7fb87ff8e929
[  277.337908][ T7991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.337927][ T7991] RSP: 002b:00007fb880d77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  277.337950][ T7991] RAX: ffffffffffffffda RBX: 00007fb8801b5fa0 RCX: 00007fb87ff8e929
[  277.337966][ T7991] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003
[  277.337979][ T7991] RBP: 00007fb880d77090 R08: 0000000000000000 R09: 0000000000000000
[  277.337992][ T7991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.338004][ T7991] R13: 0000000000000000 R14: 00007fb8801b5fa0 R15: 00007ffd76573e58
[  277.338038][ T7991]  </TASK>
[  279.351817][ T7995] netlink: 60 bytes leftover after parsing attributes in process `syz.1.533'.
[  279.528102][ T8016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.539'.
[  279.580893][ T8016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.539'.
[  280.402012][ T8021] tipc: Started in network mode
[  280.492720][ T8021] tipc: Node identity d29e2a783f23, cluster identity 4711
[  280.500083][ T8021] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  280.552251][ T8021] syzkaller0: entered promiscuous mode
[  280.569909][ T8021] syzkaller0: entered allmulticast mode
[  281.007558][ T8029] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  281.058230][ T5876] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  281.481393][ T8020] tipc: Resetting bearer <eth:syzkaller0>
[  281.561676][ T8020] tipc: Disabling bearer <eth:syzkaller0>
[  281.873744][ T8030] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  281.893959][ T8033] FAULT_INJECTION: forcing a failure.
[  281.893959][ T8033] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.944381][ T5876] usb 5-1: Using ep0 maxpacket: 8
[  281.949671][ T8033] CPU: 0 UID: 0 PID: 8033 Comm: syz.1.544 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  281.949700][ T8033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  281.949713][ T8033] Call Trace:
[  281.949722][ T8033]  <TASK>
[  281.949730][ T8033]  dump_stack_lvl+0x189/0x250
[  281.949767][ T8033]  ? __pfx____ratelimit+0x10/0x10
[  281.949797][ T8033]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.949828][ T8033]  ? __pfx__printk+0x10/0x10
[  281.949849][ T8033]  ? __might_fault+0xb0/0x130
[  281.949886][ T8033]  should_fail_ex+0x414/0x560
[  281.949918][ T8033]  _copy_from_iter+0x1db/0x16f0
[  281.949954][ T8033]  ? rcu_is_watching+0x15/0xb0
[  281.949986][ T8033]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  281.950024][ T8033]  ? __pfx__copy_from_iter+0x10/0x10
[  281.950058][ T8033]  ? __build_skb_around+0x257/0x3e0
[  281.950086][ T8033]  ? netlink_sendmsg+0x642/0xb30
[  281.950110][ T8033]  ? skb_put+0x11b/0x210
[  281.950137][ T8033]  netlink_sendmsg+0x6b2/0xb30
[  281.950173][ T8033]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.950205][ T8033]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  281.950230][ T8033]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.950255][ T8033]  __sock_sendmsg+0x21c/0x270
[  281.950292][ T8033]  ____sys_sendmsg+0x505/0x830
[  281.950323][ T8033]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.950360][ T8033]  ? import_iovec+0x74/0xa0
[  281.950385][ T8033]  ___sys_sendmsg+0x21f/0x2a0
[  281.950415][ T8033]  ? __pfx____sys_sendmsg+0x10/0x10
[  281.950478][ T8033]  ? __fget_files+0x2a/0x420
[  281.950505][ T8033]  ? __fget_files+0x3a0/0x420
[  281.950547][ T8033]  __x64_sys_sendmsg+0x19b/0x260
[  281.950578][ T8033]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  281.950617][ T8033]  ? __pfx_ksys_write+0x10/0x10
[  281.950640][ T8033]  ? rcu_is_watching+0x15/0xb0
[  281.950678][ T8033]  ? do_syscall_64+0xbe/0x3b0
[  281.950715][ T8033]  do_syscall_64+0xfa/0x3b0
[  281.950748][ T8033]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.950770][ T8033]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  281.950792][ T8033]  ? clear_bhb_loop+0x60/0xb0
[  281.950818][ T8033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.950839][ T8033] RIP: 0033:0x7f084238e929
[  281.950860][ T8033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.950878][ T8033] RSP: 002b:00007f0843131038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.950902][ T8033] RAX: ffffffffffffffda RBX: 00007f08425b5fa0 RCX: 00007f084238e929
[  281.950918][ T8033] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  281.950933][ T8033] RBP: 00007f0843131090 R08: 0000000000000000 R09: 0000000000000000
[  281.950946][ T8033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.950960][ T8033] R13: 0000000000000000 R14: 00007f08425b5fa0 R15: 00007ffc1a7639a8
[  281.951001][ T8033]  </TASK>
[  282.350475][ T5876] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  282.359819][ T5876] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  282.371962][ T5876] usb 5-1: Product: syz
[  282.376198][ T5876] usb 5-1: Manufacturer: syz
[  282.380952][ T5876] usb 5-1: SerialNumber: syz
[  282.407888][ T5876] usb 5-1: config 0 descriptor??
