last executing test programs:

9m20.305191945s ago: executing program 1 (id=116):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x10}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

9m20.127683095s ago: executing program 1 (id=118):
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @rand_addr=0x64010100}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x5, 0x4, 0x3, @rand_addr=0x64010102, @local}}}}}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
ioctl$int_in(r2, 0x5452, &(0x7f0000000080)=0x1)
sendto$inet6(r2, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
readv(r2, &(0x7f0000001480)=[{&(0x7f00000000c0)=""/229, 0xe5}], 0x1)
shutdown(r2, 0x1)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioprio_get$pid(0x1, 0xffffffffffffffff)
syz_emit_ethernet(0x2e, &(0x7f0000000440)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x20, 0xdc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300, {[@timestamp={0x44, 0x4, 0x7f, 0x0, 0x9}]}}, @echo_reply={0x0, 0x0, 0x0, 0x67, 0x5}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df05f496d0420922f45a71c1daa8b630468cd140526c41ef8d3a4a422", 0xffffffff, 0x1, 0x85}, 0x3c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r5, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
syz_io_uring_setup(0x43d8, &(0x7f0000000000)={0x0, 0x7c87, 0x40, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sync()
syz_usb_connect(0x2, 0x2d, &(0x7f0000002500)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b75000905", @ANYRES16], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="8c000000", @ANYRES16, @ANYBLOB="010000000000000000000c00000018000180140002006261746164765f736c6176655f310000600003805c0003800c000180080001"], 0x8c}}, 0x0)
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240))

9m16.483537624s ago: executing program 1 (id=131):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)

9m16.233620917s ago: executing program 1 (id=133):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r2, &(0x7f0000000980)={0x2020}, 0x2020)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)={0x2c, r6, 0x301, 0x0, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}]}, 0x2c}}, 0x20000000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

9m14.967739588s ago: executing program 1 (id=137):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc2, 0x6)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x8, 0x80000)
fanotify_mark(r1, 0x105, 0x4800003a, r0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

9m14.318267743s ago: executing program 1 (id=142):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000004c0)='\"', &(0x7f0000000000), 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1100}, 0x80)

9m13.793045875s ago: executing program 32 (id=142):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000004c0)='\"', &(0x7f0000000000), 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1100}, 0x80)

2m51.963561239s ago: executing program 2 (id=1344):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='bridge0\x00', 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x80, 0x0, 0x0)
r1 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x74, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x2c, 0x68, 0x1, 0xfcfd, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x4}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_TC={0x5}}]}, 0x2c}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r4, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0x86, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3c, 0x78, 0x0, 0x0, 0xfc, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x0, "6b23c14dda246395dbe408a8260b0bd1305264cae3e56f52c890f03e803167f3", "489aa050cadfa199cc70b6068be89e94", {"fadaccd5e1d979c03653f66fe6898e52", "7e48c77864e4817fa2bcd4e8ef80c296"}}}}}}}, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000004c0)='./cgroup\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000b40)={{}, {0x1, 0x4}, [], {0x4, 0x2}, [], {0x10, 0x2}, {0x20, 0x5}}, 0x24, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)

2m50.25025374s ago: executing program 2 (id=1347):
eventfd2(0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000340)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0, 0x4, 0x0)
socket$netlink(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, 0x0, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0xffffffffffffff78)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = dup2(r3, r4)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000440)='vegas\x00', 0x6)
sendto$inet(r3, &(0x7f00000012c0)="11268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000005c0000005c00000003000000000000000000000a010000000f00000000000012010000000000000000000009000000000d0000000000000e01000000010000000a0000000000000c0400b70006000000000000090300000004000000000000010000000065000200002e00b311a08e814df2cf2a6f9666588ee8c393d4c12981f11322e23d93180c41bcda7879b4573d8fac56cc144099abfeb4d7591934109ca056dd493b39e59b38617db7bceaa4dbd234fdd1c1866956a280fa87592ab9642337cbbf80861e1def36d33b3297ee2a64064a01ec51d96d5e09e3786afb3a9bbd4167dbac7a3e1c9336e87fdb03d3145f6916940c1a83511ad8c2"], &(0x7f0000000280)=""/173, 0x77, 0xad, 0x1, 0xa2}, 0x28)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000804}, 0x4010)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000500)={@map=r6, 0x1, 0x1, 0x28dc64e7, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
openat$dir(0xffffffffffffff9c, &(0x7f0000001300)='./file0\x00', 0x62040, 0x100)

2m49.31908697s ago: executing program 2 (id=1351):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001a00010a"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)
fsetxattr$security_evm(r0, &(0x7f0000000040), &(0x7f00000021c0)=@v2={0x5, 0x2, 0x13, 0x5, 0xf8, "ff71ace60ad1a532b7cbefdaac8b1ddc886d3eee217a485fff1657406a40323b422c56b8b72463848516bc956490a1cd32ddcbd28e8e55a9a206e6dc319c9c8cf009c626c561db1696c5cd21f1261ba5623844f2b12f8dd8a5a364c883d69696f0d2df059ca9c072edbafa297198b2f94c2f4ff0a720b599866a56cfd447a00776c43c69465056d5a135d03e4a598ea9cfc27a0fb65f9ef1ab233c0181ce41474547b7c31706d8485ad246a050e65d80b5d249fa3b92e4c124ecf72e248614876b6465bc65a08b01b538102c412e3e67ff1dfbbd565b618e1be4095923391d12a1c829a6765dae0c6bc9c955b9d09558958d2cd0ef0811b3"}, 0x101, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
recvmmsg(r5, &(0x7f00000021c0), 0x5b, 0x40, 0x0)

2m48.082677273s ago: executing program 2 (id=1354):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@ipv4_newrule={0x2c, 0x1e, 0x1, 0xfffffffd, 0x7ffffe, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7}, [@FRA_FLOW={0x8, 0xb, 0xf}, @FRA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2}, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000114000000110001"], 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000005900)=ANY=[@ANYBLOB="1c000000150a0102"], 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c00028008000100010000ff"], 0x74}}, 0x0)

2m45.293392889s ago: executing program 2 (id=1357):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
openat$incfs(0xffffffffffffff9c, 0x0, 0x1a10c1, 0x9c37611dc13d0d83)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x400, 0x600, 0x0, 0x78, 0xbbba, 0x0, 0x18, 0x0, {}, {0x0, 0x4, 0xfffffffe}, {0x0, 0xffff0000}, {0x1000000}, 0x0, 0x3f0, 0x0, 0xd613, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
write(r1, &(0x7f0000000140)="27000000140007f2030e0000120f0a0011000100f5fe001205010000078a151f75080039000500", 0x27)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000002740)=""/4097, 0x1001}], 0x2}, 0x4}], 0x1, 0x40010000, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, 0x0, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2, &(0x7f0000f59ffc)=0x20024, 0x4)
r8 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x2, @mcast2, 0x1}, 0x1c)
sendmsg$nl_generic(r6, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000003780)=ANY=[@ANYBLOB="d0260000250001002cbd7000ffdbdf250500000052ebfa5ac93ad2d3e78c11ff3040820ced4aac3f3a7a240844ee434fd0b119fac6d43cb8a3ac1cbea399e6e530b1c13285fe87386a5c29909ae22623abf02bb38ecc4e01fd3a4b8701fbf044d152b573e1c61b58babbf14ed1160984951865f172f7c4b42091ef5c5f8cda537d5955814017a3e42409ff2dbbe562c95c4df6e84c907c6c3873a49a0894d27f1f90bbd1d038948d40b39d9b547e881b4717ceced85716f6d6236490f54e7bd8b04a3d6160d53b27c645cdca824851ee70f807199054f16c10af20b246644233e9b87f22e269d687a4423e5ba171f5ed6a6af85d4cd3f9bdfefa44ce39d2cc5260e81ea0ea410b3b7145425c469d351d0324324677dcefe70f44868e5a281a0ca0b2656af1c73f8a724f22eae2eae0da3be647c6492eb4db2daa5cb923519279a374277e85c95b7ac552e8d5f1f8becd50ce50d1f33be0281b7dad68f6da28bb59c34eaf740c6cd529e08df6e80b5c9752b8dcf301ad87805bb173f379a70c42129a255cb17d9f3efb1ed3136d3c2b4e21fb8424a434731305e58eac622d1b0c09c8899cf3f5c2c53a7ee51038e803119fdb1c3a61f753cc63a87dd8b8bd63eeb7e07084d5870583119d373edc24a5a32516430ca4fd2011df213eae0204f9aebbf34ab318ca9f371af0a01adc62d8cce499a49aaf9397d6f99746c7aa3dc40bb7a4e1a7be3be8e448c576660ad942b7eca6bdfc6f20f018c65ce47369184c26089b10719a7646d07dccb37b822cb768a136b4ab91f0908cd4e84ad92b134251072e26043014d91d55dd00f944d2f5662fac3524380e99bf4ef6f980db87983b036138335d325d736bcc3b905356a6b493a810a09b6f66350ffbb47483fa0b8cd8d4c5ca3daeecc2fb80bab7e2bcf7ddf32b94eb31ee3643eb18dd77ad53215cffe32d0a222b6cdd702f76298f8950c7fd357c176842f7c0ff8606e70b282cd463544efd017d4f0e8754f74feec242f9061dd1e37b993b261400f996cbb67822fd7a98842348e1441ade4ff99365cd56fcb1dc96439436d8aabe8aa9aeafe2f75c9f6a75d24320d88996329b4533590c238673bafed431be07ac566bb586b1f30229081ed1aa48b65e932666bbba07bd1f0fb5a1c58ce357809e7ffadfc55fa12020589614677735ce1244ec4b2100adbbff8b72d72ad1d81799ab39cb1124564e4e4c206644490b0590533f1d11a49b5f36a8af0f4d196cb8f15b96b86e634666f8120268dbf9d88531e6965f64d44673209b0ef8f28a196c5739dd0874369a521baa19b58c68fb95d3edce6f6b21722b50b521450354875b1e986d03b744aa8b4be4f123d51720a08c7deef368c07e8d404850ab88fdaabffa4870f7fb0454942b7a83601ad73645e81466d2f7049a1d819e3cb8965ce72aa98bb127af72d71e854dd08b0559715790cec391b1c082d378dacc6c260f8380076eeb58a92110ec940b48410457425b3eeb32905a29d7094535ac1bf2bb27d89c42296ab569c2b069c3cd6b65c3fd4720b85b5db791433ac5bb072aac3e70cd15d9ef29102db8519da649adbf0e199e8d00b6120ec810fc0c4abc40565c0f67e904bc586a38ad376fa74226551d97396c6cdec26fd7047c1ba4a4f2f967cdc1cf0b12a9a2b5dc749924cc22d20fe0f76c507eaffeda65468740e3284e4cb7f28e53c95507a725d363831253a376bf5497aeebc3a96cd8529cec80608a0a271b540100e8fef59853520a85ff974bf92a79b22a2deed9f8802817ab72975dc24e225fc2baf353047d4b8cc1672574cc16a1d21a3a77776f0c9a9cb61282c559f85d78daebbd8624d62176db49bb3497d878565dae9ba3282dbd7786e27d2b6c4355d5b7e8087d2751a2c958f4fd36d6062796d68e380b65738dff0662a23e6ebcd2ca670b40afeee3a53a8e4b4a85c80700b11f22831c503fc558a51edf7e16c6f4f8b53cc401cb3a042a1c66890dbaa38e4fbf775f2757bded116dcf09ad9e35b8664ca32211f725d5b2b90c6a2f36df05bb5633aa4f71dc000bfbf6f4aa267aa2a61c8fd45429b493a8a627715a514845ce71dafaa3075b7c13925f6d102fb0b02d665a26f0d3d1659e555b59638f5802eb6065bd4568b8ee61027789b1b7506456bb9f63882b142b42cd38da92f2963cf0cf2edb657f54326dd2c4bcadd0eaae0ed5d27f2202bbf18bc08b2aa266e6764c6b42ab3c13641e7221644666f49221e84d59b2ef3754a741d8a0b9b4705558bca7afeda29ba9f0de82ef51e4617f91d9bd86000f29eac15d8b0cbb1495ff8a955b19cbc28267bd71a6b45ace06cf76eb0ac9449308e54a0e9aaa7522da54b2278810669b0b1070b0450e22b0e557e6b7ba75e021d8c080ba7cd29207f4bfed14c40435664bbde0dddc654bdbfc4cb9f5e5666162a10f834ab9bb050e49b47a58b92a58e45135fe4fe9fc8381c13a4c0226dc13a8db7602be3ae87d04499b1d8ef0d6322b6dee750a914fc326255f641494021b9ab901dcba83d4876aa824a1e306ba7ac9ceb3540e6a1c84928581ea0646d6d50039e2d744c0753b7b0267989ad17f3e57749fa771eb4a9651bebbe777356a384390666fa472b9af40916e444c153c32ab70606c53b36ffe7c0392b51a769b03f220e635b146a8641dfb0251ac1435fd701bc48778700ed2150cf2776581199ff098a4de99ba62e8f2a77e26d49aa56c6cc1c65cd0f017d5e26630296a0f918d8dedaddac8a54245f9b60dedbc46f280469566c0871c1f1000c3c789541f04b3244af0f76e2827ea13e2fcfdd9176883b1a166672868993a1bd53eac30957d2c231f555f1bb6720a3e25508a0c7986046a65c8886f8d44951c3a0201693213e7295142a02e16fb7efa062b1bbb483e518c76b90dd8b1787faee44bcabd73da0ea47d615bfa35dc76d6daca4f5be0407adc5cb5f66aa42e866a2cb294fff5f86f1128da3dfdcd45ad26aac0a647dcf3afa0fc7fc7711cfc6a6690f6c500ec78c45dbf9ba3398b8e02f1123f828449520082465253077502553408aa10277f9357002b0c4f47039bb139fb823fe3a82c56b354b717fffd01c8dd84c866742d4c95a4c168073571aacb4537bfecd119fd342836de8b5db8f627a77848e7ab434601aa3057c44c94d833a6004e5de56debc6358b07619e2283f5f1e359e807a25cfc8b97ec7401d3debb147088653541fb1937348f06a52ad822f0950b0745815aa7dc2be5820442204b8adb2717c56d687a33e6311f7c9461d67a47c0200122a9a1f39cf903c694b687c8625fa383e8ccbf60da7cb144f7b95d381026cd7637f3e955535e7430522233d005494085d52724dcff9de4cf4c916cd2860ed53b4af78d69a1d9394b46a366138b32d9cbba6642931013aa0d550f208772fc45c85b1e533a651e97147cb07e589ca145e2a6beeacc9fd27e3b919aec6ff5e2f9744ee070e619c45b89b9ac415a4bc9157cb05ff805052dbcbaa47026ced8edda626c1cef540f6b8fd2051d1422a9caf5fbe040b61c6eb7cf345a66ed409977b3defe0ddb5fda69a11c010b759d6f092d82ad0fc9bd51f3bc6519a8c021449af275c6cf8907e40f58abe870d2d9fd83c84d3702a03d42ec6d9f2453210f51657c36ca218cc423dea047a37e75b9764499376aa55b425a04226c5fced25c060f8f390114f0deb53a9767b601f882889b3246fc3b5e4e1ddbce0275e83e6dd207b27398bc51751fa0cbfbcaca8b72fda1ca1d7a9c840322afb1ebc3c5514a5e55ef4da6c90bbff46c0de0eacbe5fa51c2582609d5fbafef5b893c43031baa0a30a03adb16cf13a6ddcf4b813fc096309b2ad567fd816c65e13578852412d25010c901f574bdb7a1a8674748a661390e5b7123b56d9f36a7637305d55b511dccbaf1758e3741e229befed3cf0ba0e9c3d85b5c0a54c13016f1699e1dcae8f966d67d5acf42b48a2659282e0fe4eef8e0306b0c72fbf7bfe5706c10a20f174a22e42e0b9439acd1940638017858fa215daf4aea21915718cc857dc3cb997058125e4c3b946631f22fce05f54a1be342e46b44d1341b4c246dbbdfc240d9f28e8e8fe0b4a1a4188934a0e01122c0721995e9cd20db12ef38a73e1c5f5da145d2321ea3ecc61b8f20fd267646a24a8eb4a902d9d8196529e53ba6b005994704f6211e388f1af22b4e0d648cdb5e76d320f34bb67662fff3cfb08bac1cdced1247a505d775cdf56722459f2c7c1beb379e042adb83683707ceca4bb6bc57692dd4365423cd4108a704553f78f0b653b3edbe129d98337903e1b4a7fa906dbc7b95ccbd4da93c7a3bdaf4727b234a5e2434c27b522db9c748b9b8e214cd9e36b3c7e5ba93d728624f072b7443722db732c11518e00f4c4b561a89633b936866989399108d48f8fcf031826da17ece4036df6240e1f94b5d2482e6ec341f9e0a3d27dcd7e10ba0be223134c567c83212b3ef1156dd18b642e15b75a140046444d0c37f1120974167d713174786c0ded25bbc17cb560d92215ee9242092d61474a795c3393bdaed0944df20d30d670792ca8c92546535cb7941482adc6601c39ce4a527a6be4e33b47412707c8777e7685f10e87023511151f889d2f78aef426d3695f3f477824c73f6fc3ad82ba0883d637f968e7b2da23db79760de7bbbf3d1fdbd1e5f4c78af028daabf84f37bcf2e53ab30f692b5a7bde7a0bc2aea00475d3075448c7c47a2777ee9621f295d73006fc22256dd4944c799f66a9f7a18cd7fd5ff7c068d6e468e2d7fd988360b9e084f5b6cf46d989db92d0723ec0bbe48b73a9cb5df9ab03cffe74adc0e1a43048d031d5847e35406987e07a1a0d60ad74a5cd6d44062725262137562aea3b85c5e652d73c9fc4128987fa399940a525a4e2b6e1b6407ea74c3148db82a15ddf1f7b68c00080a70f5392eb29bff954d40f920591c720807d9e30275e90aed89c236b6798ff4c6996122ed1b518cdce4192c3b922e8c5de96ca171f6b0483d2d3ad021e097cccc91e8765832a2eaddc5e88c33849ecf1e9620ce8bc5fbecbada32c6f1f108d4d6af77a2d23d356ba0cf68e275f9b1086c60aa0ee02c40e8a606ec7efb349f200fe47faa45493518dc81c6a1d4a51646241f51ecccee36e38f306c806d9411199fc0e84a6fe227d318a3c71a9d1b18b99eaa13d894217a9e0f551d6decfd18070d547784b89f2df0dbb97ab754e8d8ec1f0cb6569fa97ce41204c2090c71eeb44faebea87d9dd99d410b1ef5f2ff3e0012f43e19ca02113b13d992912e8daefc5e53479946fa79ed49b4e82e1f9363e213aa2e176b627802c7c85ff4e932b0fa8bbe49bb3f7817290f52cd92fa358aaf8b080139360463d84dbbb774e9535e8499ef0bcb8b9616431e52a1e165e519d3a7ba9b2c557806af52e558b319c5d90404e90f6117b6a162ee7e76166c1997c7230964ecb542babce28738c8f25e69d4597eb1a398b324cad8e8742314ef2816a25c5776a67f2161b964be2a206b349273c65d09832ccdb19e8201693e8cf35e914ec375f42e661a4fe8d21ac5ce12ab6e4567fa78504b659f56b34de23089944fb0cbf66d1abe574d4fb9ea7a773fb63564d44f4d0a48f6fde084970889787c23963ceb2856250fa9df136d505ef3ab98afad6b21edee1cfa5b91cd2ee36d49ac9a522fe4220994304d42eb4c78da46361a43ac1f0c034f0d9f13bbcabd72126cdd215d31a126bae26cb033c06dff86f1b4a180dccf996d2aa80ae3e204b7666e0eb2205844c02c21104a586d66ed24439df4c9dff0789bfd93debb004780ecb1b42d8ffb0d5e60852c510807cf97a1fbb4735b20eac6bec61f229949fb61f812b99503acbcf5a88ad3b0a8496aff27a2f1f1aebe3a52289495e9cf7f18878bd148f35b4760ca0d09f195b32a9a07eab8ca471477d67e0b19544826b838f16b8bd5ae8281509979ce5a103fa3339ad814f08e9091bd63d68750a03d83edd8266961f22b19a2183c0ce0acce4f2a280057800400dd8008006a00", @ANYRES32=0x0, @ANYBLOB="040010800400f2800c860000080000000000000004004a80009a0c8bee2ad0e1ba44ae631aab996761be62566be01d5259709dc7baa584b6ca91abb8b08d1ab499f41e7b1d7f63b043b62829aef9bce47f560ab787c23f3c38f5ac9f70e2070602e7b50df30e84d372f5a6d86ee781bda57d4c2ffcbcbcecfb4a8311d9dfafea9eab98f2f5d14401906004ecff963e10f91f015b800c009f00800000000000000008006b00", @ANYRES32=0x0, @ANYBLOB="08009a00", @ANYRES32=0x0, @ANYBLOB="a13ea6f03becd5c892066dd0e19c067b30215b642d6da7fd381be708dd7055cb70130d26c8c089515a2e453318a31a16be2f1ffbc02b948ee2ddcdfeaad41957345343ecfc0317ed5cff096c09afce3bb70c047db7bf1d6c1e7ffe239cf6b6f33432c63d0faa788cf599c318da6214ebdf211ab566cd5709d9a116b26293e9bb556fce416a492e3506208aa8f2e44cee551ba664999732a6be8721270baebdcc7a698bdd97155d36a9e10cfdfe7b811a1d26be86706d6f5266aa7c2bfc629ca7e9716d78e2754dbb4cdf14b526b7330a7c633d269f2055bcd5198189dc29096b0ce9890916b299dad7197b2f82ce89fa41e34d81cf77941de4e3c8ef04d3fd00319d76cbae0c004000f0000000000000009913258008008400ac1e000130018c800400a38008007800", @ANYRES32=0x0, @ANYBLOB="0c0029000500000000000000040073800400d7800400d8800400108014002f00fe80000000000000000000000000003b200f329735020020529362ce1471b6626f163fbf776d2ad512545aeb280c4d1df91658979cabb417dd414edd4700a424dbc0bb3f6bb55bd6c23f1b6a8e0ecd08043667144a43ed0c8f319d45106d7af376758d70374b35d7d6d3a7e869f4f5e675f7522f648b5273f5587b34e6b20f51c41f49aba86a34deff862c50ee6d64cea95d595f51f7d88f507408aadec7a9a824a2b9c12035f58e02805ed9dbe0b91f040fd12426bca8140b09cc942502f4cedcc790111ff9b8ee03ad80f811ec966b2942b61430c52ddb2746c2e15fa6325e9239849807500798e6aee4fd303c8c0733c136b403285b81b623c6d9c7edd074b900cd00388df82aad2018f319a019138f9e21d67600ef3edbd48e9d62b43b4fb83ee2b220ac9e4b45df02161db95f43af07ce70e7b52cbc161ebed3c0c69b0ec847d2de3b3939f7652077b35951445938914c943e757389cdbec66fea6e2bd986b67de55d69c331d9504c015c8f0add234ba71a9407cab32749e6142f9dfec4871d6fbc26035df921c42399b6ad88816e333bef33463e7b3e4319e7dd624e29878bbe0aaedac119856fa9ea0ce90e921e93b74eac8588e17a0000000e59efad6e7a7ef46eea32110380ef210907d7445d0f5d3e92d5382ac0321248dcf8d6e160f61f4a1ec61454c710c6e1858c36975ed219286c69695cf00822a53717c08f23a7c440230624776d9c47fbaba6c5c34a9ac73c897b6cb519c1e5c1a033ef7d18475949135d6904a16b3456086ba8db1a2c02c457f59ffe5cbabf75045f1028ea564070b65ed9f1c14c4060b4b88202c16059a17f2c7477a601b8bee7c17ed1faeef86cdf5473a883a9477a2114b0eaf5053099c414aa5f624fd2fdfef270ebdc0b88c29397e7bf9d65d71ffa5cf5c8f30f7c0143f36aad52c5823125760eff9439f406b28124683250d1a581c0df90f7fc13889ec4a3d7b84505f5e6476a543ef40bfefe3399c79f17541849fcbd1df107802c9c5a3a9d4f7301e06695d217081d5a7ee14e63ecd46811ee65e4e154f825ff803359d6e1eb0842344ba2689eae4d6e5e3838b89834c531d0af92d127bd510f9d8fa0b0525c2c71d3bfc26687a4aa40fa9a1bb4f04e2012ec5a87e1d47b4883e650471ea0b8a5938fd7be8f6eb4e21ad238a197c4650cb58b6841a254be6b65f5a84357039ee264347a55d296925f822f187f1bb2537a9056219bfdcd8a38d0ab8d8cf3beee62ab5e98db73f39afcd4a1807a406776810ea5bec48e7eb423de66fecdd1df24bedc8a794ba04f00855c1140b967f37b118cf11b94a2e8864bb6d9631b445642829dd20111cabcb442a32e1da58e56fe012b1a2483452edc5b64c725019193e9643aeecef6853e8b25437060e298b5db928ce8bdc9e4fb9e93dc642dbb0f7c724312fbfa4ef373738cdd4e2cb8e2b75b8d7b944625ac76f79dfaddd8b62c278218302e069f33ea3a851ec079d38fd25c6403b530cf20a51979e26bbacd2efdcc47f6f34d50a62cf2425cd8ad600d002544dc2aeeaad8b7da1e4c76c340c33dfc7ccc44af1005e277c58fdc62458b52ae44c6ff543f181d30599b0baa84343573383c318910191515e481e408f790952922b9b3c940b78e209cc12c961f789c2135f61204cfec78d4f49494c5d7bf932b651e9143fc4e62b05a27db3db4310df433d074b399669cd67fb7962ed6c3c8ff89fdbfe7b1fbc0c2e4dc6842c804f0a6d0ff290d946f223a641ef85f0dc12ef9c084344ac4bf794e08278663ca8fea7b5dc3b25fccc97835939a8ee5512442cd43e894bcd9dfea7087157b12d08f9afc618262dcb179ea6b029bf810727dcb3ed7307a2ac3bd25f2bbb2ba1ab371df455e45694a03e628c273f8c4b91eb90265de355bd72fa59f52f2c290318342f908687927cd56488604497d84af7bd9f8032d4c7cd78038c23387631f7c1398e87f1f1786c2bbc7bdc7715336275f748355852596b86be4945d99cad12c2797483abdb2917258ae6c713b6ffacd2ee4dda9d7c15f53a624abe439e93cd81cdb5d75909998e61592e1c2328a3f5a59678488858af110b167f0d4a72b45222195b12baae8959a5aa595bd97855ce282307a72b575beee9b13234518ca1cc630ece6edd64bfd80eb14c0feab196740cbbd0afc074fdf4601b54fc3eb6cfda92aa766c46a16e9a58796942d13b53320a1278e9c287ba6e622e05546d0cac1faa106672f79c5ff71b002484a352b139cb3694c71d24702332ffe85bc9ed82580c99a2b4678d92faacaa3192c2f40ef49133b9d8684fcc04c79cd4023ff26563adba35c10335b531c0b6b72485248dcf20ce5f54c82d54855e260e137aadc0e03555c41ca4c7973e75f98d7d7ba7177323a27bd8c16e8a03b4a0f898abdb2323b916be05a751c706f59899c7073154c82646f8aa13c90eed8ff32c33a5d3d35c38f8edabdc5b6140229c67cd4558b343cb3b6bfd4e45eb1d652e9c6327ec31c7b5b1f52b068c77a8dda13e817daad8ff485c4174b0b678ef9cf4ec41a2586571c71d8b23ecc7c0378ad9d8bcf7b829bd36cf2a7efc22afd9ba1475978097bf7fc2592cd5e9c52893b55441ab965c829cebcd0ff28b3ae10c43029505072bc8fdd2c9ee4aa3584a6cffca73318562cbe77a40b686f2e0c960889b513a041ab53bfd9ad38fe09e7d971c6643943bff837c8b7a7e13441ad8616d9315e2efb0d629063eb2b5391ec204b3c0b22552f6e962cbc58c21fffa751a28dfeeaca994ba3fb74333025063eb5f784d014d3074161ae14896f0da7f1f4f1a71cbc23d493925f1a4ceea9b9c352a9a0bcfa358e9464943812e460e35b6e7fe7be24169f27b85bd4fbf17d8676d00a85be5a01a178904a6039c82a71c71b20b185f721001785accfe239a8e5a44ea48cb010f6a465e1b083f66138c8be8cb4e09d7232fac1a5bc691d1d51d757c558413705f0fe655e792ca00482d45a40244f788a3384818e5abaa2bdd573b12ffcd8f028fb69dafc5a9b369aecf914cba7844b6b1f8553d5e91e0ad0d38618b21d9e1de2265575ccf5e6674a607ab0cdfb511cab090d80f2d9cf1fd75bf9401e3618217c93590eaa16fab05dfd9a941f4f4ac2c8c02e55ef60c7e89e3bf92e511c45a72b1a0b8994b63612b9b522c68b2fc4c5f313fa5d7b3d51719aa269fa0d005d1a640f6cb1869e450f99707e0218350982f4a4129c97baf179dc30da5643cd17bf95de88175af2839188076527b21a1a0e4817b3d4b421b640933e46e23675aa4ef66b374c99e91b59847638d37d4dd74feb6e34da28703f5eb426eedcc0b67a5d72c8be2efd587328f202b0892e1741076983b31ae1b9997f506d4a4ee81b38379064e11475131ed2edc93d02abff4a9d0b4e82c0f66e334e756668fd8d7845101be7a2202741dcc5fa92fd84b45364f896eba24d71f187b4c5e6b304eb223f6cd610d1374fafa9ce478b0a0a044f606972ee50e8ecd6b4de5a928141641bf77eda1eececcc936b2f58cd488f37dbd258486cc55e496e646f10c39cfb375194fd08b20b312633e433a5db50ef10e731bb48601cce41ea8a70632b5d9f4d55402cd72413a8c95413b499dbd82cf8d1cc02892f2a2b12ce25b4b78e461b1e36ea2ee250581582c8ab254e3a303bd3de916672caffcaacb43609033e398a7d1e0ad1857902996e608324bf97825c5ca8759f7311ef768ad25464a578798094b3d59c080afc446541f262a9c234666e9aa13058907b67c045f6587ad26e8ba737af5a94b0b36371796594863d25f5b16d16b74216a847dd915ff917d2eac3ddf58a69e8945100c79e918b379941f4293a9bc99f5b9260910a5167a4bb3c3907dd3f8865dcc84d43880d4ecb54a74de9e967629e6072c2d5eb9e3c02dee6faadd5f9b47f9ee291532fd5aecf8b7369f6886e40061633fe0bf552bb8e9f1c6f262908ad4fa26ec7e43c9ae76efec07cee981708ec05790208903db2ef920a2a493e78f71c95b9bee149e1df69d954d14be2fcde42dcaed352d43a45c8b7343e3b31f9f676de7c8568f1c3cf7a824052bf86a0ff7697169a5360da5f559aedc52a73670b7efb2949680e64dc6b0ba02b9aaec21eb3bcdeb0651b8286a0f0a46bdc18e8989c90dd1450db9e7bceb2a6ebd97e879ac8c88adcd4b1d819ba741ae5ab2cca89800145a6a050ba51fcc75c18da1efdf4ed9baf32ba601de2f882e7290f61722b2e806f0873b0dc3e30e1bde738517b4ad7e79dbebc76d682b5345134c52ef9824a40819a03b1b199ce00629a4e12cd8fa021eb5383dbe49b95838f5f8c36f44450d84d82adb4c49a4798aa20be86937b9b9f8b5a9d981af57aef3f2498e516f227d9f2469674bf957f372241051b97c064e2f4022d45b8f1a205d58b22dfe004904e0ed5063707e02118a745256cec415693acbd6ff36227fbd7218ea700b377238940dfee6714733b2dc6e696f775f13ba8263b188ec21b6ab126bf6285dda46f0bd261791141d1c1d02b784a6d7f5a639b5a89c887e5a2b9083d230ae4500c14cb62f93d57d597b13cd1768d21cb3d9b6f78cf78f4b460ca7547f0cbb0ba06ffeadf1474adc2c7a42de956c3b192cabca9e7304d6a0857119e6d641fe8ac0ffb8a4b0e38210a5dc0da2903a1dbe63c99f2885f2b63abc86bb9c33f90d97cb624f121b2f214671c35d677b89a2800949fe338de8cff1c685583d2b1fefd0ef85764edcee2abe7e64a213d290dff48b5529a9bc83134b0c2746632cf17ffcf165e4674483202f4887d166fcb14901fe61ac44d19cb59f3967f3d87cd6f2d1a3be4c55a91f90adbd026bb540f27be099f7d9d8b496f2c19040645580f250eef9286f4670885fa6d2cf5bf8272a15e6320801ddf2435b4570988f60e67a94364f638df21c37b8c575f24fa5afdaaaae3c6a32a65b55918b72b319f02fceaf52c4a39c4b9e1dedcd0206b6ba1e29f8ece6ec2dd9b4530f63363b74999c56fab492e5b9abd380cece5d70ab88a46e3a78274d885671fc0113bc5d1dac0d52f6c64663dde9828afe5b5a890c8d29d5e8dce6952d424db1310f7609e1cff871a0c542e150febac8e693e4c4a136b0b027948e5e0f423a944b92d9c1a9b560258078292f5d4349f7ae2cd7fc2d60081e1e58e7038499af723169d890c0d75fc0208d570bf6847fbcd8ff33a2f2a5e455302a8b6db6f1ff82a140055c066dfecf53db0307970e321bd2fc1993c29875e2bbdcf53757af6944d3eec1032ca4aa5518263f46e8ef3e65c3c947921303b33d49685ba89e59d90b6ddb45237458801fd5d21064fe309541d6e8bf258f88698f460e667f26000d26fa0f83bd2922a03687c323d79943f155771c7f434e3c2e332ef05accab52386c0f18e9fdf47db942b34b396403a7ea47796a9ed01a3514df6fbaaffd6b6ad111d6445801ed8b89e4d1993cd5431e89888d5d79c8d8773c238acd710d7fd3f381697c14febb7788bf3ae8843702c035bcb4f16ee76449ef7de3e431c857e33600226ab39398616915b5d9bb3625afc8d0c8a32d25f83c50f24029d7453f747d3faeaf848be01db5c4362fb001ac93d02a312fb4a77fd8fedec3df303ca143814566ef135ff6ff89e5dfbd32d9ae9c3289642c76926a1965f3671697eb8bba8be3f50d314b6a9fdaa61eed2697fe376979b92aeda0d8b54afc007fd9fa4db2d798037729238b108aba7e3f26d5b596885ccddcceefa5504cc62cb9cb35b59b974c9ae7a50ea424a6c2697e63d8beb799f131751b2993a44863f0efa57c1a6f0d7bc2ec1da8c039f3b432245e3c490978beeed85b1ebbfba582c1c8756abf077198fbc398fe5274ce36d81db32aa95364b24fc6ecb0776fe5b32752361c8d84bc36d0614e8c83719ce6343a581fa1ea7e346b8ce3b010b23751e29c7ed8786350f9d03ead1ef5e0be01c7931b2843ea3d63d3836435c290dded68b48dcf53d7282bcd1ae15e6cd00e7f46fd0e8d7ffb4b3f724eeb40c00f0da83ec6b0c7735e0e63f34cbd3769b9d99680be228e6ffb6764e338a023e15ef51ad0aa5aed89fdca1ab9be76f40ec784aed7037760f87fceaa842d0afbbbf0f3368763668e852edb5c4b8edfeb945fb564ec5c00b424e3f16b15e279c8026761e02ab526f22287b2f7dc76988f8223c42e360154a3bcafa0d46482019d3129c949b2a8a3743c462072ce629584316c323d55e5901ebea05cf8a56b16d73a80a7fd3732ea5e8ce1cf63cb39b4e13e30b2990e50c649b477dc25916f3158b1a840fc90e437c37a82fc4488c38ed13baa9718fb2f61c1f701fbee5759f78586321448df38a09b0c377ba6dfe8822fbd4b4008d5fcfb908f8993dd1d2bf255a84c5de26388b55670a5fb6d9a25e273a23914c381e9fcd6673c2ed7172072a573cabc29c0580361f2dd3b160467c48041a7232b3a90bbf7716a27fb3a7e65f6dd0da6487e173028b489c53599a77d01eb45d6d2e3ca4d151ab7b84f78b2214a050a431c8b7430d7f668572de467ed1d80dd515d15399c017c12ba276134dd2fc49e100b92568437b44b8da59cbdbbe43778e98e691ac4a2fe4f9d523ae48e226ef7212b55ba55ecf7d04a79cb0bd143116b9b1ba90616d2f0d8e66348857694a388a3ccd0a8b1f3af01af180192b55c8320ef1070cce331eb1cd3d24adce13d58d1708a10c9789ae7b1e05859fa5478fc56925359fe60e9cb6dcca9098f930e776b1c0989154bc0644e5bb885c73522922cbb985740eeda56fa8dd5f325e99b075000c26549c8260f05b43f789621dc73bcdb80475c30311e99689d87211f948befc8500fde9995f5062bdcc2d6db7cf0000fb9377474f84d00f8ee1599a481c073291bab9c35e99b03ee90c3dabe02a797d605bb2f187b1f335cf7fe2b283ee712f3b6cb3a99be2638b97bf6d8157104024004e800800c900", @ANYRES32=r0, @ANYBLOB="040024801400da00fe8000000000000000000000000000aa0000000400ef00bff1f2bd4635cb6fd56005db26813a70f1e834e718f38b126613052d8b782eaa241b02f40f0e03bbdc4b4f522add73a323c0cc83155cdf0e17161c37fb46a2e1831c376548f02da4d23532a795f11adbd028626c1c2b97745b68d690d49c5aaba6aabbc5d668c7ec7e710f72b984ac271286a88eb58df897276a3210881751f24cde075fad315661f6d535d56e8aa8625bc700f868af8fc91f032dc0eeb5d65c008511bde100574c2fc0a22e3a8ccb66688328ee"], 0x26d0}, 0x1, 0x0, 0x0, 0x40480c0}, 0x24000100)
syz_usb_connect(0x0, 0x24, &(0x7f0000001c80)={{0x12, 0x1, 0x300, 0xc8, 0x5f, 0x62, 0x8, 0x423, 0xc, 0x2ebf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x6, 0x0, 0x22, [{{0x9, 0x4, 0xff, 0x1, 0x0, 0x71, 0xc0, 0xd9, 0x8}}]}}]}}, &(0x7f00000023c0)={0x0, 0x0, 0x0, 0x0, 0x1ffffffffffffeae})

