last executing test programs:

26m27.229871329s ago: executing program 3 (id=84):
r0 = socket(0x400000010, 0x3, 0x0)
write(r0, &(0x7f0000000200)="fc0000001400073eac093a00090007000aab0800080000000400e293210001c000000000060000000100000009000600fa2c1eff8656aaa79bffffffff0000002d00024000036c6c256f1a272fdf0d11512fd633d4400007f60eb8fa2e6b00000016fd368934d07302ade01720d7d5bbc91a3e2e80772c05f70c9ddef2fe082038f4f8b29d3ef3d92883170efdffffff3ae4f50504000000000040d815b2ccd243f295edbabc7c3f1a5f4e023dd16b176e83df150c3b8829a1ad0a4f41f0d48f6f0000080548deac270e37429f3694dec896592d69d381873cf1582740000000000000001ace36f071d0c22700"/252, 0xfc)

26m26.958810272s ago: executing program 3 (id=85):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {0x3}, {}, @raw32={[0x0, 0x0, 0xfffe]}}], 0x1c)

26m25.794889883s ago: executing program 3 (id=91):
bind$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
socket$inet6(0xa, 0x3, 0x87)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsopen(0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

26m24.586691052s ago: executing program 3 (id=97):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x10, 0x2, 0x0)
write(r6, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg$unix(r6, &(0x7f00000048c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002102, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r7 = dup(r1)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000003a00)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f00000000c0)="8db4c6d3916872c4d26e8e39f30e9ce9ab2f204389cf53c6", 0x18)
r9 = accept$alg(r8, 0x0, 0x0)
sendmsg$alg(r9, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
readv(r9, &(0x7f0000000780)=[{&(0x7f0000000280)=""/165, 0xa5}], 0x1)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@cache_fscache}], [], 0x6b}})
truncate(&(0x7f0000000080)='./file0\x00', 0x101000)

26m23.65522164s ago: executing program 3 (id=100):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x1c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}]}], {0x14}}, 0x90}}, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000100000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount$9p_rdma(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)={'trans=rdma,', {}, 0x2c, {[], [{@obj_type={'obj_type', 0x3d, ','}}]}})
sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)={0x34, 0x15, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x34}}, 0x100)

26m21.408814465s ago: executing program 3 (id=113):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r1, r0, 0x0, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./file0\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000600)=ANY=[@ANYBLOB="010000000000000099000040"])
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
r9 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r9, 0xc018aa3f, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r10 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341)
ioctl$USBDEVFS_IOCTL(r10, 0xc00c5512, &(0x7f0000000200))
ioctl$USBDEVFS_BULK(r10, 0xc0185502, &(0x7f0000000140)={{{0x1, 0x1}}, 0x4, 0x7b12d845, &(0x7f0000000040)="8277f4c7"})

26m5.516742588s ago: executing program 32 (id=113):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r1, r0, 0x0, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./file0\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000600)=ANY=[@ANYBLOB="010000000000000099000040"])
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
r9 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r9, 0xc018aa3f, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r10 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341)
ioctl$USBDEVFS_IOCTL(r10, 0xc00c5512, &(0x7f0000000200))
ioctl$USBDEVFS_BULK(r10, 0xc0185502, &(0x7f0000000140)={{{0x1, 0x1}}, 0x4, 0x7b12d845, &(0x7f0000000040)="8277f4c7"})

10.99926134s ago: executing program 0 (id=5251):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
msgsnd(0x0, 0x0, 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r3 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[])
syz_fuse_handle_req(r2, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
execve(0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x17}, @in6=@loopback, 0x0, 0x0, 0x0, 0x40, 0xa, 0x80, 0x80, 0x89}, {0x0, 0x5, 0x0, 0x9}, {}, 0x0, 0x0, 0x0, 0x1}, {{@in6=@remote, 0x0, 0x6c}, 0x0, @in6=@mcast2, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
socket$nl_generic(0x10, 0x3, 0x10)
mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r6=>0x0})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c070054001280080001006873720048000280050003000805d600050003000500000005000300fd00000008000200", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r6], 0x90}}, 0x40000)