[  282.417445][ T5876] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  283.180369][ T8026] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.191589][ T8026] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.486477][ T5876] gspca_zc3xx: reg_w_i err -110
[  283.520543][ T5876] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -110
[  284.625569][   T43] usb 5-1: USB disconnect, device number 7
[  284.747897][ T8056] tipc: Started in network mode
[  284.752878][ T8056] tipc: Node identity 9e880ee2a0a6, cluster identity 4711
[  284.805043][ T8056] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  284.826580][ T8056] syzkaller0: entered promiscuous mode
[  284.841138][ T8056] syzkaller0: entered allmulticast mode
[  285.129772][   T43] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  285.618599][ T8068] netlink: 8 bytes leftover after parsing attributes in process `syz.4.554'.
[  285.716640][ T8068] netlink: 8 bytes leftover after parsing attributes in process `syz.4.554'.
[  285.995681][ T5955] tipc: Node number set to 1043205858
[  286.017319][   T43] usb 2-1: Using ep0 maxpacket: 16
[  286.084209][ T8059] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  287.669463][   T43] usb 2-1: device descriptor read/all, error -71
[  287.986726][ T8054] tipc: Resetting bearer <eth:syzkaller0>
[  288.058331][ T8054] tipc: Disabling bearer <eth:syzkaller0>
[  289.390297][ T8093] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  289.404860][ T8094] overlayfs: failed to decode file handle (len=12, type=248, flags=0, err=-61)
[  290.466600][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz.4.562'.
[  291.850067][ T8113] xt_TPROXY: Can be used only with -p tcp or -p udp
[  291.988111][ T8121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.566'.
[  292.013557][ T8121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.566'.
[  294.457024][ T8143] syz.5.574 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  294.808320][ T8139] random: crng reseeded on system resumption
[  295.248446][ T5839] Bluetooth: hci1: unexpected event for opcode 0x1009
[  295.281064][ T8158] netlink: 364 bytes leftover after parsing attributes in process `syz.0.578'.
[  295.667407][ T8165] FAULT_INJECTION: forcing a failure.