2m40.26800691s ago: executing program 2 (id=1361):
r0 = fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xf)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {<r2=>0xee01, 0xee01}}, './file0\x00'})
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r4)
syz_genetlink_get_family_id$tipc(&(0x7f0000001780), r4)
recvmmsg(r4, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000001b40)=""/153, 0x99}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000000340)=""/196, 0xc4}], 0x3}, 0x7}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000004c40)=""/4098, 0x1002}, {&(0x7f0000000440)=""/150, 0x96}, {&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f0000001840)=""/105, 0x69}, {&(0x7f00000018c0)=""/147, 0x93}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x8}, 0x80000000}], 0x4, 0x40008062, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0), 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000009"], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000006000000040000000100000000000000", @ANYRES32=r5], 0x50)
close(r5)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6}, &(0x7f0000000840), &(0x7f0000000880)=r5}, 0x20)
socket$kcm(0x2, 0x200000000000001, 0x106)
syz_io_uring_setup(0x5b29, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r8, r7, &(0x7f0000002080)=0x3a, 0x23b)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x80, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_fscache}], [{@smackfsfloor={'smackfsfloor', 0x3d, '!]$\xa1&\')'}}, {@euid_lt={'euid<', r2}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@uid_eq={'uid', 0x3d, r3}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}]}})
socket$alg(0x26, 0x5, 0x0)

2m21.81331581s ago: executing program 33 (id=1361):
r0 = fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xf)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {<r2=>0xee01, 0xee01}}, './file0\x00'})
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r4)
syz_genetlink_get_family_id$tipc(&(0x7f0000001780), r4)
recvmmsg(r4, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000001b40)=""/153, 0x99}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000000340)=""/196, 0xc4}], 0x3}, 0x7}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000004c40)=""/4098, 0x1002}, {&(0x7f0000000440)=""/150, 0x96}, {&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f0000001840)=""/105, 0x69}, {&(0x7f00000018c0)=""/147, 0x93}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x8}, 0x80000000}], 0x4, 0x40008062, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0), 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000009"], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000006000000040000000100000000000000", @ANYRES32=r5], 0x50)
close(r5)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6}, &(0x7f0000000840), &(0x7f0000000880)=r5}, 0x20)
socket$kcm(0x2, 0x200000000000001, 0x106)
syz_io_uring_setup(0x5b29, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r8, r7, &(0x7f0000002080)=0x3a, 0x23b)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x80, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_fscache}], [{@smackfsfloor={'smackfsfloor', 0x3d, '!]$\xa1&\')'}}, {@euid_lt={'euid<', r2}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@uid_eq={'uid', 0x3d, r3}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}]}})
socket$alg(0x26, 0x5, 0x0)

18.479621979s ago: executing program 6 (id=1668):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000500)="d8000000180081054e81f782db4cb904021d0800fe207c05e8fe55a10a0015000200142603600e12080005007f370401a8001600200006000500027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703", 0xd7}], 0x1}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)

18.345604972s ago: executing program 6 (id=1670):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x6b, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000040)="08b4fffffede", &(0x7f0000002240)=""/4103, 0xfffffffe, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00220f000000780b4550182185f57584b39e3ce07961fd2c726f0d7174a9a2ee0fd1f77d4f0220d538db83677d377e005efe82d54becd3fb8131b008a1ebc1cb0e0a488d726c35d65e1dfc4ea5b00bb4028a03afeb650c7fde77d3d37028b587c52cfd4ddd025ad9de4e561c56b30800000016d51cd1281e03b2c54a12cfea221cdef299391157fc8f1155a792ef1afefc5bdbcb0c40a1da503ef46c98c7bd8558b3fdb4b4250ce5d03c853b58dfe034cca650f7cc729cba044308effdee2e4f4df93d4ff86be36c09014818"], 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000080), 0x7, 0x490003)
ioctl$HIDIOCGREPORT(r2, 0x400c4807, &(0x7f0000000040)={0x3, 0x100, 0x7})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="2b010100c242f7f17d7ce93800003e"], 0x0})

14.400066367s ago: executing program 3 (id=1685):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800"], 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4)
r5 = dup(r4)
ioctl$SIOCSIFHWADDR(r5, 0x400442c9, &(0x7f0000000080)={'macsec0\x00', @dev})
connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000640)={&(0x7f0000000740)={0x3c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xb7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x3c}}, 0x4000010)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140), 0x106, 0x9}}, 0x20)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="cd09bc5a475766a6b53e96119a2c69501b862b8cf2fcde49b440e56ef359cb936391e601f3d5680bdc5ecfead3d289eac0650712840532115d6beae221dc501bd0facba07bae43c8860317b0afa95f7dc786016c5cde72510e"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x8000)
vmsplice(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f00000006c0)="6d0b1f4f38bdfad50659e830c28f177bb7f0eca4ece2d735069dc3d8310a66388073fdecd0c184c4fb25e7a64bdca2cc1e7b117a41fb1a7541723762a4d65d1e1f168504f697c6", 0x47}], 0x1, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r7, 0x0, 0x0, 0x800)

13.959308244s ago: executing program 6 (id=1689):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000e00)=ANY=[@ANYBLOB="1201000000000040de28021100000000000109022400010000d00009040004010300000009210100f90122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000f59a55200d0522015e9a0000000109021200010000000009041b00001c45350070e6531c4ad5e88e305df52d2ffb6b9719dda53a75a871c84a0969c51eee7553e5b9e94c03e9193d40f693da78a0031f867eb16c2a08a5f20d69339ce7673dd95d8b1be753094939bf32a2e70f9206cb880dde14681f096d5b18479fcf04d5f2070108869a82bffcf1e1b76d093920d00be24f2011be72bc6779c19ae557a3d376"], 0x0)

12.593245589s ago: executing program 3 (id=1691):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'hsr0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup3(0xffffffffffffffff, r4, 0x3fefb751a115d5b7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$session_to_parent(0x12)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, 0xffffffffffffffff, 0x1})
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000200)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x4f, 0x80, 0x1, 0x0, 0x1, 0x48, 0x0, 0x0, 0xff, 0x4, 0xe6, 0x6, 0x0, 0x10}})

12.387752255s ago: executing program 0 (id=1693):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000029d82b0bfd1f2595236e22460b806000000000000000000000000000706001240000400000800154000000002"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0xc0)

11.557813952s ago: executing program 0 (id=1696):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x4b0, 0xbbba, 0x300000, 0x0, 0x0, {}, {0x2, 0x101}, {0x0, 0x3, 0x20}, {0x0, 0x8}, 0x0, 0x3f0, 0x0, 0xd613, 0x2000, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb})

11.483915907s ago: executing program 3 (id=1698):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x55, 0x55, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x0, 0x1}, {0x7, 0x2}, {0x0, 0x5}]}, @type_tag={0x2, 0x0, 0x0, 0x12, 0x5}, @datasec={0x6, 0x2, 0x0, 0xf, 0x1, [{0x2, 0xdd37, 0x2}, {0x1, 0x2, 0x4ca}], "d5"}]}}, 0x0, 0x72, 0x0, 0x0, 0xfffffffd, 0x10000}, 0x28)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RMKDIR(r1, &(0x7f0000000140)={0x14, 0x49, 0x2, {0x80, 0x2, 0x8}}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000500)={0x28, 0x1, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xb})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448dd, &(0x7f0000000580))
ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000600)={0x0, 0x2, "43cb93", 0x7})
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r5, 0x0, 0x20000)
readv(r4, &(0x7f0000000040)=[{&(0x7f0000000540)=""/4114, 0x1012}], 0x1)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c000980080002000300000028000280080001"], 0x46}}, 0x4004)