[  295.667407][ T8165] name failslab, interval 1, probability 0, space 0, times 0
[  295.680697][ T8165] CPU: 1 UID: 0 PID: 8165 Comm: syz.4.579 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  295.680729][ T8165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.680743][ T8165] Call Trace:
[  295.680753][ T8165]  <TASK>
[  295.680764][ T8165]  dump_stack_lvl+0x189/0x250
[  295.680805][ T8165]  ? __pfx____ratelimit+0x10/0x10
[  295.680839][ T8165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.680871][ T8165]  ? __pfx__printk+0x10/0x10
[  295.680902][ T8165]  ? ref_tracker_alloc+0x318/0x460
[  295.680938][ T8165]  should_fail_ex+0x414/0x560
[  295.680972][ T8165]  should_failslab+0xa8/0x100
[  295.681006][ T8165]  kmem_cache_alloc_noprof+0x73/0x3c0
[  295.681033][ T8165]  ? skb_clone+0x212/0x3a0
[  295.681070][ T8165]  skb_clone+0x212/0x3a0
[  295.681104][ T8165]  __netlink_deliver_tap+0x404/0x850
[  295.681145][ T8165]  ? netlink_deliver_tap+0x2e/0x1b0
[  295.681175][ T8165]  netlink_deliver_tap+0x19c/0x1b0
[  295.681203][ T8165]  netlink_unicast+0x72f/0x8d0
[  295.681241][ T8165]  netlink_sendmsg+0x805/0xb30
[  295.681289][ T8165]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.681327][ T8165]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  295.681354][ T8165]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.681382][ T8165]  __sock_sendmsg+0x21c/0x270
[  295.681421][ T8165]  ____sys_sendmsg+0x505/0x830
[  295.681458][ T8165]  ? __pfx_____sys_sendmsg+0x10/0x10
[  295.681499][ T8165]  ? import_iovec+0x74/0xa0
[  295.681525][ T8165]  ___sys_sendmsg+0x21f/0x2a0
[  295.681557][ T8165]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.681633][ T8165]  ? __fget_files+0x2a/0x420
[  295.681663][ T8165]  ? __fget_files+0x3a0/0x420
[  295.681707][ T8165]  __x64_sys_sendmsg+0x19b/0x260
[  295.681739][ T8165]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  295.681779][ T8165]  ? __pfx_ksys_write+0x10/0x10
[  295.681803][ T8165]  ? rcu_is_watching+0x15/0xb0
[  295.681842][ T8165]  ? do_syscall_64+0xbe/0x3b0
[  295.681882][ T8165]  do_syscall_64+0xfa/0x3b0
[  295.681915][ T8165]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.681947][ T8165]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.681970][ T8165]  ? clear_bhb_loop+0x60/0xb0
[  295.681999][ T8165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.682022][ T8165] RIP: 0033:0x7fdaa8f8e929
[  295.682042][ T8165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.682063][ T8165] RSP: 002b:00007fdaa9e1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  295.682087][ T8165] RAX: ffffffffffffffda RBX: 00007fdaa91b5fa0 RCX: 00007fdaa8f8e929
[  295.682104][ T8165] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  295.682118][ T8165] RBP: 00007fdaa9e1d090 R08: 0000000000000000 R09: 0000000000000000
[  295.682132][ T8165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.682146][ T8165] R13: 0000000000000000 R14: 00007fdaa91b5fa0 R15: 00007ffd5595ad48
[  295.682180][ T8165]  </TASK>
[  295.965206][    C1] vkms_vblank_simulate: vblank timer overrun
[  296.389478][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.583'.
[  296.424350][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.583'.
[  298.773840][ T8193] sp0: Synchronizing with TNC
[  298.851739][ T8190] btrfs: Unknown parameter 'barrieré«È›o[ì'
[  298.868793][ T5839] Bluetooth: hci1: unexpected event for opcode 0x0c7d
[  299.002884][ T8201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.590'.
[  299.045805][ T8202] netlink: 364 bytes leftover after parsing attributes in process `syz.2.591'.
[  299.064675][ T8201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.590'.
[  299.582984][ T8213] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  300.387578][ T8216] syzkaller0: entered promiscuous mode
[  300.411502][ T8216] syzkaller0: entered allmulticast mode
[  300.594632][ T8216] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  302.794494][ T8212] tipc: Resetting bearer <eth:syzkaller0>
[  302.932559][ T8212] tipc: Disabling bearer <eth:syzkaller0>
[  303.366986][ T8226] netlink: 8 bytes leftover after parsing attributes in process `syz.4.599'.
[  303.408340][ T8226] netlink: 8 bytes leftover after parsing attributes in process `syz.4.599'.
[  304.074187][ T8235] veth0: entered promiscuous mode
[  304.096174][ T8235] veth0: left promiscuous mode
[  304.166701][ T8235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.601'.
[  304.360827][ T8238] FAULT_INJECTION: forcing a failure.
[  304.360827][ T8238] name failslab, interval 1, probability 0, space 0, times 0
[  304.451005][ T8238] CPU: 1 UID: 0 PID: 8238 Comm: syz.1.603 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  304.451039][ T8238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.451053][ T8238] Call Trace:
[  304.451061][ T8238]  <TASK>
[  304.451071][ T8238]  dump_stack_lvl+0x189/0x250
[  304.451108][ T8238]  ? __pfx____ratelimit+0x10/0x10
[  304.451141][ T8238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.451174][ T8238]  ? __pfx__printk+0x10/0x10
[  304.451202][ T8238]  ? __pfx___might_resched+0x10/0x10
[  304.451234][ T8238]  ? fs_reclaim_acquire+0x7d/0x100
[  304.451281][ T8238]  should_fail_ex+0x414/0x560
[  304.451314][ T8238]  should_failslab+0xa8/0x100
[  304.451360][ T8238]  __kmalloc_cache_noprof+0x70/0x3d0
[  304.451384][ T8238]  ? iommufd_test+0x13cf/0x5170
[  304.451414][ T8238]  iommufd_test+0x13cf/0x5170
[  304.451450][ T8238]  ? __pfx_iommufd_test+0x10/0x10
[  304.451476][ T8238]  ? __lock_acquire+0xab9/0xd20
[  304.451513][ T8238]  ? __might_fault+0xb0/0x130
[  304.451577][ T8238]  iommufd_fops_ioctl+0x449/0x520
[  304.451613][ T8238]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  304.451659][ T8238]  ? __fget_files+0x3a0/0x420
[  304.451686][ T8238]  ? __fget_files+0x2a/0x420
[  304.451718][ T8238]  ? bpf_lsm_file_ioctl+0x9/0x20
[  304.451745][ T8238]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  304.451776][ T8238]  __se_sys_ioctl+0xf9/0x170
[  304.451800][ T8238]  do_syscall_64+0xfa/0x3b0
[  304.451842][ T8238]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.451869][ T8238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.451889][ T8238]  ? clear_bhb_loop+0x60/0xb0
[  304.451929][ T8238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.451949][ T8238] RIP: 0033:0x7f084238e929
[  304.451967][ T8238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.451985][ T8238] RSP: 002b:00007f0843131038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  304.452006][ T8238] RAX: ffffffffffffffda RBX: 00007f08425b5fa0 RCX: 00007f084238e929
[  304.452021][ T8238] RDX: 0000200000000180 RSI: 0000000000003ba0 RDI: 0000000000000003
[  304.452035][ T8238] RBP: 00007f0843131090 R08: 0000000000000000 R09: 0000000000000000
[  304.452047][ T8238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.452060][ T8238] R13: 0000000000000000 R14: 00007f08425b5fa0 R15: 00007ffc1a7639a8
[  304.452091][ T8238]  </TASK>
[  307.409240][ T8235] syz.5.601 (8235) used greatest stack depth: 16632 bytes left
[  307.881875][ T8258] FAULT_INJECTION: forcing a failure.
[  307.881875][ T8258] name failslab, interval 1, probability 0, space 0, times 0
[  307.894896][ T8258] CPU: 0 UID: 0 PID: 8258 Comm: syz.0.607 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  307.894926][ T8258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.894940][ T8258] Call Trace:
[  307.894949][ T8258]  <TASK>
[  307.894959][ T8258]  dump_stack_lvl+0x189/0x250
[  307.895005][ T8258]  ? __pfx____ratelimit+0x10/0x10
[  307.895039][ T8258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.895073][ T8258]  ? __pfx__printk+0x10/0x10
[  307.895102][ T8258]  ? __pfx___might_resched+0x10/0x10
[  307.895134][ T8258]  ? fs_reclaim_acquire+0x7d/0x100
[  307.895171][ T8258]  should_fail_ex+0x414/0x560
[  307.895205][ T8258]  should_failslab+0xa8/0x100
[  307.895236][ T8258]  __kmalloc_noprof+0xcb/0x4f0
[  307.895261][ T8258]  ? kfree+0x4d/0x440
[  307.895282][ T8258]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  307.895323][ T8258]  tomoyo_realpath_from_path+0xe3/0x5d0