11.215555265s ago: executing program 4 (id=1700):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000040)="e410a4c9e96778bbcea38cfece992bfbec641c85eff85eb23662bde3c867cfc5e62167bbb3f44fca9ff432e5fa55054a9c4a0fe3f3c58a6686f6dc725fe52d638e16fa6e4750f496ce85f54271e1ef810bc5a66126c48b0b3ae7ae8bd0c5429ec100a001be2f6d4010fad555e516f3ca324ca841f7cf2bfa3aa767f688ceaf63e38f08c141155909e5d7f83dc1ac700fba6f5bed777f819e980e28bd2b4c4036d236824d2a3203e63e41f7a4409d9ac5d00ab7a36616a0fee3ee58334270dc59a2ddaa0a8de1b9c33e7e6107273015046b0b802642ba3b59220813f283a4c1b792875463bd34845d8325744627b5095ba4a6065831f117dda7a495e9fd225567ed173d3ebc6010154121b0740adc6968532bb3a321e8b8c4dba1edf62131cbe43b317c054d216d798f735a10b70426999b2a720107640b1ae58be4e9117d0d487b5f447230e2f000fd5275eb97b1b6e6c2ecc0e4bba5111fc8036d2b4e36121746f0c8fcce2d65c0a76e7db283221e9f2ee52a40662bba824f09d8da34f1a2078c09a17e8697e461fffc2fab1bdfb437f59d31e2957fec04f2230810ec7e536a0411f052ec85166165c2d4bbf47f884e40b1059e40ba6540cfde5b52da6bdecba5be58c33e66e988cd4205d624571a89392c215b3702e06a9d73ab07ceb3eb108e5c5a51a976b7b98842b6ddfa6d071b7338a7c885d77ee883cb0b9f1023c555740582bbcc1e720844fa1cd43ff44bb7d0d695fe21d61a2dff912688147e5a52e997b0719c0d841e76f2d931e7cd032f715b54ff664ec39c499f41705dd285128292600e8d7db2677410c291ec684c3a08318a91d4d6c7ba932d149a7898389bf667b6aa4c3361dfc254013cc47a32ff7b6376b8f52ddf9b236452451a53e805c096a0dd35b5f65a7681efd330393b3e529cec944411fd6a58dc6f8f904842434eef0b78328916ba8ae7657af2dcff5f2faa72161678915148144ea480361e494ee1b2c3cdadfb753ba4344168ce3510174dff4f936a61233035388da4d4bafd1941ee6371900cc64295b06db33fc2a580ea49d1d02b1550c7b000e2293ba3da52f585d2fb88bebd297b704b3caae996602ca9e9d26c1d55f69c2e5e451c4eed947be122e0db9959ac61994db92982c65d6abef32bd866a7278ae45cd6a98596b6c5bf1233eaab46c1bee66826662d29b889ea92ffa55a590b09fac0b342d03952457047f2e4ec09db44a21f76e2018bc6a90ad89304f83c80af4b236d905e6d30f868c3d962a66f0f7d750a4a41ed832f3297a84141cfdce65b6b01513d81b79e970e1c773411fbbccdc80740472e05300ed4c71e43a8debef712b4b004f3464ff8a740437c3839c0c6c7d1c79fd64c2f782119ef88304a7f147f68320bd6c119b8cc86e777cb612060e0536c590baf9a4a2383e35d95fee94ba59dec07a9c6b6713c3657e78c7a139b6cf561b18ae48b5794c68c60c98d9c84cd4ab71a768e54b8efe750bbf5ea98fb7352b65fa68719b6d61825c14536cc58686701a43a1122b8bb6769e391efe9dd67decaddc4f8ce5e8e44e9b2d22f12cd5df78cebbca22f3b44b7b072ad9f5427de39b4fef9a00fe7449123771ba7e517236f2e5ae132f171bfd0c985f8ce119cfef00e50edd2dccf546f158f412525f3a844eca8ec58699d7889e82828e2f23feea528d16740a078e3256ce6b920fb7f236b32c034d62ee3036ea9c5b09c6d23175c9e130ce125afa496e2d05657cee5e2a7cc6fe7afa16e49295e054d1097e4e1243d90ef719caf9d5a9fa6c3560cf91720e64fc5977aec66d971288753aee939d58f6140ed2b7ffbd8c53e1a617387d60432d0c63619ed2a8ddc54088251b2df261fd0891727715dbfc9071948a9328788cc7dc61ba7c34abbfb6c8a8c927e33599feabf901a6db816ee543089cca870fcab82199aa175821dced8251724cdc8a33c8285235603ec8e1bf10a246cb766be4c344f86e020979255e16a477f4bbe4afa13b7b7db7607769688972cb9bde3c0aef5b9143909f90cf8002241ca804db34de668a09a39d6cacf596f1bc7df49cae9cbf0de22a104aacf76be4c25f3bba31b7de3a1668c50346612898aff149227d9131d56231233d4c97a7897999ec1c902387038ed2225e7c06c22c544a9df9ef1069730b8cab4cd68746de299b5d7d618f803769c6d33b6d21969cbcfe722f99b5633078c02cc2a51e7570aeaa4d25618b238f841efaf4346a8dbeffa1d13ff86ff24f5713221f80aed8bfda53f3070d4711bb223518a002c38a3e2731ff947f50bdf2142a452436e821abcea96350c8179cdd1b41704d6d5bdbf76d21ab7609fafd53c83fd8a0644f20a2fe5b2ee3216b59c502b1b31ba4b1149d42a113aa82862f28195a06ed6d425cd80de8cecf58e0cec45fff5ab28483db7d2b37820a1db2b1f1d9f94dae6b113ea8d28d9cae4ccb6828daf578d2721ea1da3644863eafdfdb0d513265d1ab95fe19a26fd04a177c7e6f926778149640aa09e8b42e2ad71ee90dad665ac0e10e94f1404334f086f594637a89bf021b422946861bc200a964ccf325a9fdcdc7c83b5d7eee743c00da73858b73098affaa73e26f0cc4b9fc50061da678b180d4994b873d4dc41518f7670c1a50e8dc09ece4397f6bd6016bf9a09959e8a2afb29b48b52cbacf488a836f90ba03d7d178189e38e44c19a68dc47afe6bedfa5e02bde401028b240d73128c7fcade1bd540e5e3ab4626d3bbaafdcd1431475d72c27d69ddb525e6ada93e7f20cef4db65c2a04ae99284e889878a7a68ebb821279006e54dca07b1c5c24614f76208b22f5d8bc3857448f9717181c3d63ad47eae3098c319def23935dfdb5b48b4c1a9cf3a2508b9a580abeb39631db1f031f847a49864b6b1fd9f63094da8e2a13ad307b67800416f44dfe38d4603869d9ad46bf97726eba5c1d603c887aee36beabd342ef050db4eb810e1dd42afe5b6aea04612a733ed8c4b2964dd736394ffc8c73d87a6b59fd1cb47b335727a6298c5adbf5340cb0dd4dcd93780fc310a502d240fd14927f5b39eea690dfdc3e850e6c68cefed993ce321717b21a1440f1d56d23ec8906cd3b2e3bb1c7d6551e382fced9c841995be0f392dd0f2ccb8ff4949e760464cab911fa4ca55fe6730835b1419125de44c1992f5e5a091145785ba6c059e837c0e427f658dbbb0cf99dd274ab9166e7e2ec1e0a32c1aecdb56d687edf0236f452605cae2accbbbfef364a2bbaf171186fd1692645ff4cbf8376db15ae48ccb70158ffe33f7ad15cb4f72ebeed94e28f520e2defbf32caee56ede8c067d467aab516d303c0085e39384f015c1cc58da2d0a034b2f02286e4ba2324d2ec33686cca11ca1aa760073c68100fb5a99b83c1c9805e316bbcea8c9e5f4fc57c7b8f18c975129a6ed82ac5def56b45deafbc80ca696e427dafb3371834f5b6a61b62763dff839b7eb7dcb27ceea77cee7b6c804279a1176f8d413d4716c347bc8f78968530519e53a99da935602e7ebf9a9fb8f01c85bdefd54d96df7fa9722e5813aec2d3065acac63751c02b373a4ca184c678d10cd9362f0de3d3f64bb331009fc422964e8b46ed718b9ef881de560c290d922db3ba19045fa3b2fc2598e2171c76c709fab8aedd78f46612325d2728493a0cddf87b009c9f32ab2a18b9e1e36c9ec8aa52bc87d64be72bb99b2fab4adef4dc5206f6961d0613eec39b1cf90f68dd2d6af83e70a3b9b7c0da264456667deeb73631a310d8f4e1cb9224bce5240204c6df74ac2fa4904ac50739fc0b3b13028784d22ffbaa60a4b315b41619219ec28e7f55ef519a83dd36749fdfbb0846d6b515c43531cb8e12eccbeb34efc7f5d8da3f965592a3e469e370a21d22b2c48447627d1f31ccb961badb6300bfbcaf31384b5673637fb429d4648d16dbfd57ec4290051e717de04b91b201a55e382a8b93b3ff488bfd0662020c25198df941381f038ae16956193c1a928d20545a70f4c6a328ff5f79ead3ace8ad662907f6603860395813b8eebd6cc1b9f2b71060091f33d35157bba998d07e9ec34a47cb4e8ae7b4857e35a3005494387a31e13f3054380130c252ddf64938ef560e6a27d8af96903d3ebd633c2e9befd58d231e7e47b71a701ee134a8d9f9511250c7b45412f4cf33defa93e738adc7a0d173e6c8195a88923859e398f4b572d0dca6c36e62c2324612d77f3e015a478c13237410e77f2f6c953808f622fb8095cf7389bf58397002127d2f83c932351f99b2ca8efa59fdecf75c919856262041af7b3d7a9ba78ed42317b7cd5ec91a34323e7394ecc62c83d54e305c3a392ef020cbb96c0535cb6fd6cd3b4d79c653e1a90590c76971a1dd8a07004f9d49114dbbf31361114b6118d5ad0fc953555bdcbf3db6b9343fbb031f4a09afe9a4fc05933bd6d8da2c0c0a80649f7c8f1b31d0c3ea0ceee5d872fb73f0c142f9d6738f875beed15e08f21a3422f590f26fd0d16e2ae1efe2a94f3f1ab6b1ca4f60f917fed65e2a5c40321a0dbd14dfd3f1b233f5bd657dfe65b1560a2ae1bfa1d4dc72ebaf67c21b1f501fb03e6dd25c90d26be04484f0d95a01a2eacb8f3f18289f9ef390122c4618223f448a1ad38946b865bad1784f9ecde59fa6a3c8f48a022f415bacb55112cc89f896570045ad0b3c39634d3ecbf9f197df6ea6f4ed41fea9d53c781428a9b1fc5d4f64601c28266d1eb716a394ab9b8b5e12ba371fbe1ce376936d8ad72ae791d3aa4468ba2a0049d0096a254cac67bfc49789d7e32ee06c36d9162af94a395d2d80ff969a61eb495a3ebdc76a8cda75980886c7a189f16fb9dc518c2ddbd487f7c7eaf74fb475870852931ff5a178a0d6fad9648b19501b0162f708741e8b0853b0275ee07e5d309189d5b656e45d71b5fd7ac00cf064b3eb308cae2b3653d94f0e542bdfbcfb1c5013718e34b70a4be6e0d6081c33876a983f604d08beda08fd2cc1110f5ae3608941217832f3cddb58092d6e268b446e01c49a398a01a252a300b44174ceab9a5ec1527af0f5fa1fdb18e027bca08d2b37a9b7eee5f648888bbcf9b088fca8d91d9295575b8317a8bb3d9240d5fccd1c9d9ddb413e0052f43b7c295efc853027d3882f3bdcbfe14a42f84c46e4c0f43b3be2dc4e5736ac49149e744daa17bf76bd337bb15cd1d38fdc6a25f72acca057494b6544d34067dd96dec559cc8c9d924d44e351dcca24e5d4b2bafd596000d69fddffa2e849f7d37c9538901dbf580b1f20ad00b75ec2880de6ebfe37bbaa6a3a11ed7533e5ff8f4179e887aef1c8d6ae5e204df0240cc669d66a42fd3dc4ee368435671e2726db1d550ab7f7fedcd7a9b2f61117571ed41ffc03203b6b9b167a97fe355805e47f0e4ec693eb25f0f5c40bee7bf92cd57ec58faf1c048feefcba0f00bf4c4c85cc8bbb5c641895fb8ece2175462dfe1ee7267e4d0cdccf15cb19621caf2be5cacf0e750f0b9074c9b3bb4440a436c80381359629deaf0f51ba206ae0308089ca1d84a6468a12deb28b1aaa89d03b9835561e5116887554c8bcd30d97dccd85f741ae9380c98cd5672bb65b069c63915d4b532a4c5031f7742e65f7884c0c06ca6eb5de1ddf4a05c8c09b3667d7851729630955ab628a68f9b538a020439b184a0ce24ca4b369c3951f024398b416bc99344e0b7e0bb3a06182b300eb4e29c5ac048e53ceb9f772c5cd40c9a32b0997c7fcd6f7b995d0471ade39a1bb6b30a35f7284475ae39e999b2d9f504d5519b577997d890fd2834fd8dc2551ba1ab14c05248d19ba8ed8ffab3e102b9d347657976cad62c37998a0ff93ce2e6f7d0408061c14e88f5c67c0309e0c3a84c8438dc023d83ce43596d5e2ca77557ecba5d91aa781ead89dad5baab07b72e4d0257ba9a63664cd022aa009e935d1986fc78321c01218029f841e2de64e6965f260e42db37e41d455c559f205c8919d449db58598c87c8848d5611e48b79433650bed510d67022402a03e4004a37785be0d32603e027da2567949deb7e8b4517d146fa826760843ce7f091bde6a68876bf57e99301214654b985132aec79651c7184dab80b74850271af74964aa406c8c74006a44920e87d754295239ffe6a173c9f32b6d587046929e4803d53e8dc5813a1945b9136510bec44c26873a469eaa3ebe136ffaf75bb7cc9dede2c24592bc5c9d32b4c1b719bb787477a946c44087d423dc26181708cac702d6ab360b7033548878cf729fcfcf5a87caa7d666d177f77a58df363006dc2d9b5808007c31311cab48356193c9e698252fd80baa18c56de56b473e5f25df6f99e947486b1990d82bb43c288d4c65c98e0cad4a0935d40ca037bb2ff15b3857261c3eb297c5b4efd60bd5b3ad8c37e152c95bae2d48c15742897f90190618aa4106b1c480901e020cb057b9f6d1d0a4e734d13a7105eafd52caed5a5e6496430c8097a650e35ecee3bc615ed5289b2ce3b8e49b1217f2a49e64749a3e70123f4ede8bda1f2a3d8c13ff0eb9fc23af5533680619d742dc3ed44d94c49170c45e25cfd9882694c770eac2a1c2c9b1532a916a2dac66719b53239a08ac7b4dea029252b14a012f702b3496606d73fba663622f76fc83608ae9cb22f5588171531f3363f0f8908083c4fd9fe5f8f1bfdedbd9d9688f5db1a888b418f597250c618697b9fd067a271dce7302802fcebc8c9fa038f68223babc89984e8d780dc3e33aac598403c8d5daad2647b8a5088f089401d797b19668ea30987c413a80b0b6d7eb3cfe2d479c0f4578029c9792b88b37d827541b2973f00330bf2f988e4c962996ecfd63d7b5a2a083eb936ae2a739f86154382cdab5ee4c1ff0236383d7c9d96de75b5b20d1252504dd67f23d94ea5c1d05c73f2c9d3eac353a7616fdcba2b97112d36ea043385bd80460a82add081590d49670daeead151b6b79ea13f0cc4a73f6156e18f3e69cbd672c173452a21355cc5198ec75f96356a1eed0b3059aef67386e04c1059aa42e84355b693f36a046bb9e37963bbf42d76c9add54a88c7bc8bb9cae22190d46bb68daacb1e085d5fe40ffc24702fc41aa991a983799838e764b6e01f3570e440168c12c48dc1e6a05532fead540cd5505067ee9abe4bca4ec659714e2c8849678ceddd4046648dc06c347a9450d09f5b0bf41fcbc712825212070c034ba4b1bb76de8bde5f315243644370799abc142d73f1b85c51bff6014a007d0f18fa4c457f5a3d1efbab91ba3c99688a4e12867ae836d80f9553f2c62cfc947cf4a9f4a5d8cf46ce7cd6f89ee434c44748b408b26c55ebf0cc1201596287ae65338bc90d17cc94f13ae1db002579128860a97850132016a884691f0f2e0a771c229010d63655bebf4635bce576d5145479e436ff1c249c7cc2d9d5b6f1f43c5cb5dabaa04792f638fa7d21ee6f6670320be6c30e1c41555fa9be31828af8b01f2b82d30d70b078d93defde6beec48f2617d40d966f7c1429e9cfc52cef54bbf6b5804cbf4ebff6fa98ac0967e55f5f5c58b5038ae6d6503e065ede09503cac2d063db7df731ef0fb84911c85e17a2937af043e46a45e6f580c82ec27dba48ffdc7359e88a90e42314ceaf0037ac519e38dcbf3d4198302481a591a458a2f6de24b326a06a4a1b0038848d1853b7eaf3bac04ed00a8d2582b97df70676eba724f9162bc477b930416646b9826ace55559c4284dc81f4df4d26dc878a975eb3b2f9ab2f9b6268243eff72a2aff5ba1fd30e01d63647d97b58b7961ccce02adcf1887ff91b73516b73a4d4432e2f06901db37973c6157e6442535bf24514fc6580f7075b2a980ddb49a79caf38e47a487776eb1c84d2c6dbba922dcd641e2df009f8fc216f5e9b522a82d43c420d6c2ce2fa2a9adc388ec95317350689511a03180ed2d20ba1881a16e4663beb2195c611c4cda5851712c927a83bd88714cd1895eb8835454c2b712ed29e333315ada51d40aac95eef087a9008d1729c66cfc03466bd73370b1f6c348bca8298679f4b3ceb2ea9d760ab46d87161a9ae38c4771fae06dc053df24a0b76cfa22d4aadf340cfbb590304923ef65c65a6ce23719e46e44007dbd125c5ce07e0f82a542ee657942112dd1fd0e91d943e9e047fbf01ef1eae4c34c33b46632626200a102d6e507dc90a1fe1d2117735c5eada57aaece35670094443dfcd77f0700bf59da624eb8a8e8c5d5d9a78638f398ca2188cec0ba078f87fe92eb2cf1eedfb25d2707238a83b6b1331a8631e58202fab625132f840a5d59f5667f158faea54ed80b91e24d77b03b3cfb6de14b2c77e649aac97b8c9f1fd7c901ea05c06a52196745cbf7a132b629b3c0d6e0fcacef00128616c10764575bd4aee77231bc867f0f15cc485c0b6f522a571224d9978aa179c31611c9fc7aca10850bafe21832907c5da57f10ff2ea464b23e7cbd3a49120e792adcfb429a4e394e9b653c40c66de7a750fd723a47e4873024a4774998450cd4a0d0b0bbac27c283bd021a22157f2bb6ab2bcb06c7f56c1e8bdffe11d2c96f6b7516867a88e82d9111477bdee4854a8ac008826db4c8b39222cf45478fba35351581d96ba2aefc682d978d532e9825c385ffa0c77ae4059658669663abadc50ae62fbb7a156df659c1c08f39b4e5fb1f26fe571b36ce31ebaa944b4ed3068e9e53a152b32a69cc1ab0086b0610063dee3240da4e675d0436cd9328ad40a40c36565b877349ac1378f38f0e40711fe6e5544673b1121ae4b13418f592151b90bf574d35892c297aabf8807b3d563ccad624325e9444cc3b3d177633af90a3dd4de70427a44373672bc52b96a07d8a6cd8db0ed7a7d8893eb0e79bf2537a8cdad3baa759496db8a68e036d511f631ecf01886f839b59223286e1342824bd08fb6338961c38c72bc480bf434ce844b7744e9f82123c0ac9215180770dd63bd6bc547f3e4c92eb61eb0fff134d54da24fd239a8ec3fa9984abfafa06db7743669415e287da958ab727b9fc8ad8f8745cb09beffdfc5c2c138b2761451cddd76a50a9ed6c6557bf8afcaec329ab5c0e2ce0f0ed0c5a4b79003363a0e90bf3d0419efcbeec5869d655ffef53cf72086f9dcb0369d0ef3e248cc699aad901014b2734fa04e840c10b178153d6b3c79ae0ed1732a1a4b4f5b45924e89d43acf3139fe79441b0d17e7c1dde2532e7d095b907e999458836edce07444e0cc1d875a0800083a9d2732ef3ad281633294878d289a2972c16a2c8ab981fc8a2dd04ebc0ece1d513426bfe5569b73e26d35c5ac53956a0e259853add3bde02fd7c8d95fa5330af1b9ac4ac7a4407bcb6ccc7d444238e1d51e168848772a20fa4766cd599e709adf44b4a70225c0858fd1428f0e66f2d3f41bd8e928af6c5b399fa9cbbc1e3c835a27678853449a49c6eed23f16321e520a27fca1a20732d2f7e18712b064351f672b677fcea656850fb2e4c2a9bf60524ec5fa3c35ddbfc4855ea332db62498b123154af4ac2ad6985a2a12c5f736465bf86c03879fcd033bf822029aa16f8b7ae40457ef5f7063d4e0f859ccf9418e29d52bff38db8044abb86b951139c54e4ff4cd0b8099d18037dd1b024985977564ca1d939549d86e5c3f28cb6d94734909e4619fcef2263408492e1a5b289bc3061771e6b0ca9096deb46a82ecfe92874da519fdd8ae4457933e841cfb10673c0badf3329d25b8f4ff58b91042611f0738b4bb3ad64d3df0b57d0585dff458e8820d87e693a254d2f98d2538e5f9d1c265c55de645be5f7784f6d6e2e163362257b7c4a2734e659b35137cc36fd82f86645eff12b58c0b732c32bb6d4b5ff366fc8546b1018196605257d6958f81200be7acc6f53e7a7585f8d33ed2a77a76c088bf1f617718275247ed6707fa2057d033b85dc3c3128c7bc665937e00c7826068873e4fd0ef92e404bdecec2a0e884e3d062d85c59ecb7f987b3a7404bef4c8a810d40b200d607b3b10de1c4d70ba918a5d1aeeaeacdb3c351006c3ac5abbb5faae99575428170ed15be6113dfb102014b6e8e052cea8b5d9b694f03bf4e83bccd5dbf7cbefe29264651709cd7b20fad5de1122364a5dcf3828a121f2cc03a6234f5783d66e5cf6a39271e156ccd63dfbd479863bfd599309dcd9700e1f5072b4bf5a88b3718c6274f1746ced3493d54df28c612cb7561251f1db410783563cd855c783aa283e1b2792af91072259a16b37cfc6e36d99ef6d6680d78bfebe6f4d952b69803540292fe37feaa48b32ac72ff27a4a5b0ccc3b12501687b1c157872a38267e4363fbbe9eed6be84441988d32eff3b3a4657f3df330a17881013ad2a9cb9e0d3a18b13c572ae682a3957a5fbcd6bd8a75ae408c56523a40383b71689e650a27e6ba007245712a1651bd62699fef688b6c49bebffc9a5b30a7f7939f530b621cbd313547e355bb62a0133382099d15c81ad702a6f7f67509f54f085b4f371a67c1ea8ba0e50f40ec666150d8a94ef2675fca2654fc1acd0dc942857745fc67e90969e17cead333707d92f91091e6f7d5460af8341251996d5bc456b0b021da2168a8ee18380adc0d828e3882d287f95500adbbef31e63693840937c82af66d15dc11424ab7b7117dfacd52ff6d6515deaad9a6437a19ae30b5bf1d73de861309a9289c761c637e3efa95bfea54c221e87bb060e29d000bcc0a6aa5bb5c88998b82bfb49f181f86b593773e7045545e290f9d0551b3ed2f0dead2be62c7d2dd45b53fadee7aa13b50ad7766cc7d51368f77c3ebdd83ed77849a8a0a9ecb5cfc182bdb63022c68bb09742abcfb8a950652ec9eb4904950159f218bb3b4d8bb4c159e67ad2dfd21053474aedca0514a059722c0fbc23ec335e8d0b73b135d2dac82a1294a33e5e1df8f9826deeec649bcb56dc6373f3b66923299a3d84a802dbea9e4f468da4736b53e4a4e47e0c3d04e9b5ccbdde4907671c2ddecc75fa1e7f3c6b9e06b028795a50c2db4a7055f2ad8621d075c38f243ef2a43221d69463b385f1cffb8ce098de52391dbde3a28eeff486d77adf9ee5606011fad0ee9e3653546829164dcde0b36e56a00410dc8d547857177990755b022dbb82576766ef09c1154d6cdf8cbfd493bd926e40f784e839f9d3d69e514f8e49e4b6c1653376596782705f5dbd03791dc03d87d3a3f43defd53fe842ea03aa2d4ba9e82e6e10d389ccd4b5a8b4ed4c5c3dfade105ee19f38886070513372507c035e7f44ecb689bc2fa8b5feb2bc92f7ea790b3d66e8dd5a415417d5595029f10c4e00934aa29e9cfe8efcfd45404806a343f9bcfc08a220db240439ff5aef7a0c9ea345621b036afec34742bd7f8d63be831e8e22d72861cc57e3747b52ba26f4eb22bec01c614e1ccff83470c26b36dbd3d32ae503e117f691433cb1fa3fa41e8e88c8f5c021067f05b90e603cb6488905730e070ddba35f43d8095c2159fbaeea1c96b0435ea2396b3c151bf672e1ca80a25e4db83ce47ebfa1a4811792efffaf699c3958c572dc73ab486499337df340a566b16584d11298800", 0x2000, 0xfffffffffffffffe)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x10000000000000)

9.031331293s ago: executing program 6 (id=1701):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800"], 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4)
r5 = dup(r4)
ioctl$SIOCSIFHWADDR(r5, 0x400442c9, &(0x7f0000000080)={'macsec0\x00', @dev})
connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000640)={&(0x7f0000000740)={0x3c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xb7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}]}, 0x3c}}, 0x4000010)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140), 0x106, 0x9}}, 0x20)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="cd09bc5a475766a6b53e96119a2c69501b862b8cf2fcde49b440e56ef359cb936391e601f3d5680bdc5ecfead3d289eac0650712840532115d6beae221dc501bd0facba07bae43c8860317b0afa95f7dc786016c5cde72510e"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x8000)
vmsplice(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f00000006c0)="6d0b1f4f38bdfad50659e830c28f177bb7f0eca4ece2d735069dc3d8310a66388073fdecd0c184c4fb25e7a64bdca2cc1e7b117a41fb1a7541723762a4d65d1e1f168504f697c6", 0x47}], 0x1, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r7, 0x0, 0x0, 0x800)

7.527644251s ago: executing program 0 (id=1703):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/mcfilter\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open(0x0, 0x0, 0x0)
linkat(r4, &(0x7f0000000000)='./file1\x00', r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000440)='sched_switch\x00'}, 0x18)
lseek(r0, 0x38, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000d0000600000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

7.352446083s ago: executing program 4 (id=1704):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000a80)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="70f7e9a1bf4688e4ad6b16e0249b0077f8238894988b20a318c298db6e99aa603df8555d849968ce26776f5ec39a07ab7dfac060a5d4cbf5fcb2f05de6747171a77ce9609b9418e527c9f801dbdb2c6b7cc699f1747e221842ecd62717271bff6d5de30a92b7b1ed9208bb92eae3abc44c6bb1785c74c5fd6fd362a363711de51df257c322dda596af4f621557495be51dd24e4238bdc538270ee6409c60e35c4b3bc143e081885ee306aa8b417219e8320046007891917cfbb5be9e90131e620a674519738597a57e3661a02528e01278490e0e373012032b3a22"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = getpid()
syz_open_procfs(r1, &(0x7f0000000080)='net/ip_tables_names\x00')
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

5.492536629s ago: executing program 6 (id=1705):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c00028005000300410000000800014000000017080002400000000f0900010073797a30000000000900020073797a"], 0x80}}, 0x0)

5.439691242s ago: executing program 5 (id=1706):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280), 0x17)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000001f00000000000000000018200000", @ANYRES32=r0, @ANYBLOB="0000000000000000790000000000000095"], &(0x7f0000000d40)='syzkaller\x00'}, 0x94)

4.310437133s ago: executing program 5 (id=1707):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x46, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000000bbbbbbbbbbbb86dd6004c2ad00101100fc010000001100000000000000000001ff0200000000000000000000000000014e210e2200109078"], 0x0)