[  307.895373][ T8258]  tomoyo_check_open_permission+0x1c1/0x3b0
[  307.895403][ T8258]  ? tomoyo_check_open_permission+0x16a/0x3b0
[  307.895431][ T8258]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  307.895505][ T8258]  ? tomoyo_file_open+0x166/0x220
[  307.895533][ T8258]  security_file_open+0xb1/0x270
[  307.895564][ T8258]  do_dentry_open+0x35e/0x1970
[  307.895599][ T8258]  ? devcgroup_check_permission+0x86d/0x980
[  307.895645][ T8258]  vfs_open+0x3b/0x340
[  307.895674][ T8258]  ? path_openat+0x2ecd/0x3830
[  307.895700][ T8258]  path_openat+0x2ee5/0x3830
[  307.895721][ T8258]  ? arch_stack_walk+0xfc/0x150
[  307.895794][ T8258]  ? __pfx_path_openat+0x10/0x10
[  307.895814][ T8258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.895861][ T8258]  do_filp_open+0x1fa/0x410
[  307.895881][ T8258]  ? __lock_acquire+0xab9/0xd20
[  307.895913][ T8258]  ? __pfx_do_filp_open+0x10/0x10
[  307.895962][ T8258]  ? _raw_spin_unlock+0x28/0x50
[  307.895998][ T8258]  ? alloc_fd+0x64c/0x6c0
[  307.896040][ T8258]  do_sys_openat2+0x121/0x1c0
[  307.896077][ T8258]  ? __pfx_do_sys_openat2+0x10/0x10
[  307.896112][ T8258]  ? ksys_write+0x22a/0x250
[  307.896140][ T8258]  ? __pfx_ksys_write+0x10/0x10
[  307.896163][ T8258]  ? rcu_is_watching+0x15/0xb0
[  307.896199][ T8258]  __x64_sys_openat+0x138/0x170
[  307.896240][ T8258]  do_syscall_64+0xfa/0x3b0
[  307.896271][ T8258]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.896303][ T8258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.896325][ T8258]  ? clear_bhb_loop+0x60/0xb0
[  307.896353][ T8258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.896374][ T8258] RIP: 0033:0x7f2b7358d290
[  307.896394][ T8258] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  307.896413][ T8258] RSP: 002b:00007f2b74451b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  307.896436][ T8258] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2b7358d290
[  307.896453][ T8258] RDX: 0000000000000002 RSI: 00007f2b74451c10 RDI: 00000000ffffff9c
[  307.896467][ T8258] RBP: 00007f2b74451c10 R08: 0000000000000000 R09: 00007f2b74451987
[  307.896482][ T8258] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  307.896496][ T8258] R13: 0000000000000000 R14: 00007f2b737b6160 R15: 00007ffe7e4cb748
[  307.896532][ T8258]  </TASK>
[  308.211030][ T8258] ERROR: Out of memory at tomoyo_realpath_from_path.
[  308.708904][ T8257] ------------[ cut here ]------------
[  308.715003][ T8257] WARNING: CPU: 0 PID: 8257 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x2c8/0x370
[  308.725279][ T8257] Modules linked in:
[  308.729453][ T8257] CPU: 0 UID: 0 PID: 8257 Comm: syz.4.608 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  308.741796][ T8257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  308.753323][ T8257] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[  308.761075][ T8257] Code: 74 10 4c 89 e7 89 54 24 0c e8 84 13 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 98 50 75 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  308.781037][ T8257] RSP: 0018:ffffc9000e4f79c0 EFLAGS: 00010246
[  308.787209][ T8257] RAX: ffffc9000e4f7a00 RBX: 0000000000000033 RCX: 0000000000000000
[  308.795228][ T8257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000e4f7a28
[  308.803285][ T8257] RBP: ffffc9000e4f7aa8 R08: ffffc9000e4f7a27 R09: 0000000000000000
[  308.811343][ T8257] R10: ffffc9000e4f7a00 R11: fffff52001c9ef45 R12: 0000000000000000
[  308.819447][ T8257] R13: 1ffff92001c9ef3c R14: 0000000000040d40 R15: dffffc0000000000