4.042065761s ago: executing program 0 (id=1708):
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r2, &(0x7f00000038c0)=[{{&(0x7f0000001cc0)={0xa, 0xfffc, 0x0, @mcast2, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="20ffffff8d00000029000000040000000001000000000000010001010004"], 0x20}}], 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x3}})
fcntl$addseals(r0, 0x409, 0x8)
openat$kvm(0xffffffffffffff9c, 0x0, 0x14d801, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="5400000010000104000000000000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000080300002c0012800e0001006970366772657461700000001800028014000700fe8000000000000000000000000000aa08000a00", @ANYRES32=r6, @ANYBLOB="f033e4fe67e53f17743a99cc9c121bd9a38a64721f4d1507f088296ed5298dbf816c51f765d91afa39d0063ae34e3f41cc07732dd0f18c00cb69b07850cad2bca028a7897928a82a76d086b4edfcb65cc1e7bf8a9776ee9afbd7f558fcc42fdb9114d9f79d404d94daf74c9659222b2885bbe2e07c5c5b03f8e6b39bf98d42ad53b05a4d42794d26ca9c200ca54a9f52a06dbdff3dd4082bb9fb09da10178e48d56976fca69d058060644cf46172f247b2e5b4662918560242434bc58b4017cb8aa09d13cc6435ae65b6145e0f2b59a6781af8c69354a5ce54fff0692829f2b855d7beef44ea1de600350dea2bea583713670e42397823019dc85485c963a18874d0f4d1f80f120ffb01b65d0ce47a9e1813abc77a65af9a73d9babc34389ecb4c5af3fcdb"], 0x54}, 0x1, 0x0, 0x0, 0x20081}, 0x0)

4.038474315s ago: executing program 3 (id=1709):
sendto(0xffffffffffffffff, &(0x7f0000000600)="ae6fbee764d71bdadae47f142234c01b6e5a4ffe", 0x14, 0x800, &(0x7f00000002c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e21, 0x7fffffff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffffffff}}, 0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000380)={0x0, 0x607b, 0x8, 0x0, 0x284}, &(0x7f0000000280)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x3516, 0x0, 0x4, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x10000, 0x100000, 0x8, 0x1, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x2000, 0x3, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x8, 0xef, 0x8}, {0x3000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, {0x10000, 0xffff1000, 0xf, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x2000, 0xe, 0x2, 0xfe, 0x10, 0x6, 0x1, 0x1, 0x8, 0x4, 0x6}, {0x0, 0x8000000, 0x0, 0x0, 0x5, 0xfd, 0xfc, 0x0, 0x0, 0x5}, {0x80a0000, 0x5000, 0xa, 0x0, 0x80, 0xf9, 0x0, 0x7, 0x3a, 0x2, 0xff}, {0xeeee0000, 0x3000, 0x0, 0x2, 0x0, 0x54, 0x7, 0xfc, 0x4, 0x0, 0x0, 0x5}, {0x2000, 0x401}, {}, 0xddf8ffdb, 0x0, 0x0, 0x730, 0x8, 0x8000, 0x2000, [0xff, 0x0, 0x2]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
socket$can_raw(0x1d, 0x3, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00'})
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

3.973801665s ago: executing program 6 (id=1710):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
chdir(&(0x7f00000000c0)='./file1\x00')
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
getrlimit(0x4, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r8, 0x0)
ioctl$BLKBSZSET(r7, 0x40081271, &(0x7f0000000100)=0x10000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102384, 0x18ff0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x22020400)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)

1.699551751s ago: executing program 4 (id=1711):
pipe2(&(0x7f0000000000)={0x0, <r0=>0x0}, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11020000040000000400001022bf000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r2 = socket(0x2c, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r3, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r2}, 0x20) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000140), &(0x7f0000000080)=@udp=r2}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0x1, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00', {0x7}}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x20c49a, 'syz0\x00', {0xbd}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

1.656271222s ago: executing program 5 (id=1712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x15, 0x10, 0x1400, 0x0, 0x0, 0x1}, 0x95)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xa, 0xf, &(0x7f0000000440)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0xa00}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, {{0x5, 0x0, 0x4}}, [], {{}, {}, {0x85, 0x0, 0x0, 0xb5}}}, &(0x7f0000000140)='syzkaller\x00'}, 0x90)

1.587314894s ago: executing program 3 (id=1713):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x0, 0x168, 0x9, 0x0, 0xb, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x108, 0x150, 0x0, {0x0, 0x28e}, [@common=@inet=@ipcomp={{0x30}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='mm_vmscan_throttled\x00', r3}, 0x18)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_generic(r3, 0x0, 0x404c880)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0], 0x114}], 0x1}, 0x0)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r5, 0x40000000af01, 0x0)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000140)="480100001a000708ab0925040900070002ab0700a90100001d60369321001d000a800000000000000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc00030026000000140000270400117c22ebc205214000000000008934d07302ade01720d7d5bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8", 0xf9)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000280))
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = dup(r7)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0})
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000000080)={0x0, r8})
r9 = eventfd2(0x8001, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f00000000c0)={0x0, r9})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @remote}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @multicast2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4008800}, 0x0)

1.425763787s ago: executing program 4 (id=1714):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b8825fe80000000120000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)

1.417210672s ago: executing program 5 (id=1715):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x55, 0x55, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x0, 0x1}, {0x7, 0x2}, {0x0, 0x5}]}, @type_tag={0x2, 0x0, 0x0, 0x12, 0x5}, @datasec={0x6, 0x2, 0x0, 0xf, 0x1, [{0x2, 0xdd37, 0x2}, {0x1, 0x2, 0x4ca}], "d5"}]}}, 0x0, 0x72, 0x0, 0x0, 0xfffffffd, 0x10000}, 0x28)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RMKDIR(r1, &(0x7f0000000140)={0x14, 0x49, 0x2, {0x80, 0x2, 0x8}}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000500)={0x28, 0x1, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xb})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448dd, &(0x7f0000000580))
ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000600)={0x0, 0x2, "43cb93", 0x7})
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r5, 0x0, 0x20000)
readv(r4, &(0x7f0000000040)=[{&(0x7f0000000540)=""/4114, 0x1012}], 0x1)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c000980080002000300000028000280080001"], 0x46}}, 0x4004)

1.2046621s ago: executing program 0 (id=1716):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0x2520062, r2})
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000003300000000fe8000000000000000000000000000aa"], 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x24080850)

1.02769656s ago: executing program 4 (id=1717):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="9000000010000304000000001200000000000400", @ANYRES32=0x0, @ANYBLOB="00030000028000006800128009000100766c616e000000005800028006000100020000004c0003800c00010000000000050000000c00010000000000800000000c00010070000000018000000c00010009000000010001000c00010000000000090000000c000100030000000101000008000500", @ANYRES32=r1], 0x90}}, 0x0)

715.523347ms ago: executing program 0 (id=1718):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x6, 0x9, 0x0, 0x200002b0, 0x200082e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000e501000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b39000000000000000070000000700000fda7000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff00000000"]}, 0x3c0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000000)=0x20, 0x4)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f00000000c0)=r2, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800e0001006970366572737000d73194000000000880"], 0x44}, 0x1, 0xba01, 0x0, 0x4004001}, 0x4000000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000580)={<r4=>0xffffffffffffffff})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32"], 0x7c}}, 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
mount$fuse(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r6=>0x0})
bind$can_raw(r5, &(0x7f0000000000)={0x1d, r6}, 0x10)
setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r5, &(0x7f0000000080), 0x10)
setsockopt(r0, 0x5, 0x80000001, &(0x7f0000000180)="4e4b4825670d86de9e36", 0xa)
connect$tipc(r4, &(0x7f0000007100)=@id={0x1e, 0x3, 0x3, {0x4e22, 0x4}}, 0x10)

439.099671ms ago: executing program 4 (id=1719):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x104440, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e80)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3, r3}]}, 0x40}}, 0x0)

363.831083ms ago: executing program 5 (id=1720):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c00028005000300410000000800014000000017080002400000000f0900010073797a30000000000900020073797a"], 0x80}}, 0x0)

51.531083ms ago: executing program 3 (id=1721):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) (async)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCSREP(r4, 0x80004518, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) (async)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r7=>0x0})
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x2}, 0x20) (async)
setsockopt$XDP_UMEM_COMPLETION_RING(r8, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) (async)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r8, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) (async)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r10=>0x0})
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4) (async)
bind$xdp(r8, &(0x7f0000000100)={0x2c, 0x0, r10}, 0x10) (async)
bind$xdp(r5, &(0x7f0000000180)={0x2c, 0x4, r7, 0x3}, 0x10)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000580)={0x0, 0x7000, 0x800, 0x0, 0x2}, 0x20) (async)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={0x90, 0x2, 0x6, 0x101, 0x0, 0x0, {0x7}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x5}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x10}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x6}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x10}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x80}]}]}, 0x90}}, 0x1) (async)
ioperm(0x2, 0x7fb, 0x100) (async)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x90, 0xa, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x3}, [@IPSET_ATTR_ADT={0x68, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x5}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xffffffffffffff49, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private1}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0xa, 0x1a, 'wlan0\x00'}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x90}, 0x1, 0x0, 0x0, 0x80}, 0x4800)

0s ago: executing program 5 (id=1722):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0xda, 0x0, &(0x7f0000000740)="6fd92f5c3fbecb0c72abdb6e3b92894f8a3996bc9665648600e8e927cc4bd70652cee2d9151356a81cccb527a2a318936ccee5adddb48f843b64e9e5cb87c8861a986afbcae602174c76e46c3d7ee59b50f9ada99335650fae3f0d7039b5a16472f0e7cf9e1ac681d61adb8f59cbefc26cbc9cbc8ae922f3cb67922283890b914456c8f6f27d71903b6e59f19ec24d61ff563788e43b4bf6fb356d43902fc3d477c1750b0754b99892599e5e9007c7c30df968c334ae2888ee8596c4282e238e7123d69abf6d2492258caa0cfe9a6ab7a4a3912a2d9facf1f927", 0x0, 0x1500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000711232000000f9ff950000000000000058b7fe91a90cea8295bcdc56a674d54f1c0bcde9d5ae37fe544fde6388c0c2a89e875b4c605bd51fd407a78f3ebfd368f01cb1f9df5e9f08ef4e3131001d838cc3b686faf3ece87d373f173b1c6f9aa195d5558e4ef6310ea4b597290f780a5c039dd273984ec3efe92a4ee47d5e2cf8f25800000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7", 0x3}], 0x1, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="170000000000000000000000117560d5f6e64d4a45c4003b3a837abc7961aa36693568bb85a938c7c661fa45272964ab3f1420fec49dc6083e94bbaa0ce4844df394e1300f3150e08a000424c0238ba88038eb9263a54895fe4a3d60498ef8b67853a89d4273dc1c995ee58f4b02d4e07da5ca0cd80ad46fb3b5ee4e1ad1ec6a7a67089a7591399d9f39facf177f6c8e74ef9aa892375a0db585", @ANYRES32=0x1, @ANYRESOCT=r0, @ANYRESDEC=r3, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, {0x2}})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e"], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000010, 0x12, r5, 0x1000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x10, 0x2007, @fd, 0x8, 0x0, 0x0, 0x2})
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r6 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
close(r6)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="030000000400f4ff030000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r7}, 0x18)
move_pages(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000200))
write(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