[  308.827466][ T8257] FS:  00007fdaa9e1d6c0(0000) GS:ffff888125c86000(0000) knlGS:0000000000000000
[  308.836824][ T8257] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  308.843552][ T8257] CR2: 00007f5cd7ce56c0 CR3: 00000000342b0000 CR4: 00000000003526f0
[  308.851622][ T8257] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  308.860984][ T8257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  308.869016][ T8257] Call Trace:
[  308.873440][ T8257]  <TASK>
[  308.876418][ T8257]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  308.882857][ T8257]  ? v9fs_fid_xattr_get+0x237/0x2e0
[  308.888118][ T8257]  __alloc_pages_noprof+0xa/0x30
[  308.893154][ T8257]  ___kmalloc_large_node+0x85/0x210
[  308.898445][ T8257]  __kmalloc_large_node_noprof+0x18/0x90
[  308.904660][ T8257]  __kmalloc_noprof+0x36f/0x4f0
[  308.909678][ T8257]  ? v9fs_fid_get_acl+0x4f/0x100
[  308.914718][ T8257]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[  308.921074][ T8257]  v9fs_fid_get_acl+0x4f/0x100
[  308.925902][ T8257]  v9fs_get_acl+0x11b/0x360
[  308.930424][ T8257]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[  308.936053][ T8257]  v9fs_mount+0x6cb/0xa10
[  308.940403][ T8257]  ? __pfx_v9fs_mount+0x10/0x10
[  308.945318][ T8257]  ? rcu_is_watching+0x15/0xb0
[  308.950104][ T8257]  ? cap_capable+0x11f/0x460
[  308.954752][ T8257]  legacy_get_tree+0xfa/0x1a0
[  308.959535][ T8257]  ? __pfx_v9fs_mount+0x10/0x10
[  308.964448][ T8257]  vfs_get_tree+0x92/0x2b0
[  308.970348][ T8257]  do_new_mount+0x24a/0xa40
[  308.974929][ T8257]  __se_sys_mount+0x317/0x410
[  308.980361][ T8257]  ? __pfx___se_sys_mount+0x10/0x10
[  308.985594][ T8257]  ? rcu_is_watching+0x15/0xb0
[  308.990430][ T8257]  ? do_syscall_64+0xbe/0x3b0
[  308.995126][ T8257]  ? __x64_sys_mount+0x20/0xc0
[  308.999962][ T8257]  do_syscall_64+0xfa/0x3b0
[  309.004487][ T8257]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.009751][ T8257]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.015844][ T8257]  ? clear_bhb_loop+0x60/0xb0
[  309.020588][ T8257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.026495][ T8257] RIP: 0033:0x7fdaa8f8e929
[  309.031276][ T8257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.050977][ T8257] RSP: 002b:00007fdaa9e1d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  309.059612][ T8257] RAX: ffffffffffffffda RBX: 00007fdaa91b5fa0 RCX: 00007fdaa8f8e929
[  309.068029][ T8257] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[  309.076985][ T8257] RBP: 00007fdaa9010b39 R08: 0000200000000580 R09: 0000000000000000
[  309.085946][ T8257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.093962][ T8257] R13: 0000000000000000 R14: 00007fdaa91b5fa0 R15: 00007ffd5595ad48
[  309.102740][ T8257]  </TASK>
[  309.105883][ T8257] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  309.113192][ T8257] CPU: 0 UID: 0 PID: 8257 Comm: syz.4.608 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(full) 
[  309.125095][ T8257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.135162][ T8257] Call Trace:
[  309.138452][ T8257]  <TASK>
[  309.141412][ T8257]  dump_stack_lvl+0x99/0x250
[  309.146022][ T8257]  ? __asan_memcpy+0x40/0x70
[  309.150622][ T8257]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.155837][ T8257]  ? __pfx__printk+0x10/0x10
[  309.160473][ T8257]  panic+0x2db/0x790
[  309.164401][ T8257]  ? __pfx_panic+0x10/0x10
[  309.168891][ T8257]  ? show_trace_log_lvl+0x4fb/0x550
[  309.174157][ T8257]  __warn+0x31b/0x4b0
[  309.178194][ T8257]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  309.184227][ T8257]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  309.190235][ T8257]  report_bug+0x2be/0x4f0