418.409792][ T9754] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1062'.
[  418.694730][ T5892] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  418.860402][ T5892] usb 1-1: too many configurations: 33, using maximum allowed: 8
[  418.884282][ T5892] usb 1-1: New USB device found, idVendor=0eb1, idProduct=6668, bcdDevice=57.b8
[  418.917692][ T5892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.943120][ T5892] usb 1-1: Product: syz
[  418.971245][ T9767] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1067'.
[  419.004782][ T5892] usb 1-1: Manufacturer: syz
[  419.014361][ T5892] usb 1-1: SerialNumber: syz
[  419.027006][ T5892] usb 1-1: config 0 descriptor??
[  419.050805][ T5892] go7007-loader 1-1:0.0: can't handle multiple config
[  419.077812][ T5892] go7007-loader 1-1:0.0: probe failed
[  419.235040][ T5907] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  419.270289][ T5892] usb 1-1: USB disconnect, device number 16
[  419.433781][ T5907] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  419.452700][ T5907] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  419.478778][ T5907] usb 4-1: config 0 has no interface number 0
[  419.497616][ T5907] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  419.520485][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.547512][ T5907] usb 4-1: Product: syz
[  419.561990][ T5907] usb 4-1: Manufacturer: syz
[  419.577838][ T5907] usb 4-1: SerialNumber: syz
[  419.598029][ T5907] usb 4-1: config 0 descriptor??
[  419.814263][   T30] audit: type=1326 audit(1750881173.426:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  419.871059][   T30] audit: type=1326 audit(1750881173.426:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  419.898990][   T30] audit: type=1326 audit(1750881173.426:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  419.920539][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.927636][   T30] audit: type=1326 audit(1750881173.426:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  419.928354][ T5907] usb 4-1: Found UVC 0.00 device syz (046d:0823)
[  419.961575][   T30] audit: type=1326 audit(1750881173.426:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  419.991316][ T5907] usb 4-1: No valid video chain found.
[  420.000495][ T5907] usb 4-1: USB disconnect, device number 21
[  420.073004][   T30] audit: type=1326 audit(1750881173.426:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  420.167569][   T30] audit: type=1326 audit(1750881173.426:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9764 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4518e929 code=0x7ffc0000
[  420.590203][ T9792] netlink: 'syz.3.1077': attribute type 10 has an invalid length.
[  420.614903][ T5817] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  421.386104][ T5817] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.397121][ T5817] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  421.414429][ T5817] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.446620][ T5817] usb 3-1: config 0 descriptor??
[  421.714214][ T5878] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  421.852669][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1083'.
[  421.934351][ T5878] usb 5-1: Using ep0 maxpacket: 8
[  421.981158][ T9812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1083'.
[  421.982798][ T5878] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  422.141543][ T5878] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  422.249249][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  422.354427][ T5878] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  422.567034][ T5878] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  422.594106][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.602369][ T5878] usb 5-1: Product: syz
[  422.612478][ T5878] usb 5-1: Manufacturer: syz
[  422.620527][ T5878] usb 5-1: SerialNumber: syz
[  422.636501][ T5878] usb 5-1: config 0 descriptor??
[  422.691346][ T5878] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input26
[  422.931022][ T9801] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  422.937882][ T9801] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  422.965538][ T9801] vhci_hcd vhci_hcd.0: Device attached
[  423.008527][ T9822] overlayfs: failed to resolve './file2': -2
[  423.214455][ T9817] vhci_hcd: connection closed
[  423.218403][   T12] vhci_hcd: stop threads
[  423.229620][ T5878] imon:send_packet: packet tx failed (-71)
[  423.352980][ T9823] overlayfs: failed to resolve './file2': -2
[  423.918096][ T1208] usb 42-1: SetAddress Request (2) to port 0
[  423.936036][   T12] vhci_hcd: release socket
[  423.951339][ T1208] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  423.959948][   T12] vhci_hcd: disconnect device
[  423.964914][ T5878] imon 5-1:0.0: panel buttons/knobs setup failed
[  423.988262][ T1208] usb 42-1: enqueue for inactive port 0
[  424.244316][ T5878] rc_core: IR keymap rc-imon-pad not found
[  424.250322][ T5878] Registered IR keymap rc-empty
[  424.253499][ T9831] netlink: 'syz.0.1088': attribute type 1 has an invalid length.
[  424.294230][ T9831] netlink: 'syz.0.1088': attribute type 4 has an invalid length.
[  424.321151][ T9831] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.1088'.
[  424.321201][ T5878] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  424.418024][ T1208] usb usb42-port1: attempt power cycle
[  424.426113][ T5878] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  424.460925][ T9832] netlink: 'syz.0.1088': attribute type 1 has an invalid length.
[  424.475854][ T5878] imon:send_packet: packet tx failed (-71)
[  424.505782][ T5878] imon 5-1:0.0: remote input dev register failed
[  424.522242][ T9832] netlink: 'syz.0.1088': attribute type 4 has an invalid length.
[  424.523206][ T5878] imon 5-1:0.0: imon_init_intf0: rc device setup failed
[  424.621439][ T9832] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.1088'.
[  425.465921][ T1208] usb usb42-port1: unable to enumerate USB device
[  425.567945][ T5878] imon 5-1:0.0: unable to initialize intf0, err 0
[  425.591703][ T5878] imon:imon_probe: failed to initialize context!
[  425.600588][ T5878] imon 5-1:0.0: unable to register, err -19
[  425.622070][ T5878] usb 5-1: USB disconnect, device number 19
[  425.676284][ T5817] usbhid 3-1:0.0: can't add hid device: -71
[  425.683909][ T5817] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  425.724472][ T5817] usb 3-1: USB disconnect, device number 27
[  426.108063][ T9853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1095'.
[  426.894818][ T9860] binder: 9859:9860 ioctl 400c620e 2000000000c0 returned -22
[  427.189387][ T9869] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  428.091426][ T9874] sctp: [Deprecated]: syz.2.1102 (pid 9874) Use of struct sctp_assoc_value in delayed_ack socket option.
[  428.091426][ T9874] Use struct sctp_sack_info instead
[  428.659958][ T9879] cgroup: Bad value for 'name'
[  428.824332][ T5907] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  428.984174][ T5907] usb 4-1: Using ep0 maxpacket: 32
[  428.995198][ T5907] usb 4-1: config 0 has no interfaces?
[  429.011464][ T5907] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  429.050237][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.083153][ T5907] usb 4-1: Product: syz
[  429.091774][ T5907] usb 4-1: Manufacturer: syz
[  429.105003][ T5907] usb 4-1: SerialNumber: syz
[  429.112940][ T5907] usb 4-1: config 0 descriptor??
[  429.220152][ T9892] macvlan0: entered promiscuous mode
[  429.265032][ T9892] netlink: 'syz.5.1107': attribute type 1 has an invalid length.
[  429.272831][ T9892] netlink: 'syz.5.1107': attribute type 2 has an invalid length.
[  429.995849][ T9897] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[  430.132227][ T9901] netlink: 'syz.4.1110': attribute type 1 has an invalid length.
[  430.140229][ T9901] netlink: 216 bytes leftover after parsing attributes in process `syz.4.1110'.
[  430.149461][ T9901] NCSI netlink: No device for ifindex 767
[  431.186686][ T5817] usb 4-1: USB disconnect, device number 22
[  431.524390][ T9916] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1116'.
[  431.740923][ T9924] FAULT_INJECTION: forcing a failure.
[  431.740923][ T9924] name failslab, interval 1, probability 0, space 0, times 0
[  431.756672][ T9924] CPU: 1 UID: 0 PID: 9924 Comm: syz.5.1121 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  431.756702][ T9924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  431.756714][ T9924] Call Trace:
[  431.756722][ T9924]  <TASK>
[  431.756732][ T9924]  dump_stack_lvl+0x189/0x250
[  431.756767][ T9924]  ? __pfx____ratelimit+0x10/0x10
[  431.756796][ T9924]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.756826][ T9924]  ? __pfx__printk+0x10/0x10
[  431.756852][ T9924]  ? __pfx___might_resched+0x10/0x10
[  431.756879][ T9924]  ? fs_reclaim_acquire+0x7d/0x100
[  431.756913][ T9924]  should_fail_ex+0x414/0x560
[  431.756943][ T9924]  should_failslab+0xa8/0x100
[  431.756970][ T9924]  __kmalloc_cache_noprof+0x70/0x3d0
[  431.756994][ T9924]  ? alloc_fs_context+0x61/0x7d0
[  431.757030][ T9924]  alloc_fs_context+0x61/0x7d0
[  431.757055][ T9924]  ? do_raw_read_unlock+0x3d/0x80
[  431.757083][ T9924]  ? _raw_read_unlock+0x28/0x50
[  431.757107][ T9924]  ? get_fs_type+0x407/0x480
[  431.757142][ T9924]  do_new_mount+0x10e/0xa40
[  431.757177][ T9924]  __se_sys_mount+0x317/0x410
[  431.757210][ T9924]  ? __pfx___se_sys_mount+0x10/0x10
[  431.757234][ T9924]  ? rcu_is_watching+0x15/0xb0
[  431.757269][ T9924]  ? do_syscall_64+0xbe/0x3b0
[  431.757304][ T9924]  ? __x64_sys_mount+0x20/0xc0
[  431.757333][ T9924]  do_syscall_64+0xfa/0x3b0
[  431.757360][ T9924]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.757388][ T9924]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.757408][ T9924]  ? clear_bhb_loop+0x60/0xb0
[  431.757433][ T9924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.757451][ T9924] RIP: 0033:0x7ff65358e929
[  431.757470][ T9924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.757486][ T9924] RSP: 002b:00007ff6544c1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  431.757508][ T9924] RAX: ffffffffffffffda RBX: 00007ff6537b5fa0 RCX: 00007ff65358e929
[  431.757522][ T9924] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  431.757536][ T9924] RBP: 00007ff6544c1090 R08: 0000200000000a00 R09: 0000000000000000
[  431.757549][ T9924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  431.757561][ T9924] R13: 0000000000000000 R14: 00007ff6537b5fa0 R15: 00007fff7b40f008
[  431.757592][ T9924]  </TASK>
[  431.824215][ T5907] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  432.346261][ T5907] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  432.358782][ T5907] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  432.371628][ T5907] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  432.380910][ T5907] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  432.392206][ T5907] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  433.054386][ T5907] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  433.069173][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  433.077455][ T5907] usb 3-1: Product: syz
[  433.127541][ T5907] usb 3-1: Manufacturer: syz
[  433.221341][ T5907] cdc_wdm 3-1:1.0: skipping garbage
[  433.228370][ T5907] cdc_wdm 3-1:1.0: skipping garbage
[  433.238254][ T5907] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  433.254601][ T5907] cdc_wdm 3-1:1.0: Unknown control protocol
[  433.885938][ T9944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  433.896097][ T9944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.099286][ T5878] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  434.139251][ T9947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.366508][ T9947] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.386142][ T5878] usb 6-1: device descriptor read/64, error -71
[  434.594661][  T977] usb 3-1: USB disconnect, device number 28
[  434.611949][ T9952] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1128'.
[  434.710446][ T5878] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  435.267983][ T9956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1129'.
[  435.274657][ T5878] usb 6-1: device descriptor read/64, error -71
[  435.394748][ T5878] usb usb6-port1: attempt power cycle
[  435.668895][ T9964] netlink: 'syz.2.1133': attribute type 6 has an invalid length.
[  435.734264][ T5878] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  435.804481][ T9964] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1133'.
[  435.835819][ T5878] usb 6-1: device descriptor read/8, error -71
[  436.504343][ T5878] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  436.563479][ T5878] usb 6-1: device descriptor read/8, error -71
[  436.606258][ T9969] overlayfs: missing 'lowerdir'
[  436.688994][ T9982] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1139'.
[  436.748202][ T5878] usb usb6-port1: unable to enumerate USB device
[  436.904300][   T24] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  437.151491][   T24] usb 5-1: too many configurations: 204, using maximum allowed: 8
[  437.231409][   T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 210
[  437.302672][   T24] usb 5-1: can't read configurations, error -22
[  437.449501][ T9992] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  437.471243][ T9992] cramfs: wrong magic
[  437.686220][   T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  438.274940][   T24] usb 5-1: too many configurations: 204, using maximum allowed: 8
[  438.290692][   T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 210
[  438.310351][   T24] usb 5-1: can't read configurations, error -22
[  438.328312][   T24] usb usb5-port1: attempt power cycle
[  438.850465][   T24] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  438.970306][T10000] program syz.2.1145 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  438.991020][   T24] usb 5-1: too many configurations: 204, using maximum allowed: 8
[  439.280078][   T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 210
[  439.303874][   T24] usb 5-1: can't read configurations, error -22
[  439.534607][   T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  439.950946][   T24] usb 5-1: device descriptor read/8, error -71
[  440.016698][T10010] netlink: 'syz.5.1147': attribute type 1 has an invalid length.
[  440.076078][   T24] usb usb5-port1: unable to enumerate USB device
[  440.135113][T10015] bond0: entered promiscuous mode
[  440.140222][T10015] bond_slave_0: entered promiscuous mode
[  440.149949][T10015] bond_slave_1: entered promiscuous mode
[  440.159286][T10015] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  440.169047][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  440.176772][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  440.183629][T10015] bond0: left promiscuous mode
[  440.189635][T10015] bond_slave_0: left promiscuous mode
[  440.196532][T10015] bond_slave_1: left promiscuous mode
[  440.254357][   T10] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  440.262830][ T5907] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  440.384436][   T24] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[  440.599780][   T24] usb 5-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=cd.35
[  440.655774][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.500891][ T5907] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  441.591695][   T10] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  441.741907][   T24] usb 5-1: config 0 descriptor??
[  441.900406][   T24] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[  441.952070][   T24] dw2102: su3000_power_ctrl: 1, initialized 0
[  442.009563][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  442.176138][   T24] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  442.478264][   T24] dvb-usb: TeVii S482 (tuner 2) error while loading driver (-19)
[  443.073380][   T10] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  443.083919][ T5907] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.093636][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  443.098268][T10023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1153'.
[  443.102838][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  443.232128][ T5907] usb 1-1: config 0 descriptor??
[  443.232174][   T24] usb 5-1: USB disconnect, device number 24
[  443.320603][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  443.449577][T10024] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1153'.
[  443.785554][ T5907] usb 1-1: can't set config #0, error -71
[  443.820189][ T5907] usb 1-1: USB disconnect, device number 17
[  443.830096][   T10] usb 3-1: string descriptor 0 read error: -71
[  443.854201][   T10] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  443.863285][   T10] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  443.979296][   T10] usb 3-1: can't set config #1, error -71
[  444.016381][   T10] usb 3-1: USB disconnect, device number 29
[  444.452411][T10038] FAULT_INJECTION: forcing a failure.
[  444.452411][T10038] name failslab, interval 1, probability 0, space 0, times 0
[  444.668738][T10038] CPU: 0 UID: 0 PID: 10038 Comm: syz.0.1159 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  444.668770][T10038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.668783][T10038] Call Trace:
[  444.668793][T10038]  <TASK>
[  444.668803][T10038]  dump_stack_lvl+0x189/0x250
[  444.668838][T10038]  ? __pfx____ratelimit+0x10/0x10
[  444.668867][T10038]  ? __pfx_dump_stack_lvl+0x10/0x10
[  444.668896][T10038]  ? __pfx__printk+0x10/0x10
[  444.668923][T10038]  ? __pfx___might_resched+0x10/0x10
[  444.668951][T10038]  ? fs_reclaim_acquire+0x7d/0x100
[  444.668984][T10038]  should_fail_ex+0x414/0x560
[  444.669014][T10038]  should_failslab+0xa8/0x100
[  444.669041][T10038]  __kmalloc_noprof+0xcb/0x4f0
[  444.669064][T10038]  ? kfree+0x4d/0x440
[  444.669082][T10038]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  444.669119][T10038]  tomoyo_realpath_from_path+0xe3/0x5d0
[  444.669152][T10038]  ? tomoyo_domain+0xda/0x130
[  444.669186][T10038]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  444.669217][T10038]  tomoyo_path_number_perm+0x1e8/0x5a0
[  444.669249][T10038]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  444.669274][T10038]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  444.669302][T10038]  ? rcu_is_watching+0x15/0xb0
[  444.669339][T10038]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  444.669387][T10038]  ? __rcu_read_unlock+0x84/0xe0
[  444.669410][T10038]  ? __fget_files+0x2a/0x420
[  444.669435][T10038]  ? __fget_files+0x3a0/0x420
[  444.669460][T10038]  ? __fget_files+0x2a/0x420
[  444.669489][T10038]  security_file_ioctl+0xcb/0x2d0
[  444.669518][T10038]  __se_sys_ioctl+0x47/0x170
[  444.669542][T10038]  do_syscall_64+0xfa/0x3b0
[  444.669573][T10038]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.669593][T10038]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  444.669623][T10038]  ? clear_bhb_loop+0x60/0xb0
[  444.669655][T10038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.669674][T10038] RIP: 0033:0x7f7c51d8e929
[  444.669691][T10038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.669707][T10038] RSP: 002b:00007f7c52bf2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  444.669728][T10038] RAX: ffffffffffffffda RBX: 00007f7c51fb5fa0 RCX: 00007f7c51d8e929
[  444.669743][T10038] RDX: 0000200000000040 RSI: 00000000c02c564a RDI: 0000000000000003
[  444.669756][T10038] RBP: 00007f7c52bf2090 R08: 0000000000000000 R09: 0000000000000000
[  444.669768][T10038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.669780][T10038] R13: 0000000000000000 R14: 00007f7c51fb5fa0 R15: 00007fff93f1b988
[  444.669809][T10038]  </TASK>
[  444.670413][T10038] ERROR: Out of memory at tomoyo_realpath_from_path.
[  444.954313][ T5824] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  445.174867][ T5824] usb 6-1: Using ep0 maxpacket: 8
[  445.186268][ T5824] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.211151][ T5824] usb 6-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  445.226064][ T5824] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.245945][ T5824] usb 6-1: config 0 descriptor??
[  445.293298][T10056] input: syz1 as /devices/virtual/input/input28
[  446.670659][ T5824] hid-multitouch 0003:0EEF:72C4.0008: unknown main item tag 0x0
[  446.714433][ T5824] hid-multitouch 0003:0EEF:72C4.0008: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.5-1/input0
[  448.462852][ T5892] usb 6-1: USB disconnect, device number 16
[  448.648910][T10074] Invalid logical block size (1536)
[  449.057992][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1172'.
[  449.627467][ T6280] Bluetooth: hci5: Frame reassembly failed (-84)
[  451.100175][T10097] FAULT_INJECTION: forcing a failure.
[  451.100175][T10097] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  451.288186][T10097] CPU: 0 UID: 0 PID: 10097 Comm: syz.5.1174 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  451.288218][T10097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  451.288231][T10097] Call Trace:
[  451.288240][T10097]  <TASK>
[  451.288249][T10097]  dump_stack_lvl+0x189/0x250
[  451.288284][T10097]  ? __pfx____ratelimit+0x10/0x10
[  451.288314][T10097]  ? __pfx_dump_stack_lvl+0x10/0x10
[  451.288345][T10097]  ? __pfx__printk+0x10/0x10
[  451.288365][T10097]  ? __might_fault+0xb0/0x130
[  451.288402][T10097]  should_fail_ex+0x414/0x560
[  451.288432][T10097]  _copy_from_user+0x2d/0xb0
[  451.288453][T10097]  ___sys_sendmsg+0x158/0x2a0
[  451.288482][T10097]  ? __pfx____sys_sendmsg+0x10/0x10
[  451.288545][T10097]  ? __fget_files+0x2a/0x420
[  451.288572][T10097]  ? __fget_files+0x3a0/0x420
[  451.288610][T10097]  __x64_sys_sendmsg+0x19b/0x260
[  451.288638][T10097]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  451.288682][T10097]  ? do_syscall_64+0xbe/0x3b0
[  451.288717][T10097]  do_syscall_64+0xfa/0x3b0
[  451.288748][T10097]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.288767][T10097]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  451.288787][T10097]  ? clear_bhb_loop+0x60/0xb0
[  451.288812][T10097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.288832][T10097] RIP: 0033:0x7ff65358e929
[  451.288858][T10097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.288876][T10097] RSP: 002b:00007ff6544c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  451.288899][T10097] RAX: ffffffffffffffda RBX: 00007ff6537b5fa0 RCX: 00007ff65358e929
[  451.288914][T10097] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  451.288926][T10097] RBP: 00007ff6544c1090 R08: 0000000000000000 R09: 0000000000000000
[  451.288939][T10097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.288951][T10097] R13: 0000000000000000 R14: 00007ff6537b5fa0 R15: 00007fff7b40f008
[  451.288983][T10097]  </TASK>
[  451.454432][   T51] Bluetooth: hci5: command 0x1003 tx timeout
[  451.690736][ T5826] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  451.843015][T10098] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1175'.
[  452.953346][T10126] overlayfs: missing 'workdir'
[  453.144346][ T5878] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  453.363176][T10136] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1186'.
[  454.111713][ T5878] usb 4-1: not running at top speed; connect to a high speed hub
[  454.381398][ T5878] usb 4-1: config 1 interface 0 has no altsetting 0
[  454.730427][ T5878] usb 4-1: New USB device found, idVendor=0c16, idProduct=0003, bcdDevice= 0.40
[  454.776181][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.829096][ T5878] usb 4-1: Product: �
[  454.833270][ T5878] usb 4-1: Manufacturer: ï“¿
[  454.864101][ T5878] usb 4-1: SerialNumber: Ð…
[  454.872422][ T5878] usb 4-1: rejected 1 configuration due to insufficient available bus power
[  454.922822][ T5878] usb 4-1: no configuration chosen from 1 choice
[  455.273392][T10147] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  455.564706][T10154] FAULT_INJECTION: forcing a failure.
[  455.564706][T10154] name failslab, interval 1, probability 0, space 0, times 0
[  455.776591][T10154] CPU: 1 UID: 0 PID: 10154 Comm: syz.0.1191 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  455.776622][T10154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  455.776635][T10154] Call Trace:
[  455.776643][T10154]  <TASK>
[  455.776653][T10154]  dump_stack_lvl+0x189/0x250
[  455.776687][T10154]  ? __pfx____ratelimit+0x10/0x10
[  455.776719][T10154]  ? __pfx_dump_stack_lvl+0x10/0x10
[  455.776747][T10154]  ? __pfx__printk+0x10/0x10
[  455.776770][T10154]  ? __pfx___might_resched+0x10/0x10
[  455.776798][T10154]  ? fs_reclaim_acquire+0x7d/0x100
[  455.776831][T10154]  should_fail_ex+0x414/0x560
[  455.776861][T10154]  should_failslab+0xa8/0x100
[  455.776888][T10154]  __kmalloc_noprof+0xcb/0x4f0
[  455.776910][T10154]  ? tomoyo_encode+0x28b/0x550
[  455.776943][T10154]  tomoyo_encode+0x28b/0x550
[  455.776978][T10154]  tomoyo_realpath_from_path+0x58d/0x5d0
[  455.777019][T10154]  ? tomoyo_mount_permission+0x27a/0x970
[  455.777047][T10154]  tomoyo_mount_permission+0x377/0x970
[  455.777078][T10154]  ? tomoyo_mount_permission+0x27a/0x970
[  455.777105][T10154]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  455.777192][T10154]  security_sb_mount+0xec/0x350
[  455.777216][T10154]  path_mount+0xbc/0xfe0
[  455.777240][T10154]  ? user_path_at+0x44/0x60
[  455.777255][T10154]  ? kmem_cache_free+0x18f/0x400
[  455.777288][T10154]  __se_sys_mount+0x317/0x410
[  455.777319][T10154]  ? __pfx___se_sys_mount+0x10/0x10
[  455.777349][T10154]  ? rcu_is_watching+0x15/0xb0
[  455.777382][T10154]  ? do_syscall_64+0xbe/0x3b0
[  455.777409][T10154]  ? __x64_sys_mount+0x20/0xc0
[  455.777437][T10154]  do_syscall_64+0xfa/0x3b0
[  455.777464][T10154]  ? lockdep_hardirqs_on+0x9c/0x150
[  455.777490][T10154]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.777509][T10154]  ? clear_bhb_loop+0x60/0xb0
[  455.777532][T10154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.777550][T10154] RIP: 0033:0x7f7c51d8e929
[  455.777566][T10154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.777583][T10154] RSP: 002b:00007f7c52bd1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  455.777604][T10154] RAX: ffffffffffffffda RBX: 00007f7c51fb6080 RCX: 00007f7c51d8e929
[  455.777619][T10154] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  455.777630][T10154] RBP: 00007f7c52bd1090 R08: 0000200000000a00 R09: 0000000000000000
[  455.777643][T10154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  455.777655][T10154] R13: 0000000000000000 R14: 00007f7c51fb6080 R15: 00007fff93f1b988
[  455.777686][T10154]  </TASK>
[  456.038728][    C1] vkms_vblank_simulate: vblank timer overrun
[  456.190276][T10154] ERROR: Out of memory at tomoyo_realpath_from_path.
[  456.339271][ T1208] usb 4-1: USB disconnect, device number 23
[  456.684491][T10163] binder: 10159:10163 ioctl c0306201 2000000003c0 returned -14
[  458.624098][ T5907] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  459.549051][ T5907] usb 4-1: Using ep0 maxpacket: 8
[  459.624463][ T5907] usb 4-1: unable to get BOS descriptor or descriptor too short
[  459.687048][ T5907] usb 4-1: unable to read config index 0 descriptor/all
[  459.714118][ T5907] usb 4-1: can't read configurations, error -71
[  464.854096][T10216] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  467.406582][T10231] overlayfs: failed to resolve './file0': -2
[  467.680437][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'.
[  467.707405][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'.
[  467.914932][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'.
[  468.001845][T10239] netlink: 'syz.2.1217': attribute type 14 has an invalid length.
[  468.257176][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'.
[  468.351786][T10240] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1217'.
[  468.372575][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'.
[  468.568840][T10246] xt_addrtype: ipv6 does not support BROADCAST matching
[  468.612062][T10251] FAULT_INJECTION: forcing a failure.
[  468.612062][T10251] name failslab, interval 1, probability 0, space 0, times 0
[  468.634278][   T24] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  468.635715][T10251] CPU: 0 UID: 0 PID: 10251 Comm: syz.3.1221 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  468.635746][T10251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.635761][T10251] Call Trace:
[  468.635770][T10251]  <TASK>
[  468.635780][T10251]  dump_stack_lvl+0x189/0x250
[  468.635821][T10251]  ? __pfx____ratelimit+0x10/0x10
[  468.635856][T10251]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.635889][T10251]  ? __pfx__printk+0x10/0x10
[  468.635918][T10251]  ? __pfx___might_resched+0x10/0x10
[  468.635960][T10251]  ? fs_reclaim_acquire+0x7d/0x100
[  468.635998][T10251]  should_fail_ex+0x414/0x560
[  468.636029][T10251]  should_failslab+0xa8/0x100
[  468.636060][T10251]  __kmalloc_cache_noprof+0x70/0x3d0
[  468.636098][T10251]  ? rtnl_newlink+0xed/0x1c70
[  468.636116][T10251]  ? kasan_save_free_info+0x46/0x50
[  468.636153][T10251]  rtnl_newlink+0xed/0x1c70
[  468.636172][T10251]  ? netlink_sendmsg+0x805/0xb30
[  468.636195][T10251]  ? __sock_sendmsg+0x219/0x270
[  468.636223][T10251]  ? ____sys_sendmsg+0x505/0x830
[  468.636244][T10251]  ? ___sys_sendmsg+0x21f/0x2a0
[  468.636266][T10251]  ? __x64_sys_sendmsg+0x19b/0x260
[  468.636309][T10251]  ? do_syscall_64+0xfa/0x3b0
[  468.636339][T10251]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.636372][T10251]  ? __pfx_rtnl_newlink+0x10/0x10
[  468.636420][T10251]  ? kasan_quarantine_put+0xdd/0x220
[  468.636442][T10251]  ? lockdep_hardirqs_on+0x9c/0x150
[  468.636480][T10251]  ? nlmon_xmit+0xb0/0x100
[  468.636509][T10251]  ? kmem_cache_free+0x18f/0x400
[  468.636543][T10251]  ? __local_bh_enable_ip+0x12d/0x1c0
[  468.636574][T10251]  ? lockdep_hardirqs_on+0x9c/0x150
[  468.636607][T10251]  ? __local_bh_enable_ip+0x12d/0x1c0
[  468.636637][T10251]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  468.636671][T10251]  ? __dev_queue_xmit+0x27e/0x3a70
[  468.636700][T10251]  ? __dev_queue_xmit+0x27e/0x3a70
[  468.636727][T10251]  ? __dev_queue_xmit+0x27e/0x3a70
[  468.636756][T10251]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  468.636793][T10251]  ? __lock_acquire+0xab9/0xd20
[  468.636851][T10251]  ? __pfx_rtnl_newlink+0x10/0x10
[  468.636873][T10251]  rtnetlink_rcv_msg+0x7cc/0xb70
[  468.636900][T10251]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  468.636920][T10251]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  468.636946][T10251]  ? ref_tracker_free+0x63a/0x7d0