[  309.194584][ T8257]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  309.200585][ T8257]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[  309.206617][ T8257]  ? __alloc_frozen_pages_noprof+0x2ca/0x370
[  309.212620][ T8257]  handle_bug+0x84/0x160
[  309.216873][ T8257]  exc_invalid_op+0x1a/0x50
[  309.221385][ T8257]  asm_exc_invalid_op+0x1a/0x20
[  309.226244][ T8257] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[  309.232862][ T8257] Code: 74 10 4c 89 e7 89 54 24 0c e8 84 13 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 98 50 75 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  309.252488][ T8257] RSP: 0018:ffffc9000e4f79c0 EFLAGS: 00010246
[  309.258575][ T8257] RAX: ffffc9000e4f7a00 RBX: 0000000000000033 RCX: 0000000000000000
[  309.266564][ T8257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000e4f7a28
[  309.274746][ T8257] RBP: ffffc9000e4f7aa8 R08: ffffc9000e4f7a27 R09: 0000000000000000
[  309.282758][ T8257] R10: ffffc9000e4f7a00 R11: fffff52001c9ef45 R12: 0000000000000000
[  309.290764][ T8257] R13: 1ffff92001c9ef3c R14: 0000000000040d40 R15: dffffc0000000000
[  309.298846][ T8257]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  309.305217][ T8257]  ? v9fs_fid_xattr_get+0x237/0x2e0
[  309.310445][ T8257]  __alloc_pages_noprof+0xa/0x30
[  309.315405][ T8257]  ___kmalloc_large_node+0x85/0x210
[  309.320637][ T8257]  __kmalloc_large_node_noprof+0x18/0x90
[  309.326294][ T8257]  __kmalloc_noprof+0x36f/0x4f0
[  309.331171][ T8257]  ? v9fs_fid_get_acl+0x4f/0x100
[  309.336134][ T8257]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[  309.342496][ T8257]  v9fs_fid_get_acl+0x4f/0x100
[  309.347282][ T8257]  v9fs_get_acl+0x11b/0x360
[  309.351810][ T8257]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[  309.357387][ T8257]  v9fs_mount+0x6cb/0xa10
[  309.361744][ T8257]  ? __pfx_v9fs_mount+0x10/0x10
[  309.366623][ T8257]  ? rcu_is_watching+0x15/0xb0
[  309.371412][ T8257]  ? cap_capable+0x11f/0x460
[  309.376025][ T8257]  legacy_get_tree+0xfa/0x1a0
[  309.380728][ T8257]  ? __pfx_v9fs_mount+0x10/0x10
[  309.385628][ T8257]  vfs_get_tree+0x92/0x2b0
[  309.390069][ T8257]  do_new_mount+0x24a/0xa40
[  309.394602][ T8257]  __se_sys_mount+0x317/0x410
[  309.399316][ T8257]  ? __pfx___se_sys_mount+0x10/0x10
[  309.404546][ T8257]  ? rcu_is_watching+0x15/0xb0
[  309.409344][ T8257]  ? do_syscall_64+0xbe/0x3b0
[  309.414048][ T8257]  ? __x64_sys_mount+0x20/0xc0
[  309.418852][ T8257]  do_syscall_64+0xfa/0x3b0
[  309.423384][ T8257]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.428622][ T8257]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.434699][ T8257]  ? clear_bhb_loop+0x60/0xb0
[  309.439395][ T8257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.445301][ T8257] RIP: 0033:0x7fdaa8f8e929
[  309.449751][ T8257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.469406][ T8257] RSP: 002b:00007fdaa9e1d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  309.477832][ T8257] RAX: ffffffffffffffda RBX: 00007fdaa91b5fa0 RCX: 00007fdaa8f8e929
[  309.485813][ T8257] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[  309.493801][ T8257] RBP: 00007fdaa9010b39 R08: 0000200000000580 R09: 0000000000000000
[  309.501782][ T8257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.509787][ T8257] R13: 0000000000000000 R14: 00007fdaa91b5fa0 R15: 00007ffd5595ad48
[  309.517801][ T8257]  </TASK>
[  309.521158][ T8257] Kernel Offset: disabled
[  309.525611][ T8257] Rebooting in 86400 seconds..