[  468.636973][T10251]  ? __copy_skb_header+0xa7/0x550
[  468.637001][T10251]  ? __pfx_ref_tracker_free+0x10/0x10
[  468.637029][T10251]  ? __skb_clone+0x63/0x7a0
[  468.637064][T10251]  netlink_rcv_skb+0x208/0x470
[  468.637088][T10251]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  468.637112][T10251]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  468.637151][T10251]  ? netlink_deliver_tap+0x2e/0x1b0
[  468.637174][T10251]  ? netlink_deliver_tap+0x2e/0x1b0
[  468.637206][T10251]  netlink_unicast+0x75b/0x8d0
[  468.637254][T10251]  netlink_sendmsg+0x805/0xb30
[  468.637293][T10251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.637328][T10251]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  468.637354][T10251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.637381][T10251]  __sock_sendmsg+0x219/0x270
[  468.637417][T10251]  ____sys_sendmsg+0x505/0x830
[  468.637450][T10251]  ? __pfx_____sys_sendmsg+0x10/0x10
[  468.637487][T10251]  ? import_iovec+0x74/0xa0
[  468.637513][T10251]  ___sys_sendmsg+0x21f/0x2a0
[  468.637550][T10251]  ? __pfx____sys_sendmsg+0x10/0x10
[  468.637617][T10251]  ? __fget_files+0x2a/0x420
[  468.637648][T10251]  ? __fget_files+0x3a0/0x420
[  468.637689][T10251]  __x64_sys_sendmsg+0x19b/0x260
[  468.637718][T10251]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  468.637756][T10251]  ? __pfx_ksys_write+0x10/0x10
[  468.637778][T10251]  ? rcu_is_watching+0x15/0xb0
[  468.637816][T10251]  ? do_syscall_64+0xbe/0x3b0
[  468.637854][T10251]  do_syscall_64+0xfa/0x3b0
[  468.637885][T10251]  ? lockdep_hardirqs_on+0x9c/0x150
[  468.637914][T10251]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.637942][T10251]  ? clear_bhb_loop+0x60/0xb0
[  468.637970][T10251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.637991][T10251] RIP: 0033:0x7f3c4518e929
[  468.638011][T10251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  468.638031][T10251] RSP: 002b:00007f3c45f3a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  468.638055][T10251] RAX: ffffffffffffffda RBX: 00007f3c453b5fa0 RCX: 00007f3c4518e929
[  468.638071][T10251] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  468.638086][T10251] RBP: 00007f3c45f3a090 R08: 0000000000000000 R09: 0000000000000000
[  468.638099][T10251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  468.638113][T10251] R13: 0000000000000000 R14: 00007f3c453b5fa0 R15: 00007ffe7cbda908
[  468.638146][T10251]  </TASK>
[  469.927170][   T24] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  469.957440][   T24] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.970432][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  469.978489][   T24] usb 1-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  469.991645][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.013599][   T24] usb 1-1: config 0 descriptor??
[  470.326583][T10270] bridge_slave_0: left allmulticast mode
[  470.634164][T10250] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  470.646362][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  471.024395][T10270] bridge_slave_0: left promiscuous mode
[  471.055302][T10270] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.059340][   T24] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0
[  471.076685][   T24] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0
[  471.110331][   T24] hid-steam 0003:28DE:1102.0009: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[  471.125591][T10270] bridge_slave_1: left allmulticast mode
[  471.131393][T10270] bridge_slave_1: left promiscuous mode
[  471.164524][T10270] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.187720][T10270] bond0: (slave bond_slave_0): Releasing backup interface
[  471.200177][T10270] bond0: (slave bond_slave_1): Releasing backup interface
[  471.234533][   T24] hid-steam 0003:28DE:1102.0009: Steam Controller 'XXXXXXXXXX' connected
[  471.257479][T10270] team0: Port device team_slave_0 removed
[  471.277011][   T24] input: Steam Controller as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1102.0009/input/input29
[  471.329834][T10244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1218'.
[  471.392792][T10270] team0: Port device team_slave_1 removed
[  471.422389][   T24] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0
[  471.435353][T10270] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  471.459744][   T24] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0
[  471.480159][T10270] batman_adv: batadv0: Removing interface: batadv_slave_0
[  471.527832][   T24] hid-steam 0003:28DE:1102.000A: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[  471.541875][T10270] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  471.571719][T10270] batman_adv: batadv0: Removing interface: batadv_slave_1
[  471.624683][   T24] usb 1-1: USB disconnect, device number 18
[  471.678911][T10277] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1228'.
[  471.800475][   T24] hid-steam 0003:28DE:1102.0009: Steam Controller 'XXXXXXXXXX' disconnected
[  471.815879][T10280] fido_id[10280]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  472.659748][T10293] netlink: zone id is out of range
[  472.665065][T10293] netlink: zone id is out of range
[  472.670258][T10293] netlink: zone id is out of range
[  472.675501][T10293] netlink: zone id is out of range
[  472.680679][T10293] netlink: zone id is out of range
[  472.685883][T10293] netlink: zone id is out of range
[  472.691060][T10293] netlink: zone id is out of range
[  472.696268][T10293] netlink: zone id is out of range
[  472.701442][T10293] netlink: zone id is out of range
[  472.706664][T10293] netlink: zone id is out of range
[  473.561692][   T24] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  474.334137][   T24] usb 3-1: Using ep0 maxpacket: 8
[  474.341398][   T24] usb 3-1: config 1 has an invalid interface number: 12 but max is 0
[  474.350034][   T24] usb 3-1: config 1 has no interface number 0
[  474.357870][   T24] usb 3-1: config 1 interface 12 has no altsetting 0
[  474.368657][   T24] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffcd, bcdDevice=82.c9
[  474.388297][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.419863][   T24] usb 3-1: Product: syz
[  474.444627][   T24] usb 3-1: SerialNumber: syz
[  474.546392][T10312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1239'.
[  475.426333][T10320] FAULT_INJECTION: forcing a failure.
[  475.426333][T10320] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  475.486452][   T24] usb 3-1: can't set config #1, error -71
[  475.508504][   T24] usb 3-1: USB disconnect, device number 30
[  475.524403][T10320] CPU: 1 UID: 0 PID: 10320 Comm: syz.0.1242 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  475.524432][T10320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.524444][T10320] Call Trace:
[  475.524452][T10320]  <TASK>
[  475.524461][T10320]  dump_stack_lvl+0x189/0x250
[  475.524494][T10320]  ? __pfx____ratelimit+0x10/0x10
[  475.524521][T10320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  475.524549][T10320]  ? __pfx__printk+0x10/0x10
[  475.524570][T10320]  ? fs_reclaim_acquire+0x7d/0x100
[  475.524606][T10320]  should_fail_ex+0x414/0x560
[  475.524635][T10320]  prepare_alloc_pages+0x213/0x610
[  475.524671][T10320]  __alloc_frozen_pages_noprof+0x123/0x370
[  475.524705][T10320]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  475.524746][T10320]  ? policy_nodemask+0x27c/0x720
[  475.524776][T10320]  alloc_pages_mpol+0x232/0x4a0
[  475.524806][T10320]  vma_alloc_folio_noprof+0xe4/0x200
[  475.524834][T10320]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  475.524896][T10320]  folio_prealloc+0x30/0x180
[  475.524942][T10320]  do_wp_page+0x1231/0x5800
[  475.524986][T10320]  ? __pfx_do_wp_page+0x10/0x10
[  475.525005][T10320]  ? do_raw_spin_lock+0x121/0x290
[  475.525030][T10320]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  475.525063][T10320]  __handle_mm_fault+0x1144/0x5620
[  475.525107][T10320]  ? __pfx___handle_mm_fault+0x10/0x10
[  475.525146][T10320]  ? follow_page_pte+0xe7e/0x14b0
[  475.525183][T10320]  handle_mm_fault+0x2d5/0x7f0
[  475.525206][T10320]  ? vma_is_secretmem+0xd/0x50
[  475.525240][T10320]  __get_user_pages+0x1af4/0x30b0
[  475.525300][T10320]  ? __pfx___get_user_pages+0x10/0x10
[  475.525320][T10320]  ? __gup_longterm_locked+0xbf7/0x15b0
[  475.525342][T10320]  ? down_read_killable+0x1d1/0x350
[  475.525361][T10320]  ? try_get_folio+0x633/0x660
[  475.525388][T10320]  __gup_longterm_locked+0xd66/0x15b0
[  475.525416][T10320]  ? try_grab_folio_fast+0x35b/0x4f0
[  475.525444][T10320]  ? sanity_check_pinned_pages+0x11c8/0x12c0
[  475.525475][T10320]  gup_fast_fallback+0x1cd4/0x2260
[  475.525495][T10320]  ? is_bpf_text_address+0x26/0x2b0
[  475.525562][T10320]  ? __pfx_gup_fast_fallback+0x10/0x10
[  475.525582][T10320]  ? stack_trace_save+0x9c/0xe0
[  475.525606][T10320]  ? stack_depot_save_flags+0x40/0x900
[  475.525631][T10320]  ? register_lock_class+0x51/0x320
[  475.525662][T10320]  ? pin_user_pages_fast+0x4d/0xb0
[  475.525687][T10320]  iov_iter_extract_pages+0x35a/0x5e0
[  475.525717][T10320]  extract_iter_to_sg+0xe46/0x24e0
[  475.525763][T10320]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  475.525811][T10320]  ? __asan_memset+0x22/0x50
[  475.525834][T10320]  af_alg_get_rsgl+0x436/0x810
[  475.525880][T10320]  aead_recvmsg+0x4cc/0x13f0
[  475.525908][T10320]  ? __lock_acquire+0xab9/0xd20
[  475.525939][T10320]  ? __lock_acquire+0xab9/0xd20
[  475.525976][T10320]  ? __pfx_aead_recvmsg+0x10/0x10
[  475.526001][T10320]  ? __lock_acquire+0xab9/0xd20
[  475.526030][T10320]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  475.526053][T10320]  ? security_socket_recvmsg+0x7e/0x2e0
[  475.526076][T10320]  ? __pfx_aead_recvmsg+0x10/0x10
[  475.526104][T10320]  sock_recvmsg+0x229/0x270
[  475.526139][T10320]  ____sys_recvmsg+0x1c9/0x460
[  475.526175][T10320]  ? __pfx_____sys_recvmsg+0x10/0x10
[  475.526221][T10320]  ? import_iovec+0x74/0xa0
[  475.526244][T10320]  ___sys_recvmsg+0x1b5/0x510
[  475.526276][T10320]  ? __pfx____sys_recvmsg+0x10/0x10
[  475.526327][T10320]  ? __fget_files+0x3a0/0x420
[  475.526366][T10320]  do_recvmmsg+0x307/0x770
[  475.526401][T10320]  ? __pfx_do_recvmmsg+0x10/0x10
[  475.526439][T10320]  ? _copy_from_user+0x94/0xb0
[  475.526475][T10320]  __x64_sys_recvmmsg+0x1af/0x240
[  475.526504][T10320]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  475.526528][T10320]  ? rcu_is_watching+0x15/0xb0
[  475.526563][T10320]  ? do_syscall_64+0xbe/0x3b0
[  475.526598][T10320]  do_syscall_64+0xfa/0x3b0
[  475.526626][T10320]  ? lockdep_hardirqs_on+0x9c/0x150
[  475.526654][T10320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.526673][T10320]  ? clear_bhb_loop+0x60/0xb0
[  475.526699][T10320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.526718][T10320] RIP: 0033:0x7f7c51d8e929
[  475.526737][T10320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.526755][T10320] RSP: 002b:00007f7c52bf2038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  475.526776][T10320] RAX: ffffffffffffffda RBX: 00007f7c51fb5fa0 RCX: 00007f7c51d8e929
[  475.526791][T10320] RDX: 0000000000000002 RSI: 00002000000008c0 RDI: 0000000000000004
[  475.526803][T10320] RBP: 00007f7c52bf2090 R08: 0000200000008000 R09: 0000000000000000
[  475.526816][T10320] R10: 00000000000000cb R11: 0000000000000246 R12: 0000000000000001
[  475.526827][T10320] R13: 0000000000000000 R14: 00007f7c51fb5fa0 R15: 00007fff93f1b988
[  475.526859][T10320]  </TASK>
[  476.579328][ T1208] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  477.422194][ T1208] usb 5-1: Using ep0 maxpacket: 16
[  477.934547][ T1208] usb 5-1: config 0 has an invalid interface number: 3 but max is 0
[  477.956218][ T1208] usb 5-1: config 0 has no interface number 0
[  477.962391][ T1208] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  478.009473][ T1208] usb 5-1: config 0 interface 3 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 32
[  478.061372][ T1208] usb 5-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=68.b5
[  478.096355][ T1208] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.119312][ T1208] usb 5-1: Product: syz
[  478.129365][ T1208] usb 5-1: Manufacturer: syz
[  478.149128][ T1208] usb 5-1: SerialNumber: syz
[  478.154427][T10327] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  478.160739][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  478.186053][ T1208] usb 5-1: config 0 descriptor??
[  478.197397][T10322] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  478.214509][ T1208] ir_toy 5-1:0.3: required endpoints not found
[  479.297928][ T5817] usb 5-1: USB disconnect, device number 25
[  479.304654][    T9] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  479.441187][T10360] overlayfs: failed to resolve './file2': -2
[  479.454185][    T9] usb 6-1: device descriptor read/64, error -71
[  480.446593][    T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  480.782821][    T9] usb 6-1: device descriptor read/64, error -71
[  481.243517][T10387] net_ratelimit: 191 callbacks suppressed
[  481.243609][T10387] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  481.356248][    T9] usb usb6-port1: attempt power cycle
[  482.659663][ T5907] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  482.855674][ T5907] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  482.868472][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.882710][ T5907] usb 1-1: Product: syz
[  482.893036][ T5907] usb 1-1: Manufacturer: syz
[  482.899455][ T5907] usb 1-1: SerialNumber: syz
[  482.909424][T10405] overlayfs: failed to resolve './file2': -2
[  482.948686][ T5907] usb 1-1: config 0 descriptor??
[  483.375868][T10414] netlink: 'syz.2.1275': attribute type 7 has an invalid length.
[  483.561260][ T5817] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  483.599862][T10416] binder: 10406:10416 ioctl 4018620d 0 returned -22
[  483.689497][T10418] binder: 10406:10418 ioctl c018620c 0 returned -14
[  483.745324][ T5907] usb-storage 1-1:0.0: USB Mass Storage device detected
[  483.754118][T10390] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  483.770818][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  483.854171][ T5817] usb 4-1: Using ep0 maxpacket: 32
[  483.879894][ T5817] usb 4-1: config 75 has an invalid interface number: 238 but max is 1
[  483.939319][ T5907] usb 1-1: USB disconnect, device number 19
[  483.940518][ T5817] usb 4-1: config 75 has an invalid interface number: 193 but max is 1
[  483.957212][T10425] FAULT_INJECTION: forcing a failure.
[  483.957212][T10425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.990359][ T5817] usb 4-1: config 75 has no interface number 0
[  484.006900][ T5817] usb 4-1: config 75 has no interface number 1
[  484.013184][T10425] CPU: 0 UID: 0 PID: 10425 Comm: syz.0.1277 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  484.013222][T10425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  484.013235][T10425] Call Trace:
[  484.013244][T10425]  <TASK>
[  484.013253][T10425]  dump_stack_lvl+0x189/0x250
[  484.013286][T10425]  ? __pfx____ratelimit+0x10/0x10
[  484.013314][T10425]  ? __pfx_dump_stack_lvl+0x10/0x10
[  484.013344][T10425]  ? __pfx__printk+0x10/0x10
[  484.013365][T10425]  ? __might_fault+0xb0/0x130
[  484.013400][T10425]  should_fail_ex+0x414/0x560
[  484.013431][T10425]  _copy_from_iter+0x1db/0x16f0
[  484.013464][T10425]  ? rcu_is_watching+0x15/0xb0
[  484.013495][T10425]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  484.013521][T10425]  ? __pfx__copy_from_iter+0x10/0x10
[  484.013555][T10425]  ? __build_skb_around+0x257/0x3e0
[  484.013582][T10425]  ? netlink_sendmsg+0x642/0xb30
[  484.013603][T10425]  ? skb_put+0x11b/0x210
[  484.013629][T10425]  netlink_sendmsg+0x6b2/0xb30
[  484.013662][T10425]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.013693][T10425]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  484.013717][T10425]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.013740][T10425]  __sock_sendmsg+0x219/0x270
[  484.013773][T10425]  ____sys_sendmsg+0x505/0x830
[  484.013803][T10425]  ? __pfx_____sys_sendmsg+0x10/0x10
[  484.013837][T10425]  ? import_iovec+0x74/0xa0
[  484.013859][T10425]  ___sys_sendmsg+0x21f/0x2a0
[  484.013886][T10425]  ? __pfx____sys_sendmsg+0x10/0x10
[  484.013949][T10425]  ? __fget_files+0x2a/0x420
[  484.013974][T10425]  ? __fget_files+0x3a0/0x420
[  484.014012][T10425]  __x64_sys_sendmsg+0x19b/0x260
[  484.014039][T10425]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  484.014074][T10425]  ? __pfx_ksys_write+0x10/0x10
[  484.014095][T10425]  ? rcu_is_watching+0x15/0xb0
[  484.014128][T10425]  ? do_syscall_64+0xbe/0x3b0
[  484.014162][T10425]  do_syscall_64+0xfa/0x3b0
[  484.014190][T10425]  ? lockdep_hardirqs_on+0x9c/0x150
[  484.014225][T10425]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.014245][T10425]  ? clear_bhb_loop+0x60/0xb0
[  484.014270][T10425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.014290][T10425] RIP: 0033:0x7f7c51d8e929
[  484.014308][T10425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.014326][T10425] RSP: 002b:00007f7c52bf2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  484.014349][T10425] RAX: ffffffffffffffda RBX: 00007f7c51fb5fa0 RCX: 00007f7c51d8e929
[  484.014364][T10425] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  484.014376][T10425] RBP: 00007f7c52bf2090 R08: 0000000000000000 R09: 0000000000000000
[  484.014389][T10425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.014401][T10425] R13: 0000000000000000 R14: 00007f7c51fb5fa0 R15: 00007fff93f1b988
[  484.014433][T10425]  </TASK>
[  484.028822][ T5817] usb 4-1: config 75 interface 238 altsetting 4 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  484.325810][   T51] Bluetooth: hci4: command 0x0405 tx timeout
[  484.332223][ T5817] usb 4-1: config 75 interface 238 altsetting 4 bulk endpoint 0xF has invalid maxpacket 64
[  484.342540][ T5817] usb 4-1: config 75 interface 238 altsetting 4 has a duplicate endpoint with address 0xE, skipping
[  484.353543][ T5817] usb 4-1: config 75 interface 193 altsetting 237 has a duplicate endpoint with address 0xF, skipping
[  484.365329][ T5817] usb 4-1: config 75 interface 193 altsetting 237 bulk endpoint 0xD has invalid maxpacket 64
[  484.375931][ T5817] usb 4-1: config 75 interface 193 altsetting 237 has a duplicate endpoint with address 0xD, skipping
[  484.387178][ T5817] usb 4-1: config 75 interface 193 altsetting 237 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  484.399258][ T5817] usb 4-1: config 75 interface 193 altsetting 237 has a duplicate endpoint with address 0x1, skipping
[  484.410375][ T5817] usb 4-1: config 75 interface 193 altsetting 237 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  484.422045][ T5817] usb 4-1: config 75 interface 238 has no altsetting 0
[  484.429002][ T5817] usb 4-1: config 75 interface 193 has no altsetting 0
[  484.439469][ T5817] usb 4-1: New USB device found, idVendor=157e, idProduct=3204, bcdDevice=b8.5f
[  484.449581][ T5817] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.457707][ T5817] usb 4-1: Product: à –
[  484.463178][ T5817] usb 4-1: Manufacturer: Ј
[  484.467781][ T5817] usb 4-1: SerialNumber: syz
[  484.475825][ T5817] usb 4-1: rejected 1 configuration due to insufficient available bus power
[  484.484713][ T5817] usb 4-1: no configuration chosen from 1 choice
[  485.309118][T10429] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  486.566761][ T5824] usb 4-1: USB disconnect, device number 26
[  486.845815][T10443] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  487.086894][T10447] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1284'.
[  487.103216][T10447] openvswitch: netlink: Flow key attr not present in new flow.
[  487.392034][T10445] loop6: detected capacity change from 0 to 524287999
[  487.891067][T10455] netlink: 'syz.4.1286': attribute type 7 has an invalid length.
[  488.285985][T10451] overlayfs: failed to resolve './file2': -2
[  488.958552][T10464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1287'.
[  492.794403][T10467] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  494.002999][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  494.012756][T10468] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  495.116233][T10471] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  495.677510][T10483] syz.4.1293 (10483): drop_caches: 0
[  496.074367][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  497.669872][T10508] netlink: 'syz.3.1299': attribute type 7 has an invalid length.
[  498.154458][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  498.169942][T10502] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  499.899677][T10513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1301'.
[  500.491508][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  500.691331][T10505] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  501.401457][ T5907] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  501.596977][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.603329][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  501.634209][ T5907] usb 4-1: Using ep0 maxpacket: 32
[  501.651986][T10515] loop2: detected capacity change from 0 to 3
[  501.831370][T10515] Dev loop2: unable to read RDB block 3
[  501.844298][T10515]  loop2: unable to read partition table
[  502.444317][T10515] loop2: partition table beyond EOD, truncated
[  502.466961][T10515] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  502.489854][ T5907] usb 4-1: unable to get BOS descriptor or descriptor too short
[  502.518271][ T5907] usb 4-1: too many configurations: 105, using maximum allowed: 8
[  502.551686][ T5907] usb 4-1: unable to read config index 0 descriptor/start: -71
[  502.559580][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  502.565806][ T1208] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  502.574282][T10519] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  502.589780][ T5907] usb 4-1: can't read configurations, error -71
[  502.805256][ T1208] usb 5-1: Using ep0 maxpacket: 8
[  502.812787][ T1208] usb 5-1: unable to get BOS descriptor or descriptor too short
[  502.825900][ T1208] usb 5-1: config 8 has an invalid interface number: 255 but max is 0
[  502.914329][    T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  503.482818][ T1208] usb 5-1: config 8 has no interface number 0
[  503.513422][ T1208] usb 5-1: config 8 interface 255 has no altsetting 0
[  503.533592][ T1208] usb 5-1: string descriptor 0 read error: -22
[  503.547406][ T1208] usb 5-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  503.565930][ T1208] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.614594][T10538] binder: 10536:10538 ioctl c0306201 0 returned -14
[  503.664404][    T9] usb 6-1: Using ep0 maxpacket: 32
[  503.679611][    T9] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  503.724242][    T9] usb 6-1: config 0 has no interface number 0
[  503.888373][    T9] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  503.914112][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.024691][T10541] netlink: 'syz.3.1311': attribute type 21 has an invalid length.
[  504.032684][T10541] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1311'.
[  504.043573][T10541] netlink: 'syz.3.1311': attribute type 6 has an invalid length.
[  504.052547][T10541] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1311'.
[  504.358624][    T9] usb 6-1: Product: syz
[  504.567822][    T9] usb 6-1: Manufacturer: syz
[  504.572520][    T9] usb 6-1: SerialNumber: syz
[  504.585029][    T9] usb 6-1: config 0 descriptor??
[  504.593132][    T9] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  504.638173][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  505.346263][ T1208] catc 5-1:8.255: Can't set altsetting 1.
[  505.405741][    T9] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  505.446236][ T1208] catc 5-1:8.255: probe with driver catc failed with error -5
[  506.241509][T10550] netlink: 'syz.0.1312': attribute type 7 has an invalid length.
[  506.574501][ T1208] usb 5-1: USB disconnect, device number 26
[  506.580990][    T9] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  506.751916][T10554] binder: 10552:10554 ioctl c0306201 200000000340 returned -14
[  507.090980][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  507.124142][ T5878] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  507.155765][ T1208] usb 6-1: USB disconnect, device number 20
[  507.294566][ T1208] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  507.706458][ T1208] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  507.937086][ T1208] quatech2 6-1:0.51: device disconnected
[  509.354496][T10567] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  509.472142][ T5878] usb 1-1: Using ep0 maxpacket: 16
[  510.994764][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  511.023954][T10569] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  511.043115][ T5878] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  511.057730][ T5878] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  511.760172][ T5878] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  511.770449][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.778665][ T5878] usb 1-1: Product: syz
[  511.783384][ T5878] usb 1-1: Manufacturer: syz
[  511.788828][ T5878] usb 1-1: SerialNumber: syz
[  511.883732][ T5878] usb 1-1: can't set config #1, error -71
[  512.061617][ T5878] usb 1-1: USB disconnect, device number 20
[  512.171946][T10597] binder: 10596:10597 ioctl c0306201 0 returned -14
[  512.420159][T10577] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  512.522726][T10604] netlink: 'syz.0.1327': attribute type 21 has an invalid length.
[  512.530780][T10604] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1327'.
[  512.540686][T10604] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1327'.
[  513.133655][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  513.724387][ T1208] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  513.946341][ T1208] usb 6-1: Using ep0 maxpacket: 8
[  514.040809][ T1208] usb 6-1: unable to get BOS descriptor or descriptor too short
[  514.270684][ T1208] usb 6-1: config 8 has an invalid interface number: 255 but max is 0
[  515.042433][ T1208] usb 6-1: config 8 has no interface number 0
[  515.264162][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  515.539241][ T1208] usb 6-1: config 8 interface 255 has no altsetting 0
[  515.647906][ T5907] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  515.917543][ T1208] usb 6-1: string descriptor 0 read error: -71
[  515.923880][ T1208] usb 6-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  515.969147][ T1208] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.086074][ T5907] usb 4-1: Using ep0 maxpacket: 32
[  516.094849][    C0] raw-gadget.1 gadget.3: ignoring, device is not running
[  516.334609][    C0] raw-gadget.1 gadget.3: ignoring, device is not running
[  516.343007][    C0] raw-gadget.1 gadget.3: ignoring, device is not running
[  516.438638][ T5907] usb 4-1: device descriptor read/all, error -32
[  516.551578][T10615] usb usb8: usbfs: process 10615 (syz.4.1330) did not claim interface 0 before use
[  516.551817][ T5824] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  516.633889][ T1208] usb 6-1: can't set config #8, error -71
[  516.786606][ T1208] usb 6-1: USB disconnect, device number 21
[  516.905888][ T5824] usb 3-1: device descriptor read/64, error -71
[  517.151390][ T5824] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  517.454132][ T5824] usb 3-1: device descriptor read/64, error -71
[  518.916501][ T5824] usb usb3-port1: attempt power cycle
[  519.272266][ T5907] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  519.434171][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  519.441239][T10645] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  521.180667][T10646] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  521.716466][T10657] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1341'.
[  522.142253][T10671] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  522.159597][T10671] mkiss: ax0: crc mode is auto.
[  522.343587][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  522.684111][ T6004] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  523.583707][ T6004] usb 6-1: device descriptor read/64, error -71
[  524.044366][ T6004] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  524.284301][ T6004] usb 6-1: device descriptor read/64, error -71
[  524.416401][ T6004] usb usb6-port1: attempt power cycle
[  526.038409][T10704] tmpfs: Bad value for 'mpol'
[  527.554388][T10720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1354'.
[  527.764257][T10721] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1354'.
[  527.773295][T10721] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1354'.
[  528.554440][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  529.384725][T10711] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  529.435128][T10723] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1355'.
[  529.504211][T10712] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  531.995687][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  533.624235][ T5907] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  534.473833][T10739] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1360'.
[  534.512829][T10739] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1360'.
[  534.607612][T10746] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1363'.
[  535.460549][T10751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1362'.
[  535.477358][T10755] No such timeout policy "syz1"
[  535.674619][ T6004] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  535.829765][T10761] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1367'.
[  535.854526][ T6004] usb 5-1: Using ep0 maxpacket: 32
[  535.895543][ T6004] usb 5-1: string descriptor 0 read error: -22
[  535.922527][ T6004] usb 5-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b2.bd
[  535.963139][ T6004] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.986107][ T6004] usb 5-1: config 0 descriptor??
[  536.360202][ T5892] usb 5-1: USB disconnect, device number 27
[  536.449417][T10772] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1369'.
[  542.674310][ T5892] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  542.974164][ T5892] usb 1-1: Using ep0 maxpacket: 8
[  543.064995][T10788] tmpfs: Bad value for 'mpol'
[  543.074765][T10788] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1374'.
[  543.083951][T10788] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1374'.
[  543.093244][T10788] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1374'.
[  543.599364][ T5892] usb 1-1: unable to get BOS descriptor or descriptor too short
[  543.729823][ T5892] usb 1-1: config 8 has an invalid interface number: 255 but max is 0
[  543.788457][ T5892] usb 1-1: config 8 has no interface number 0
[  543.804364][ T5892] usb 1-1: config 8 interface 255 has no altsetting 0
[  543.819203][ T5892] usb 1-1: string descriptor 0 read error: -22
[  543.834582][ T5892] usb 1-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  543.887874][ T5892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.270279][T10804] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1379'.
[  545.557185][ T5892] catc 1-1:8.255: Can't set altsetting 1.
[  545.563038][ T5892] catc 1-1:8.255: probe with driver catc failed with error -5
[  545.579382][ T5892] usb 1-1: USB disconnect, device number 21
[  547.924206][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  547.934156][T10812] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  550.461380][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  551.909765][T10817] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  553.116561][T10838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1391'.
[  554.127694][T10840] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  554.533902][T10843] FAULT_INJECTION: forcing a failure.
[  554.533902][T10843] name failslab, interval 1, probability 0, space 0, times 0
[  555.068225][T10843] CPU: 0 UID: 0 PID: 10843 Comm: syz.4.1392 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  555.068258][T10843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  555.068271][T10843] Call Trace:
[  555.068280][T10843]  <TASK>
[  555.068289][T10843]  dump_stack_lvl+0x189/0x250
[  555.068324][T10843]  ? __pfx____ratelimit+0x10/0x10
[  555.068354][T10843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  555.068383][T10843]  ? __pfx__printk+0x10/0x10
[  555.068410][T10843]  ? __pfx___might_resched+0x10/0x10
[  555.068437][T10843]  ? fs_reclaim_acquire+0x7d/0x100
[  555.068472][T10843]  should_fail_ex+0x414/0x560
[  555.068508][T10843]  should_failslab+0xa8/0x100
[  555.068537][T10843]  __kmalloc_cache_noprof+0x70/0x3d0
[  555.068561][T10843]  ? nf_tables_newtable+0x435/0x1890
[  555.068584][T10843]  ? nla_strcmp+0x106/0x140
[  555.068615][T10843]  nf_tables_newtable+0x435/0x1890
[  555.068662][T10843]  nfnetlink_rcv+0x1132/0x2520
[  555.068726][T10843]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  555.068773][T10843]  ? ref_tracker_free+0x63a/0x7d0
[  555.068832][T10843]  ? __netlink_deliver_tap+0x807/0x850
[  555.068874][T10843]  ? netlink_deliver_tap+0x2e/0x1b0
[  555.068896][T10843]  ? netlink_deliver_tap+0x2e/0x1b0
[  555.068924][T10843]  netlink_unicast+0x75b/0x8d0
[  555.068968][T10843]  netlink_sendmsg+0x805/0xb30
[  555.069018][T10843]  ? __pfx_netlink_sendmsg+0x10/0x10
[  555.069050][T10843]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  555.069075][T10843]  ? __pfx_netlink_sendmsg+0x10/0x10
[  555.069099][T10843]  __sock_sendmsg+0x219/0x270
[  555.069132][T10843]  ____sys_sendmsg+0x505/0x830
[  555.069163][T10843]  ? __pfx_____sys_sendmsg+0x10/0x10
[  555.069203][T10843]  ? import_iovec+0x74/0xa0
[  555.069225][T10843]  ___sys_sendmsg+0x21f/0x2a0
[  555.069265][T10843]  ? __pfx____sys_sendmsg+0x10/0x10
[  555.069328][T10843]  ? __fget_files+0x2a/0x420
[  555.069354][T10843]  ? __fget_files+0x3a0/0x420
[  555.069391][T10843]  __x64_sys_sendmsg+0x19b/0x260
[  555.069418][T10843]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  555.069472][T10843]  ? __pfx_ksys_write+0x10/0x10
[  555.069497][T10843]  ? rcu_is_watching+0x15/0xb0
[  555.069532][T10843]  ? do_syscall_64+0xbe/0x3b0
[  555.069566][T10843]  do_syscall_64+0xfa/0x3b0
[  555.069595][T10843]  ? lockdep_hardirqs_on+0x9c/0x150
[  555.069623][T10843]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.069643][T10843]  ? clear_bhb_loop+0x60/0xb0
[  555.069668][T10843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.069688][T10843] RIP: 0033:0x7fb23e38e929
[  555.069707][T10843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.069725][T10843] RSP: 002b:00007fb23c1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  555.069746][T10843] RAX: ffffffffffffffda RBX: 00007fb23e5b5fa0 RCX: 00007fb23e38e929
[  555.069760][T10843] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003
[  555.069774][T10843] RBP: 00007fb23c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  555.069786][T10843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  555.069798][T10843] R13: 0000000000000000 R14: 00007fb23e5b5fa0 R15: 00007ffe917438b8
[  555.069830][T10843]  </TASK>
[  555.524157][T10741] syz.2.1361 (10741): drop_caches: 1
[  556.094372][ T5892] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  556.284576][ T5892] usb 6-1: Using ep0 maxpacket: 8
[  556.746887][ T5892] usb 6-1: unable to get BOS descriptor or descriptor too short
[  556.760664][ T5892] usb 6-1: config 8 has an invalid interface number: 255 but max is 0
[  556.776557][ T5892] usb 6-1: config 8 has no interface number 0
[  556.794093][ T5892] usb 6-1: config 8 interface 255 has no altsetting 0
[  556.907018][ T5892] usb 6-1: string descriptor 0 read error: -22
[  556.913321][ T5892] usb 6-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  556.941799][ T5892] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.970054][ T5826] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  556.983852][ T5826] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  556.994906][ T5826] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  557.046290][ T5826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  557.055115][ T5826] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  557.393123][ T5892] catc 6-1:8.255: Can't set altsetting 1.
[  557.456722][ T5892] catc 6-1:8.255: probe with driver catc failed with error -5
[  557.653514][ T5892] usb 6-1: USB disconnect, device number 25
[  558.008519][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.171065][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.204381][ T5826] Bluetooth: hci1: command tx timeout
[  559.480614][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.166808][T10886] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1404'.
[  561.070925][T10885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1407'.
[  561.097135][T10885] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1407'.
[  561.115415][ T5892] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  561.400423][ T5826] Bluetooth: hci1: command tx timeout
[  561.894089][ T5892] usb 6-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=7d.08
[  561.914736][ T5892] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.922814][ T5892] usb 6-1: Product: syz
[  561.946956][ T5892] usb 6-1: Manufacturer: syz
[  561.979404][ T5892] usb 6-1: SerialNumber: syz
[  562.063810][ T5892] usb 6-1: config 0 descriptor??
[  562.184967][T10896] netlink: 'syz.4.1410': attribute type 1 has an invalid length.
[  562.604760][ T5892] usb 6-1: can't set config #0, error -71
[  562.638735][ T5892] usb 6-1: USB disconnect, device number 26
[  562.651593][T10902] loop6: detected capacity change from 0 to 524287999
[  562.675040][T10902] buffer_io_error: 1163 callbacks suppressed
[  562.675059][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  562.704202][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  562.867266][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.979186][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.048833][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  563.052750][ T5907] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  563.057658][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  563.096767][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.144686][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.310015][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.329871][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.341347][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.384920][ T5907] usb 4-1: Using ep0 maxpacket: 16
[  563.392128][ T5907] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  563.415093][T10902] ldm_validate_partition_table(): Disk read failed.
[  563.416608][ T5907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  563.433425][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.433538][T10902] Buffer I/O error on dev loop6, logical block 0, async page read
[  563.433765][T10902] Dev loop6: unable to read RDB block 0
[  563.434392][ T5826] Bluetooth: hci1: command tx timeout
[  563.434776][T10902]  loop6: unable to read partition table
[  563.461040][T10902] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  563.610383][ T5907] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  563.661153][ T5907] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  563.671284][T10858] chnl_net:caif_netlink_parms(): no params data found
[  563.711534][ T5907] usb 4-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  563.722533][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.922371][ T5907] usb 4-1: Product: syz
[  563.934564][ T5907] usb 4-1: Manufacturer: syz
[  563.939808][ T5907] usb 4-1: SerialNumber: syz
[  563.947532][ T5907] usb 4-1: config 0 descriptor??
[  563.953273][T10907] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  563.969241][ T5907] mcba_usb 4-1:0.0: Can't find endpoints
[  564.154334][T10926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1417'.
[  565.510112][T10929] FAULT_INJECTION: forcing a failure.
[  565.510112][T10929] name failslab, interval 1, probability 0, space 0, times 0
[  565.523370][T10929] CPU: 0 UID: 0 PID: 10929 Comm: syz.0.1419 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  565.523397][T10929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  565.523409][T10929] Call Trace:
[  565.523417][T10929]  <TASK>
[  565.523425][T10929]  dump_stack_lvl+0x189/0x250
[  565.523458][T10929]  ? __pfx____ratelimit+0x10/0x10
[  565.523486][T10929]  ? __pfx_dump_stack_lvl+0x10/0x10
[  565.523532][T10929]  ? __pfx__printk+0x10/0x10
[  565.523559][T10929]  ? __pfx___might_resched+0x10/0x10
[  565.523586][T10929]  ? fs_reclaim_acquire+0x7d/0x100
[  565.523620][T10929]  should_fail_ex+0x414/0x560
[  565.523649][T10929]  ? xt_alloc_table_info+0x3b/0xa0
[  565.523674][T10929]  should_failslab+0xa8/0x100
[  565.523702][T10929]  __kvmalloc_node_noprof+0x161/0x5f0
[  565.523728][T10929]  ? xt_alloc_table_info+0x3b/0xa0
[  565.523761][T10929]  xt_alloc_table_info+0x3b/0xa0
[  565.523787][T10929]  do_ipt_set_ctl+0x881/0xcd0
[  565.523827][T10929]  ? rcu_is_watching+0x15/0xb0
[  565.523857][T10929]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  565.523900][T10929]  ? __pfx___mutex_lock+0x10/0x10
[  565.523931][T10929]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  565.523985][T10929]  nf_setsockopt+0x26f/0x290
[  565.524011][T10929]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  565.524045][T10929]  do_sock_setsockopt+0x25a/0x3e0
[  565.524070][T10929]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  565.524099][T10929]  ? __fget_files+0x2a/0x420
[  565.524138][ T5826] Bluetooth: hci1: command tx timeout
[  565.524145][T10929]  __x64_sys_setsockopt+0x18b/0x220
[  565.524172][T10929]  do_syscall_64+0xfa/0x3b0
[  565.524200][T10929]  ? lockdep_hardirqs_on+0x9c/0x150
[  565.524229][T10929]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.524253][T10929]  ? clear_bhb_loop+0x60/0xb0
[  565.524279][T10929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.524302][T10929] RIP: 0033:0x7f7c51d8e929
[  565.524323][T10929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  565.524343][T10929] RSP: 002b:00007f7c52bf2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  565.524366][T10929] RAX: ffffffffffffffda RBX: 00007f7c51fb5fa0 RCX: 00007f7c51d8e929
[  565.524383][T10929] RDX: 0000000000000040 RSI: 8001000000000000 RDI: 0000000000000003
[  565.524397][T10929] RBP: 00007f7c52bf2090 R08: 00000000000002a0 R09: 0000000000000000
[  565.524411][T10929] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  565.524425][T10929] R13: 0000000000000000 R14: 00007f7c51fb5fa0 R15: 00007fff93f1b988
[  565.524460][T10929]  </TASK>
[  565.594494][ T5907] usb 4-1: USB disconnect, device number 31
[  565.729430][    C0] vkms_vblank_simulate: vblank timer overrun
[  565.795058][ T5892] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  565.995045][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  566.018614][ T5892] usb 5-1: unable to get BOS descriptor or descriptor too short
[  567.229733][ T5892] usb 5-1: unable to read config index 0 descriptor/start: -71
[  567.229783][ T5892] usb 5-1: can't read configurations, error -71
[  570.287149][T10945] 9pnet_fd: Insufficient options for proto=fd
[  572.551720][T10954] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  572.567871][T10956] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  572.652804][T10974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1428'.
[  572.770700][   T12] bond0 (unregistering): Released all slaves
[  572.829961][T10939] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1420'.
[  573.226608][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  574.140497][T10858] bridge0: port 1(bridge_slave_0) entered blocking state
[  574.154371][T10858] bridge0: port 1(bridge_slave_0) entered disabled state
[  574.177404][T10858] bridge_slave_0: entered allmulticast mode
[  574.210786][T10858] bridge_slave_0: entered promiscuous mode
[  574.254673][T10858] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.305755][T10858] bridge0: port 2(bridge_slave_1) entered disabled state
[  574.313273][T10858] bridge_slave_1: entered allmulticast mode
[  574.331806][T10858] bridge_slave_1: entered promiscuous mode
[  575.251894][T10858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  575.275072][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  575.342559][   T12] hsr_slave_0: left promiscuous mode
[  575.358642][   T12] hsr_slave_1: left promiscuous mode
[  575.477757][ T5892] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  575.494626][   T12] veth1_macvtap: left promiscuous mode
[  575.501352][   T12] veth0_macvtap: left promiscuous mode
[  575.510477][   T12] veth1_vlan: left promiscuous mode
[  575.517115][   T12] veth0_vlan: left promiscuous mode
[  575.716601][ T5892] usb 5-1: Using ep0 maxpacket: 32
[  575.984147][ T5892] usb 5-1: config 0 has an invalid interface number: 36 but max is 0
[  576.063835][ T5892] usb 5-1: config 0 has no interface number 0
[  576.170052][ T5892] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=1b.c4
[  576.554735][ T5892] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.567719][ T5892] usb 5-1: Product: syz
[  576.571985][ T5892] usb 5-1: Manufacturer: syz
[  576.577788][ T5892] usb 5-1: SerialNumber: syz
[  576.598071][ T5892] usb 5-1: config 0 descriptor??
[  577.547417][T11029] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  577.559737][T11028] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  577.869869][T10858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  577.938012][T10858] team0: Port device team_slave_0 added
[  577.953907][T10858] team0: Port device team_slave_1 added
[  577.998656][ T5892] cx82310_eth 5-1:0.36: probe with driver cx82310_eth failed with error -71
[  578.037537][ T5892] cxacru 5-1:0.36: usbatm_usb_probe: bind failed: -19!
[  578.119281][ T5892] usb 5-1: USB disconnect, device number 30
[  578.771951][T10858] batman_adv: batadv0: Adding interface: batadv_slave_0
[  578.799564][T10858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  578.892333][T10858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  578.935999][T10858] batman_adv: batadv0: Adding interface: batadv_slave_1
[  578.952902][T10858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  578.960442][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  578.985626][T10858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  580.071061][T10858] hsr_slave_0: entered promiscuous mode
[  580.645839][T10858] hsr_slave_1: entered promiscuous mode
[  580.652220][T10858] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  580.690561][T10858] Cannot create hsr debugfs directory
[  581.034284][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  581.040440][T11077] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  581.656852][T11093] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  581.815009][T11077] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  582.810562][T11108] bridge0: port 3(wlan0) entered blocking state
[  582.927586][T11108] bridge0: port 3(wlan0) entered disabled state
[  582.996523][T11116] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1465'.
[  583.008249][T11108] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  583.063636][T11108] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  583.114213][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  583.167348][T11108] bridge0: port 3(wlan0) entered blocking state
[  583.174223][T11108] bridge0: port 3(wlan0) entered forwarding state
[  583.874295][T11122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1467'.
[  584.265670][T10858] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  584.303952][T10858] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  584.353800][T11138] tipc: Enabling of bearer <eth:pimreg0> rejected, failed to enable media
[  584.522794][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1468'.
[  584.546500][T10858] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  584.961078][T10858] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  585.194071][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  585.814148][ T5907] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[  586.221359][T10858] 8021q: adding VLAN 0 to HW filter on device bond0
[  586.242648][T10858] 8021q: adding VLAN 0 to HW filter on device team0
[  586.296630][ T6280] bridge0: port 1(bridge_slave_0) entered blocking state
[  586.303838][ T6280] bridge0: port 1(bridge_slave_0) entered forwarding state
[  586.320606][ T5907] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1022, setting to 64
[  586.374063][ T5907] usb 6-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  586.383731][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.410710][ T6280] bridge0: port 2(bridge_slave_1) entered blocking state
[  586.417955][ T6280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  586.458441][ T5907] usb 6-1: config 0 descriptor??
[  586.476014][T11163] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  586.567855][T11173] binder: 11170:11173 ioctl c0306201 2000000003c0 returned -14
[  587.242461][ T5907] usbhid 6-1:0.0: can't add hid device: -71
[  587.281630][ T5907] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  587.351026][ T5907] usb 6-1: USB disconnect, device number 27
[  588.278615][T11195] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1479'.
[  588.503389][T10858] 8021q: adding VLAN 0 to HW filter on device batadv0
[  588.951918][T11212] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  589.011433][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1483'.
[  591.096478][T10858] veth0_vlan: entered promiscuous mode
[  591.142879][T10858] veth1_vlan: entered promiscuous mode
[  591.273685][T10858] veth0_macvtap: entered promiscuous mode
[  591.303325][T10858] veth1_macvtap: entered promiscuous mode
[  591.344946][ T5817] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  591.362472][T10858] batman_adv: batadv0: Interface activated: batadv_slave_0
[  591.375747][T10858] batman_adv: batadv0: Interface activated: batadv_slave_1
[  591.408504][T10858] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  591.434827][T10858] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  591.454278][T10858] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  591.463043][T10858] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  591.504064][ T5817] usb 1-1: Using ep0 maxpacket: 32
[  591.518556][ T5817] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  591.546998][ T5817] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  591.565379][ T5817] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  591.602097][ T5817] usb 1-1: config 1 has no interface number 0
[  591.640233][ T5817] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  591.665442][ T5817] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  591.686668][ T5817] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  591.699904][ T5817] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.740766][ T6258] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.780579][ T6258] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.810383][ T5817] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  593.131305][ T5922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  593.307777][ T5922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  594.258598][ T5817] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  594.924961][T11248] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  594.988331][T11255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  595.045013][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  595.080411][T11250] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  595.093486][T11255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  597.136175][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  598.052062][ T5824] snd_usb_pod 1-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  600.354544][ T9950] usb 1-1: USB disconnect, device number 22
[  600.362527][ T9950] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  602.074200][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  602.082021][T11266] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  604.154463][T11267] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  605.089254][T11291] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1496'.
[  605.118862][T11290] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1388'.
[  605.466489][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  610.934761][T11311] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  611.764179][ T6004] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  612.234113][ T6004] usb 1-1: Using ep0 maxpacket: 8
[  612.275666][ T6004] usb 1-1: unable to get BOS descriptor or descriptor too short
[  612.367184][ T6004] usb 1-1: config 8 has an invalid interface number: 255 but max is 0
[  612.419704][ T6004] usb 1-1: config 8 has no interface number 0
[  612.505480][ T6004] usb 1-1: config 8 interface 255 has no altsetting 0
[  612.603020][T11321] usb usb8: usbfs: process 11321 (syz.5.1505) did not claim interface 0 before use
[  612.701840][ T6004] usb 1-1: string descriptor 0 read error: -22
[  612.733770][ T6004] usb 1-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  612.810727][ T6004] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.004703][ T5907] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  613.356580][T11349] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1511'.
[  613.600103][ T5907] usb 7-1: config 0 has an invalid interface number: 93 but max is 0
[  613.778483][ T5907] usb 7-1: config 0 has no interface number 0
[  613.820665][ T5907] usb 7-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=3f.ac
[  613.861358][ T5907] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.886304][ T5907] usb 7-1: Product: syz
[  613.892936][ T5907] usb 7-1: Manufacturer: syz
[  613.897817][ T5907] usb 7-1: SerialNumber: syz
[  613.907318][ T5907] usb 7-1: config 0 descriptor??
[  614.142200][T11341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  614.192462][ T6004] catc 1-1:8.255: Can't set altsetting 1.
[  614.204782][T11341] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  614.219955][ T6004] catc 1-1:8.255: probe with driver catc failed with error -5
[  614.333274][ T6004] usb 1-1: USB disconnect, device number 23
[  615.442137][T11373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1516'.
[  615.621625][T11375] netlink: zone id is out of range
[  615.626996][T11375] netlink: zone id is out of range
[  615.632226][T11375] netlink: zone id is out of range
[  615.637558][T11375] netlink: zone id is out of range
[  615.642795][T11375] netlink: zone id is out of range
[  615.648059][T11375] netlink: zone id is out of range
[  615.653320][T11375] netlink: zone id is out of range
[  615.658685][T11375] netlink: zone id is out of range
[  615.663907][T11375] netlink: zone id is out of range
[  615.714552][T11375] netlink: 'syz.4.1516': attribute type 3 has an invalid length.
[  616.702914][ T5907] usb_ehset_test 7-1:0.93: probe with driver usb_ehset_test failed with error -32
[  616.719908][ T5907] usb 7-1: USB disconnect, device number 2
[  617.343249][T11393] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1520'.
[  618.228263][ T6280] Bluetooth: hci5: Frame reassembly failed (-84)
[  619.764408][ T5826] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  620.624294][ T6004] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  621.174424][ T6004] usb 7-1: Using ep0 maxpacket: 8
[  621.190792][T11422] netlink: 'syz.3.1526': attribute type 7 has an invalid length.
[  621.454711][ T6004] usb 7-1: unable to get BOS descriptor or descriptor too short
[  621.551729][ T6004] usb 7-1: config 8 has an invalid interface number: 255 but max is 0
[  621.574101][ T6004] usb 7-1: config 8 has no interface number 0
[  621.590087][ T6004] usb 7-1: config 8 interface 255 has no altsetting 0
[  621.657518][ T6004] usb 7-1: string descriptor 0 read error: -22
[  621.698045][ T6004] usb 7-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  621.836624][T11423] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1527'.
[  621.839676][ T6004] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.947464][T11434] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  623.077490][T11436] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  623.541281][ T6004] catc 7-1:8.255: Can't set altsetting 1.
[  623.673460][ T6004] catc 7-1:8.255: probe with driver catc failed with error -5
[  624.089310][T11447] usb usb8: usbfs: process 11447 (syz.3.1530) did not claim interface 0 before use
[  624.146686][ T6004] usb 7-1: USB disconnect, device number 3
[  624.236338][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  624.312168][T11452] cgroup: subsys name conflicts with all
[  624.529569][T11430] usb usb8: usbfs: process 11430 (syz.0.1528) did not claim interface 0 before use
[  624.560124][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  624.566855][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  625.754819][ T9950] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  626.374102][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  626.384443][ T9950] usb 7-1: unable to get BOS descriptor or descriptor too short
[  626.405803][ T9950] usb 7-1: not running at top speed; connect to a high speed hub
[  626.421575][ T9950] usb 7-1: config 1 has an invalid interface number: 138 but max is 0
[  626.430263][ T9950] usb 7-1: config 1 has no interface number 0
[  626.436621][ T9950] usb 7-1: config 1 interface 138 has no altsetting 0
[  626.545375][ T9950] usb 7-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[  626.597931][ T9950] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.663694][T11480] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1535'.
[  626.714725][ T9950] usb 7-1: Product: syz
[  626.783286][ T9950] usb 7-1: Manufacturer: syz
[  626.845469][ T9950] usb 7-1: SerialNumber: syz
[  626.954549][   T51] Bluetooth: hci1: command 0x0405 tx timeout
[  627.786170][ T9950] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  629.272842][ T9950] usb 7-1: USB disconnect, device number 4
[  629.416384][T11503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1543'.
[  631.277462][T10559] udevd[10559]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.138/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  631.987511][T11509] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  631.996401][T11509] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  632.825039][T11527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1551'.
[  636.616200][T11531] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1551'.
[  637.001262][T11543] loop8: detected capacity change from 0 to 16384
[  637.333871][   T30] audit: type=1326 audit(1750881390.946:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11545 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff65358e929 code=0x7ffc0000
[  637.376251][    C0] I/O error, dev loop8, sector 32 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  637.386061][    C0] I/O error, dev loop8, sector 4352 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[  637.397551][T11546] loop8: detected capacity change from 16384 to 0
[  637.409941][    C1] I/O error, dev loop8, sector 32 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  637.419285][    C1] buffer_io_error: 7 callbacks suppressed
[  637.419303][    C1] Buffer I/O error on dev loop8, logical block 4, async page read
[  637.433099][    C1] I/O error, dev loop8, sector 4352 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  637.442637][    C1] Buffer I/O error on dev loop8, logical block 544, async page read
[  637.450778][    C1] I/O error, dev loop8, sector 4360 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  637.460286][    C1] Buffer I/O error on dev loop8, logical block 545, async page read
[  637.468412][    C1] I/O error, dev loop8, sector 4368 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  637.477893][    C1] Buffer I/O error on dev loop8, logical block 546, async page read
[  637.486029][    C1] I/O error, dev loop8, sector 4376 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  637.495519][    C1] Buffer I/O error on dev loop8, logical block 547, async page read
[  637.727812][   T30] audit: type=1326 audit(1750881390.976:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11545 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff65358e929 code=0x7ffc0000
[  637.869234][   T30] audit: type=1326 audit(1750881390.976:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11545 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7ff65358e929 code=0x7ffc0000
[  638.004595][T11562] overlayfs: failed to resolve './file2': -2
[  639.498294][T11577] usb usb8: usbfs: process 11577 (syz.4.1562) did not claim interface 0 before use
[  640.361101][T11588] usb usb8: usbfs: process 11588 (syz.3.1564) did not claim interface 0 before use
[  640.908975][T11591] FAULT_INJECTION: forcing a failure.
[  640.908975][T11591] name failslab, interval 1, probability 0, space 0, times 0
[  641.030613][T11591] CPU: 0 UID: 0 PID: 11591 Comm: syz.6.1566 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  641.030645][T11591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  641.030660][T11591] Call Trace:
[  641.030668][T11591]  <TASK>
[  641.030675][T11591]  dump_stack_lvl+0x189/0x250
[  641.030703][T11591]  ? __pfx____ratelimit+0x10/0x10
[  641.030724][T11591]  ? __pfx_dump_stack_lvl+0x10/0x10
[  641.030746][T11591]  ? __pfx__printk+0x10/0x10
[  641.030765][T11591]  ? __pfx___might_resched+0x10/0x10
[  641.030791][T11591]  should_fail_ex+0x414/0x560
[  641.030812][T11591]  should_failslab+0xa8/0x100
[  641.030834][T11591]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  641.030853][T11591]  ? __alloc_skb+0x112/0x2d0
[  641.030868][T11591]  ? __pfx___mutex_trylock_common+0x10/0x10
[  641.030895][T11591]  __alloc_skb+0x112/0x2d0
[  641.030914][T11591]  netlink_dump+0x22b/0xe20
[  641.030939][T11591]  ? __pfx_netlink_dump+0x10/0x10
[  641.030963][T11591]  ? netlink_lookup+0x30/0x200
[  641.030976][T11591]  ? netlink_lookup+0x30/0x200
[  641.030995][T11591]  __netlink_dump_start+0x5cb/0x7e0
[  641.031014][T11591]  ? nft_netlink_dump_start_rcu+0xb6/0x1a0
[  641.031037][T11591]  nft_netlink_dump_start_rcu+0xdb/0x1a0
[  641.031060][T11591]  nf_tables_getrule_reset+0x1c8/0x600
[  641.031083][T11591]  ? __pfx_nf_tables_getrule_reset+0x10/0x10
[  641.031101][T11591]  ? __pfx_nf_tables_dumpreset_rules_start+0x10/0x10
[  641.031118][T11591]  ? __pfx_nf_tables_dumpreset_rules+0x10/0x10
[  641.031134][T11591]  ? __pfx_nf_tables_dump_rules_done+0x10/0x10
[  641.031161][T11591]  ? __nla_parse+0x40/0x60
[  641.031181][T11591]  ? __pfx_nf_tables_getrule_reset+0x10/0x10
[  641.031202][T11591]  nfnetlink_rcv_msg+0x80b/0x1130
[  641.031225][T11591]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  641.031259][T11591]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  641.031279][T11591]  ? kasan_save_free_info+0x46/0x50
[  641.031337][T11591]  netlink_rcv_skb+0x208/0x470
[  641.031354][T11591]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  641.031376][T11591]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  641.031400][T11591]  ? bpf_lsm_capable+0x9/0x20
[  641.031429][T11591]  ? security_capable+0x7e/0x2e0
[  641.031459][T11591]  nfnetlink_rcv+0x26a/0x2520
[  641.031482][T11591]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  641.031504][T11591]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  641.031524][T11591]  ? __dev_queue_xmit+0x27e/0x3a70
[  641.031543][T11591]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.031566][T11591]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  641.031586][T11591]  ? __pfx___dev_queue_xmit+0x10/0x10
[  641.031628][T11591]  ? ref_tracker_free+0x63a/0x7d0
[  641.031645][T11591]  ? __copy_skb_header+0xa7/0x550
[  641.031663][T11591]  ? __pfx_ref_tracker_free+0x10/0x10
[  641.031680][T11591]  ? __skb_clone+0x63/0x7a0
[  641.031700][T11591]  ? __skb_clone+0x483/0x7a0
[  641.031722][T11591]  ? skb_clone+0x246/0x3a0
[  641.031742][T11591]  ? __netlink_deliver_tap+0x807/0x850
[  641.031757][T11591]  ? netlink_deliver_tap+0x2e/0x1b0
[  641.031777][T11591]  ? netlink_deliver_tap+0x2e/0x1b0
[  641.031791][T11591]  ? netlink_deliver_tap+0x2e/0x1b0
[  641.031810][T11591]  netlink_unicast+0x75b/0x8d0
[  641.031840][T11591]  netlink_sendmsg+0x805/0xb30
[  641.031882][T11591]  ? __pfx_netlink_sendmsg+0x10/0x10
[  641.031905][T11591]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  641.031921][T11591]  ? __pfx_netlink_sendmsg+0x10/0x10
[  641.031938][T11591]  __sock_sendmsg+0x219/0x270
[  641.031962][T11591]  ____sys_sendmsg+0x505/0x830
[  641.031983][T11591]  ? __pfx_____sys_sendmsg+0x10/0x10
[  641.032007][T11591]  ? import_iovec+0x74/0xa0
[  641.032024][T11591]  ___sys_sendmsg+0x21f/0x2a0
[  641.032043][T11591]  ? __pfx____sys_sendmsg+0x10/0x10
[  641.032087][T11591]  ? __fget_files+0x2a/0x420
[  641.032106][T11591]  ? __fget_files+0x3a0/0x420
[  641.032132][T11591]  __x64_sys_sendmsg+0x19b/0x260
[  641.032152][T11591]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  641.032177][T11591]  ? __pfx_ksys_write+0x10/0x10
[  641.032192][T11591]  ? rcu_is_watching+0x15/0xb0
[  641.032217][T11591]  ? do_syscall_64+0xbe/0x3b0
[  641.032242][T11591]  do_syscall_64+0xfa/0x3b0
[  641.032262][T11591]  ? lockdep_hardirqs_on+0x9c/0x150
[  641.032282][T11591]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.032296][T11591]  ? clear_bhb_loop+0x60/0xb0
[  641.032314][T11591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.032328][T11591] RIP: 0033:0x7fc65cb8e929
[  641.032341][T11591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  641.032354][T11591] RSP: 002b:00007fc65d9a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  641.032370][T11591] RAX: ffffffffffffffda RBX: 00007fc65cdb5fa0 RCX: 00007fc65cb8e929
[  641.032380][T11591] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000007
[  641.032393][T11591] RBP: 00007fc65d9a2090 R08: 0000000000000000 R09: 0000000000000000
[  641.032402][T11591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  641.032415][T11591] R13: 0000000000000000 R14: 00007fc65cdb5fa0 R15: 00007ffc2d9878e8
[  641.032438][T11591]  </TASK>
[  642.746556][T11614] overlayfs: failed to resolve './file2': -2
[  644.674556][T11634] usb usb8: usbfs: process 11634 (syz.0.1575) did not claim interface 0 before use
[  645.214350][T11651] net_ratelimit: 13 callbacks suppressed
[  645.214394][T11651] netlink: zone id is out of range
[  645.225457][T11651] netlink: zone id is out of range
[  645.230650][T11651] netlink: zone id is out of range
[  645.236139][T11651] netlink: zone id is out of range
[  645.241421][T11651] netlink: zone id is out of range
[  645.246742][T11651] netlink: zone id is out of range
[  645.251924][T11651] netlink: zone id is out of range
[  645.257187][T11651] netlink: zone id is out of range
[  645.263175][T11651] netlink: zone id is out of range
[  645.269002][T11651] netlink: zone id is out of range
[  645.924209][ T1208] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  645.937174][T11661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1581'.
[  646.155085][ T1208] usb 6-1: Using ep0 maxpacket: 8
[  646.255300][T11665] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1581'.
[  646.306927][T11664] netlink: 'syz.4.1583': attribute type 9 has an invalid length.
[  646.312754][ T1208] usb 6-1: config 1 has an invalid interface number: 12 but max is 0
[  646.327260][T11664] netlink: 'syz.4.1583': attribute type 7 has an invalid length.
[  646.407116][T11664] netlink: 'syz.4.1583': attribute type 8 has an invalid length.
[  646.414523][ T1208] usb 6-1: config 1 has no interface number 0
[  646.453174][ T1208] usb 6-1: config 1 interface 12 has no altsetting 0
[  646.616553][T11664] netlink: 'syz.4.1583': attribute type 13 has an invalid length.
[  646.642726][ T1208] usb 6-1: New USB device found, idVendor=19d2, idProduct=ffcd, bcdDevice=82.c9
[  646.729826][T11673] overlayfs: failed to resolve './file2': -2
[  646.781090][ T1208] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.228132][ T1208] usb 6-1: Product: syz
[  647.244327][ T1208] usb 6-1: SerialNumber: syz
[  647.396227][T11679] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1589'.
[  647.692261][T11690] mmap: syz.4.1591 (11690): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  648.698361][ T1208] option 6-1:1.12: GSM modem (1-port) converter detected
[  648.879800][T11707] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1594'.
[  648.926053][ T1208] usb 6-1: USB disconnect, device number 28
[  649.280190][T11703] usb usb8: usbfs: process 11703 (syz.6.1592) did not claim interface 0 before use
[  649.768410][ T1208] option 6-1:1.12: device disconnected
[  650.656130][T11718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1597'.
[  650.771113][T11723] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1597'.
[  650.814926][ T6004] usb 4-1: new full-speed USB device number 32 using dummy_hcd
[  651.196797][ T6004] usb 4-1: too many endpoints for config 1 interface 0 altsetting 7: 255, using maximum allowed: 30
[  651.204491][T11721] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  651.262540][ T6004] usb 4-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[  651.315962][T11727] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1600'.
[  651.320861][ T6004] usb 4-1: config 1 interface 0 has no altsetting 0
[  651.401580][ T6004] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  651.501565][ T6004] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  651.529973][ T6004] usb 4-1: SerialNumber: syz
[  651.793034][T11715] netlink: 146840 bytes leftover after parsing attributes in process `syz.3.1596'.
[  652.019347][ T5824] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  652.414199][T11751] netlink: 'syz.5.1604': attribute type 3 has an invalid length.
[  652.664401][T11754] input: syz0 as /devices/virtual/input/input30
[  652.702396][    T9] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  652.855502][    T9] usb 1-1: Using ep0 maxpacket: 32
[  652.891390][ T5824] usb 5-1: Using ep0 maxpacket: 32
[  652.900740][T11735] loop2: detected capacity change from 0 to 3
[  652.941405][T11735] Dev loop2: unable to read RDB block 3
[  652.950597][T11735]  loop2: AHDI p1 p2 p3
[  652.979103][T11735] loop2: partition table partially beyond EOD, truncated
[  653.011326][T11735] loop2: p1 start 1601398130 is beyond EOD, truncated
[  653.081652][T11735] loop2: p2 start 1702059890 is beyond EOD, truncated
[  653.340285][T11764] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1608'.
[  653.658311][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  653.666084][ T5824] usb 5-1: unable to get BOS descriptor or descriptor too short
[  653.666153][ T5824] usb 5-1: too many configurations: 105, using maximum allowed: 8
[  653.677423][ T5824] usb 5-1: unable to read config index 0 descriptor/start: -71
[  653.711182][    T9] usb 1-1: too many configurations: 105, using maximum allowed: 8
[  653.720751][ T5824] usb 5-1: can't read configurations, error -71
[  653.738063][    T9] usb 1-1: unable to read config index 0 descriptor/start: -71
[  653.738103][    T9] usb 1-1: can't read configurations, error -71
[  653.844175][ T5907] usb 4-1: USB disconnect, device number 32
[  655.815653][T11795] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1613'.
[  655.822457][T11800] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1616'.
[  655.974130][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  656.214007][    T9] usb 1-1: Using ep0 maxpacket: 32
[  656.240844][    T9] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  656.283066][    T9] usb 1-1: config 0 has no interface number 0
[  656.308515][    T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  656.364241][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.417848][    T9] usb 1-1: Product: syz
[  656.443196][    T9] usb 1-1: Manufacturer: syz
[  656.457470][    T9] usb 1-1: SerialNumber: syz
[  656.486289][    T9] usb 1-1: config 0 descriptor??
[  656.509960][    T9] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  658.280973][    T9] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  658.318960][    T9] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  658.531016][T11828] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1621'.
[  659.235655][    T9] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  660.539589][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[  660.554039][ T5878] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  660.989926][ T5907] usb 1-1: USB disconnect, device number 26
[  661.353096][ T5907] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  661.372627][ T5907] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  661.392697][ T5907] quatech2 1-1:0.51: device disconnected
[  661.514311][    T9] usb 6-1: Using ep0 maxpacket: 32
[  661.718097][    T9] usb 6-1: device descriptor read/all, error -71
[  662.284933][T11857] net_ratelimit: 188 callbacks suppressed
[  662.284994][T11857] netlink: zone id is out of range
[  662.296114][T11857] netlink: zone id is out of range
[  662.301324][T11857] netlink: zone id is out of range
[  662.306575][T11857] netlink: zone id is out of range
[  662.311755][T11857] netlink: zone id is out of range
[  662.317300][T11857] netlink: zone id is out of range
[  662.322491][T11857] netlink: zone id is out of range
[  662.327758][T11857] netlink: zone id is out of range
[  662.332940][T11857] netlink: zone id is out of range
[  662.338179][T11857] netlink: zone id is out of range
[  662.943733][ T5824] kernel write not supported for file bpf-prog (pid: 5824 comm: kworker/1:4)
[  662.984411][T11860] loop6: detected capacity change from 0 to 524287999
[  662.994219][ T5907] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  663.606902][ T5907] usb 4-1: Using ep0 maxpacket: 8
[  663.622707][ T5907] usb 4-1: config 1 has an invalid interface number: 12 but max is 0
[  663.649823][ T5907] usb 4-1: config 1 has no interface number 0
[  663.698049][ T5907] usb 4-1: config 1 interface 12 has no altsetting 0
[  663.727890][ T5907] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffcd, bcdDevice=82.c9
[  663.759656][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.880380][ T5907] usb 4-1: Product: syz
[  663.994817][T11874] overlayfs: failed to resolve './file2': -2
[  664.414108][ T5907] usb 4-1: SerialNumber: syz
[  665.402642][T11882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1633'.
[  665.915888][ T5907] option 4-1:1.12: GSM modem (1-port) converter detected
[  666.011744][ T5907] usb 4-1: USB disconnect, device number 33
[  666.041320][ T5907] option 4-1:1.12: device disconnected
[  667.008910][T11885] usb usb8: usbfs: process 11885 (syz.6.1634) did not claim interface 0 before use
[  669.710463][T11941] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1647'.
[  669.864999][T11945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1645'.
[  671.823343][T11949] usb usb8: usbfs: process 11949 (syz.5.1648) did not claim interface 0 before use
[  672.028538][T11976] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1653'.
[  672.240373][T11981] binder: 11980:11981 ioctl c0306201 0 returned -14
[  672.879049][T11989] netlink: 'syz.3.1656': attribute type 21 has an invalid length.
[  672.887073][T11989] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1656'.
[  672.896352][T11989] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1656'.
[  672.926965][T11992] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1657'.
[  673.814774][ T5878] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  674.255422][ T5878] usb 4-1: Using ep0 maxpacket: 16
[  674.288155][ T5878] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  674.914919][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.979342][ T5878] usb 4-1: config 0 descriptor??
[  675.264767][T12022] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1663'.
[  675.546425][T12019] netlink: 'syz.0.1664': attribute type 1 has an invalid length.
[  675.992895][ T5878] koneplus 0003:1E7D:2E22.000B: unknown main item tag 0x0
[  676.041588][ T5878] koneplus 0003:1E7D:2E22.000B: unknown main item tag 0x0
[  676.067856][ T5878] koneplus 0003:1E7D:2E22.000B: unknown main item tag 0x0
[  676.103705][ T5878] koneplus 0003:1E7D:2E22.000B: unknown main item tag 0x0
[  676.123357][ T5878] koneplus 0003:1E7D:2E22.000B: unknown main item tag 0x0
[  676.158028][ T5878] koneplus 0003:1E7D:2E22.000B: hidraw0: USB HID v20.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0
[  676.202088][ T5878] usb 4-1: USB disconnect, device number 34
[  676.264642][ T5824] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  676.424065][ T5824] usb 1-1: Using ep0 maxpacket: 32
[  676.455997][T12027] loop2: detected capacity change from 0 to 3
[  676.474391][T12027] Dev loop2: unable to read RDB block 3
[  676.496771][T12027]  loop2: AHDI p1 p2 p3
[  676.516078][T12027] loop2: partition table partially beyond EOD, truncated
[  676.523368][T12027] loop2: p1 start 1601398130 is beyond EOD, truncated
[  676.556475][T12027] loop2: p2 start 1702059890 is beyond EOD, truncated
[  676.570791][T12036] fido_id[12036]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  676.595052][ T5824] usb 1-1: unable to get BOS descriptor or descriptor too short
[  676.596777][ T6004] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  676.602795][ T5824] usb 1-1: too many configurations: 105, using maximum allowed: 8
[  676.705853][ T5824] usb 1-1: unable to read config index 0 descriptor/start: -71
[  676.727361][ T5824] usb 1-1: can't read configurations, error -71
[  676.815093][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  676.910740][ T6004] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  677.078884][ T6004] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  677.185852][T12058] 9pnet_fd: Insufficient options for proto=fd
[  677.297542][ T6004] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  677.495631][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.538684][ T6004] usb 7-1: config 0 descriptor??
[  677.729000][T12065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1675'.
[  677.738208][T12065] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1675'.
[  678.085912][T12065] geneve3: entered promiscuous mode
[  678.148052][T12065] geneve3: entered allmulticast mode
[  679.117776][T12080] netlink: 'syz.4.1679': attribute type 1 has an invalid length.
[  679.184701][T12082] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1679'.
[  679.338413][T12080] 8021q: adding VLAN 0 to HW filter on device bond1
[  679.448680][T12080] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1679'.
[  679.666306][ T6004] usbhid 7-1:0.0: can't add hid device: -71
[  679.684372][T12099] tipc: Started in network mode
[  679.686753][ T6004] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  679.691664][T12099] tipc: Node identity , cluster identity 4711
[  680.322138][ T6004] usb 7-1: USB disconnect, device number 6
[  680.643084][   T30] audit: type=1326 audit(1750881434.256:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  681.687082][   T30] audit: type=1326 audit(1750881434.296:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  681.798577][   T30] audit: type=1326 audit(1750881434.296:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  681.946454][   T30] audit: type=1326 audit(1750881434.296:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  681.968327][   T30] audit: type=1326 audit(1750881434.296:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7c51d8d290 code=0x7ffc0000
[  682.034006][   T30] audit: type=1326 audit(1750881434.296:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  682.194114][ T6004] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  682.325857][   T30] audit: type=1326 audit(1750881434.296:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  682.348732][   T30] audit: type=1326 audit(1750881434.306:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  682.385893][   T30] audit: type=1326 audit(1750881434.306:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  682.416135][ T6004] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  682.542678][ T6004] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  682.810793][ T6004] usb 7-1: config 0 interface 0 has no altsetting 0
[  682.973774][   T30] audit: type=1326 audit(1750881434.306:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12107 comm="syz.0.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c51d8e929 code=0x7ffc0000
[  683.036666][T12139] tmpfs: Unknown parameter 'grpqarz5p±¦2Ékë)Râ
[  683.036666][T12139] TΦ'
[  683.124222][ T6004] usb 7-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  683.142128][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.171036][ T6004] usb 7-1: config 0 descriptor??
[  683.182432][T12144] net_ratelimit: 187 callbacks suppressed
[  683.182450][T12144] openvswitch: netlink: ct_state flags bac50945 unsupported
[  683.674148][T12117] Bluetooth: hci1: command 0x0405 tx timeout
[  683.699105][T12156] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1699'.
[  683.878156][ T6004] hid-steam 0003:28DE:1102.000C: unknown main item tag 0x0
[  683.878194][ T6004] hid-steam 0003:28DE:1102.000C: unknown main item tag 0x0
[  683.879225][ T6004] hid-steam 0003:28DE:1102.000C: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.6-1/input0
[  683.886436][T12123] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.886909][T12123] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  683.936587][ T6004] hid-steam 0003:28DE:1102.000C: Steam Controller 'XXXXXXXXXX' connected
[  684.084965][ T6004] input: Steam Controller as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:28DE:1102.000C/input/input31
[  685.014024][ T6004] hid-steam 0003:28DE:1102.000D: unknown main item tag 0x0
[  685.014166][ T6004] hid-steam 0003:28DE:1102.000D: unknown main item tag 0x0
[  685.514126][T12154] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  685.554447][ T6004] hid-steam 0003:28DE:1102.000D: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.6-1/input0
[  685.711251][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  685.711327][T12157] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  685.848743][T12117] Bluetooth: hci1: command 0x0405 tx timeout
[  685.981410][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  685.981574][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  687.639454][ T6004] usb 7-1: USB disconnect, device number 7
[  687.754972][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  689.406007][T12183] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  690.314816][ T6004] hid-steam 0003:28DE:1102.000C: Steam Controller 'XXXXXXXXXX' disconnected
[  690.414362][ T5817] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  692.654025][ T5817] usb 5-1: Using ep0 maxpacket: 8
[  692.811134][T12195] random: crng reseeded on system resumption
[  692.842400][ T5817] usb 5-1: device descriptor read/all, error -71
[  692.849619][T12205] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1710'.
[  692.913046][T12207] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1710'.
[  693.069625][T12203] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x3e7ff4c pfn:0x63df8
[  693.171959][T12203] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  693.209766][T12203] memcg:ffff88801cef3200
[  693.214642][T12203] flags: 0xfff00000000041(locked|head|node=0|zone=1|lastcpupid=0x7ff)
[  693.242778][T12203] raw: 00fff00000000041 0000000000000000 dead000000000122 0000000000000000
[  693.393561][T12226] Cannot find del_set index 2 as target
[  693.407767][T12203] raw: 0000000003e7ff4c 0000000000000000 00000001ffffffff ffff88801cef3200
[  693.419506][T12203] head: 00fff00000000041 0000000000000000 dead000000000122 0000000000000000
[  693.449181][T12226] netlink: 'syz.3.1713': attribute type 13 has an invalid length.
[  694.000343][T12203] head: 0000000003e7ff4c 0000000000000000 00000001ffffffff ffff88801cef3200
[  694.029803][T12203] head: 00fff00000000202 ffffea00018f7e01 00000000ffffffff 00000000ffffffff
[  694.059317][T12203] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  694.124753][T12203] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping))
[  694.155237][T12203] page_owner tracks the page as allocated
[  694.169586][T12237] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1718'.
[  694.171716][T12203] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 12203, tgid 12203 (syz.6.1710), ts 693069588369, free_ts 678454786969
[  694.239633][T12237] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1718'.
[  694.272248][T12203]  post_alloc_hook+0x240/0x2a0
[  694.286967][T12203]  get_page_from_freelist+0x21d5/0x22b0
[  694.334802][T12203]  __alloc_frozen_pages_noprof+0x181/0x370
[  694.342808][T12203]  alloc_pages_mpol+0x232/0x4a0
[  694.351652][T12203]  alloc_pages_noprof+0xa9/0x190
[  694.356936][T12203]  folio_alloc_noprof+0x1e/0x30
[  694.361900][T12203]  filemap_alloc_folio_noprof+0xdf/0x470
[  694.372544][T12203]  page_cache_ra_order+0x5e5/0xc70
[  694.388476][T12203]  do_sync_mmap_readahead+0x4b5/0x5f0
[  694.396312][T12203]  filemap_fault+0x62a/0x1200
[  694.401239][T12203]  __do_fault+0x135/0x390
[  694.409530][T12203]  __handle_mm_fault+0x198b/0x5620
[  694.416264][T12203]  handle_mm_fault+0x2d5/0x7f0
[  694.421352][T12203]  do_user_addr_fault+0xa81/0x1390
[  694.430413][T12203]  exc_page_fault+0x76/0xf0
[  694.436110][T12203]  asm_exc_page_fault+0x26/0x30
[  694.441097][T12203] page last free pid 5892 tgid 5892 stack trace:
[  694.451502][T12203]  __free_frozen_pages+0xc65/0xe60
[  694.456849][T12203]  stack_depot_save_flags+0x445/0x900
[  694.462440][T12203]  kasan_save_track+0x4f/0x80
[  694.471168][T12203]  __kasan_kmalloc+0x93/0xb0
[  694.477494][T12203]  __kmalloc_cache_noprof+0x230/0x3d0
[  694.483021][T12203]  ref_tracker_alloc+0x133/0x460
[  694.493366][T12203]  dst_init+0xd9/0x450
[  694.499701][T12203]  dst_alloc+0x12a/0x170
[  694.504299][T12203]  ip6_pol_route+0xa21/0x1180
[  694.509093][T12203]  fib6_rule_lookup+0x348/0x6f0
[  694.516648][T12203]  ip6_route_output_flags+0x364/0x5d0
[  694.522130][T12203]  ip6_dst_lookup_tail+0x1ae/0x1510
[  694.528385][T12203]  ip6_dst_lookup_flow+0x47/0xe0
[  694.533443][T12203]  udp_tunnel6_dst_lookup+0x234/0x3c0
[  694.539657][T12203]  geneve_xmit+0xd2e/0x2b70
[  694.546703][T12203]  dev_hard_start_xmit+0x2d4/0x830
[  694.577768][T12203] ------------[ cut here ]------------
[  694.583284][T12203] kernel BUG at mm/filemap.c:868!
[  694.622186][T12203] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  694.628484][T12203] CPU: 0 UID: 0 PID: 12203 Comm: syz.6.1710 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  694.640559][T12203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  694.650714][T12203] RIP: 0010:__filemap_add_folio+0x11ad/0x12f0
[  694.656796][T12203] Code: fe c8 ff 4c 89 e7 48 c7 c6 a0 37 94 8b e8 4b 99 0e 00 90 0f 0b e8 53 fe c8 ff 4c 89 e7 48 c7 c6 80 2e 94 8b e8 34 99 0e 00 90 <0f> 0b e8 3c fe c8 ff 4c 89 e7 48 c7 c6 a0 37 94 8b e8 1d 99 0e 00
[  694.676424][T12203] RSP: 0018:ffffc9000bd77680 EFLAGS: 00010246
[  694.682515][T12203] RAX: c9ce159ea4c7a900 RBX: 0000000000000002 RCX: 0000000000000000
[  694.690496][T12203] RDX: 0000000000000007 RSI: ffffffff8d96ea60 RDI: 00000000ffffffff
[  694.698484][T12203] RBP: ffffc9000bd777e8 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e
[  694.706464][T12203] R10: dffffc0000000000 R11: fffffbfff1f3fc3f R12: ffffea00018f7e00
[  694.714448][T12203] R13: dffffc0000000000 R14: ffffea00018f7e08 R15: 0000000000000004
[  694.722431][T12203] FS:  000055559242e500(0000) GS:ffff888125c83000(0000) knlGS:0000000000000000
[  694.731395][T12203] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  694.737986][T12203] CR2: 00007ff65377e2d8 CR3: 0000000031c3c000 CR4: 00000000003526f0
[  694.745974][T12203] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  694.753958][T12203] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  694.761933][T12203] Call Trace:
[  694.765223][T12203]  <TASK>
[  694.768162][T12203]  ? percpu_ref_put+0x19/0x180
[  694.772956][T12203]  ? __pfx___filemap_add_folio+0x10/0x10
[  694.778601][T12203]  ? percpu_ref_put+0xf9/0x180
[  694.783381][T12203]  filemap_add_folio+0xd5/0x270
[  694.788248][T12203]  page_cache_ra_order+0x74c/0xc70
[  694.793374][T12203]  do_sync_mmap_readahead+0x4b5/0x5f0
[  694.798760][T12203]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[  694.804670][T12203]  ? count_memcg_event_mm+0x1d/0x250
[  694.809964][T12203]  ? count_memcg_event_mm+0x1d/0x250
[  694.815270][T12203]  filemap_fault+0x62a/0x1200
[  694.819964][T12203]  ? __pagetable_ctor+0x253/0x340
[  694.824997][T12203]  ? __pfx_filemap_fault+0x10/0x10
[  694.830118][T12203]  ? rcu_is_watching+0x15/0xb0
[  694.834903][T12203]  ? __raw_spin_lock_init+0x45/0x100
[  694.840285][T12203]  __do_fault+0x135/0x390
[  694.844644][T12203]  __handle_mm_fault+0x198b/0x5620
[  694.849762][T12203]  ? __lock_acquire+0xab9/0xd20
[  694.854637][T12203]  ? __pfx___handle_mm_fault+0x10/0x10
[  694.860106][T12203]  ? lock_vma_under_rcu+0xf8/0x710
[  694.865250][T12203]  ? lock_vma_under_rcu+0xf8/0x710
[  694.870380][T12203]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  694.875939][T12203]  handle_mm_fault+0x2d5/0x7f0
[  694.880728][T12203]  do_user_addr_fault+0xa81/0x1390
[  694.885856][T12203]  ? rcu_is_watching+0x15/0xb0
[  694.890632][T12203]  ? trace_page_fault_user+0x84/0x1e0
[  694.896015][T12203]  exc_page_fault+0x76/0xf0
[  694.900535][T12203]  asm_exc_page_fault+0x26/0x30
[  694.905414][T12203] RIP: 0033:0x7fc65ca54e53
[  694.909836][T12203] Code: 48 85 c0 74 1b 48 83 f8 01 0f 85 3b 03 00 00 0f b7 44 24 18 66 c1 c0 08 0f b7 c0 48 89 44 24 18 48 8b 44 24 10 0f b7 54 24 18 <66> 89 10 e9 82 fe ff ff 48 83 3c 24 08 0f 85 a1 02 00 00 48 8b 44
[  694.929458][T12203] RSP: 002b:00007ffc2d987a10 EFLAGS: 00010246
[  694.935539][T12203] RAX: 000020000057eff8 RBX: 0000000000000002 RCX: 0000000000000000
[  694.943532][T12203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055559242e3c8
[  694.951516][T12203] RBP: 00007ffc2d987b18 R08: 0000000000000000 R09: 0000000000000000
[  694.959502][T12203] R10: 0000000000000000 R11: 0000000000000000 R12: 00007fc65cdb616c
[  694.967482][T12203] R13: 00007ffc2d987b40 R14: fffffffffffffffe R15: 00007ffc2d987b60
[  694.975489][T12203]  </TASK>
[  694.978536][T12203] Modules linked in:
[  694.984204][T12203] ---[ end trace 0000000000000000 ]---
[  695.003823][T12203] RIP: 0010:__filemap_add_folio+0x11ad/0x12f0
[  695.010183][T12203] Code: fe c8 ff 4c 89 e7 48 c7 c6 a0 37 94 8b e8 4b 99 0e 00 90 0f 0b e8 53 fe c8 ff 4c 89 e7 48 c7 c6 80 2e 94 8b e8 34 99 0e 00 90 <0f> 0b e8 3c fe c8 ff 4c 89 e7 48 c7 c6 a0 37 94 8b e8 1d 99 0e 00
[  695.116473][T12203] RSP: 0018:ffffc9000bd77680 EFLAGS: 00010246
[  695.145647][T12203] RAX: c9ce159ea4c7a900 RBX: 0000000000000002 RCX: 0000000000000000
[  695.155087][T12203] RDX: 0000000000000007 RSI: ffffffff8d96ea60 RDI: 00000000ffffffff
[  695.175652][T12203] RBP: ffffc9000bd777e8 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e
[  695.194186][T12203] R10: dffffc0000000000 R11: fffffbfff1f3fc3f R12: ffffea00018f7e00
[  695.203114][T12203] R13: dffffc0000000000 R14: ffffea00018f7e08 R15: 0000000000000004
[  695.212537][T12203] FS:  000055559242e500(0000) GS:ffff888125d83000(0000) knlGS:0000000000000000
[  695.225355][T12203] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  695.232648][T12203] CR2: 00007fff2ba20708 CR3: 0000000031c3c000 CR4: 00000000003526f0
[  695.243334][T12203] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  695.252768][T12203] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  695.261304][T12203] Kernel panic - not syncing: Fatal exception
[  695.267758][T12203] Kernel Offset: disabled
[  695.272092][T12203] Rebooting in 86400 seconds..