10.718686784s ago: executing program 0 (id=5255):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0xfffffffffffffffd, &(0x7f0000000600)={<r1=>0xffffffffffffffff}, 0x111, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @mcast2}, r1}}, 0x30)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
r2 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000400)=ANY=[@ANYBLOB='@7\r'], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000540)={0x2c, &(0x7f00000002c0)={0x40, 0x5, 0x28, "3b53ec3d8a23028150a405fad965dae1455b4f60a5c4163a846bb5613497edb04f7757b3daac0e40"}, 0x0, 0x0, 0x0, 0x0})
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_usb_control_io$printer(r2, &(0x7f00000008c0)={0x14, &(0x7f0000000780)={0x40, 0x3, 0x80, {0x80, 0x30, "61c506b6287ea39581f7eb49bd647e110d73007b2e6e0aacbb8ffd53c2def86d7a797a0acabe8b7cbaf6d2bd9482774bf6ef144ff93661847b719e96b42762f15e4a1cca2a05691955cc524ff846d44e62aef4e733912a14802f717a2d3eb8caa747427fce4a354ca3ea291ceb8f9cde0cece7d9331a97346161f9c5b177"}}, &(0x7f0000000840)={0x0, 0x3, 0x4, @lang_id={0x4}}}, &(0x7f0000000ac0)={0x34, &(0x7f0000000900)={0x40, 0xf, 0x2a, "1784cd3633887d52cd29d7d36ef9e88410c41b403a51c8d96b9e5115d461155ce8d32a27dc3588ce0cae"}, &(0x7f0000000940)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000980)={0x0, 0x8, 0x1, 0x9}, &(0x7f00000009c0)={0x20, 0x0, 0x5e, {0x5c, "8d245f3b080bfb5c1241fd9a0855a55ddc6e794827f1c8e7e7e7bb7b790f0fd7ae1cfd971055b81d3fa2f9e6d5f6b6e09a58ac6b8122983933f6a259b3627968315af37c62688bcc4dff5f55787367685e0b4352b9a99a7f7dad24cf"}}, &(0x7f0000000a40)={0x20, 0x1, 0x1, 0xf3}, &(0x7f0000000a80)={0x20, 0x0, 0x1, 0xa}})
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_usb_control_io$hid(r2, &(0x7f0000000440)={0x24, &(0x7f0000000040)={0x20, 0x9, 0xb5, {0xb5, 0xe, "7b057094862ca39daf611750d29930a7d26900869925d3652177216fe2533d2b5c496774720e5701e934e595c3a94007af860a80a00c3dfb731f4f3ff5d543f838f73fc4ae9dd6de5a009a23ad651c20f16c0de4c6115b98e11b227debb321c386c43f7388d9798407717e76dee7a2f639d9e630340bf1010ed835975b1091a6e0a78958c564e0915548a511d673ef46a42c75af3b9207115d346ab2f872f36ba90515e5265f8ecb757a5cc2e1dbbbd378be7a"}}, &(0x7f0000000100)={0x0, 0x3, 0x28, @string={0x28, 0x3, "a448e9541df50611df7911934afb821ad42e2c0c096abe0b0cfe6ccd6561e69762e2a086d7b6"}}, &(0x7f0000000180)={0x0, 0x22, 0x11, {[@global=@item_4={0x3, 0x1, 0x7, '\b6S-'}, @main=@item_012={0x1, 0x0, 0x0, "f1"}, @main=@item_012={0x1, 0x0, 0xc, "8e"}, @main=@item_012={0x2, 0x0, 0xb, "f342"}, @main=@item_4={0x3, 0x0, 0xc, "04762b72"}]}}, &(0x7f0000000380)={0x0, 0x21, 0x9, {0x9, 0x21, 0x3, 0x9, 0x1, {0x22, 0xfd6}}}}, &(0x7f0000000700)={0x2c, &(0x7f0000000480)={0x0, 0x12, 0xb9, "fe6535b971711997a0835c529fe1bc08a7b2c136e49ac8a4d7af6f020bfe8f72bc3eeaba75c15bcd5fdd1bff9b165ce523e67bc6ea43a1738adaed10b3e9f9a9f8b356bc26d8d5d531d1b51b0bae89ab87550974c9bb986412fc21005718519f4995e7d33ee4a1448da5ff8e396ad2d62890981212a0a11a71a93b06f130503a830a3b80f4d5f18b3d720fbee044083552ac46d9428523818249d4f157664a7414d0b0ba7cdb08ff2f21edffb9552c80cce0157c780739d20e"}, &(0x7f0000000580)={0x0, 0xa, 0x1, 0x9}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000600)={0x20, 0x1, 0x81, "bb2420922af0d0867cf3eb780ddccfab6532cce30874d88e4c704a27bc79f952bb3c191800d0d2a2e5f0ea8951fbb781dbce0464f961dfe3119e6268fee7e901fba87370a5350ef145b0829d25f72a8d856001b3fa420bda95229ae104c9dd46278153b5e096922a320f6ca0010a485b8b7432471b85353b304b445d9c36cd96de"}, &(0x7f00000006c0)={0x20, 0x3, 0x1, 0x48}})
ioctl$VIDIOC_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f00000002c0)={0x0, 0x0, '\x00', @bt={0x1, 0x5, 0x3, 0x7, 0x4, 0x7, 0xd, 0x5}})
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000b00), 0x2, 0x20000)
mmap$usbfs(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xd, 0x2010, r5, 0x8)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000880), 0xffffffffffffffff)
r8 = syz_open_dev$evdev(&(0x7f0000000b40), 0x4, 0x2)
ioctl$EVIOCGMASK(r8, 0x80104592, &(0x7f0000000c80)={0x14, 0xe2, &(0x7f0000000b80)="1600f52fd2829332b448d0dafab6006992cf463111a67cbe7ae52ce45bbffa231001b3df81d0f881a887d9a4b1a4cf2100dbe97e51620e7514b6cd46027249b72a5b071eb2f74525145ce3149f7ff8402eafd825fb23f5f62de049c69e8d187177d59605fe93b8c928c375b1ea2c85795405928239f1e2244c3376027cefd6fc5b6dfa3739a3e3bb41ade3918a8787df076a68539edd2ddbe29a03e25f0031e272860764940f11c5c1208d465bc4cee4644f998d15e183cfbdf82f01603f67d2c4988a0cc8e55ff4a5aa294f2dc53bb8566e3443832bfb5baf53d68848b0391a70e6"})
sendmsg$NBD_CMD_RECONFIGURE(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x1c, r7, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0)

8.210061294s ago: executing program 2 (id=5262):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000600)=@nat={'nat\x00', 0x1b, 0x5, 0x490, 0x2f8, 0x208, 0xffffffff, 0xf0, 0x208, 0x458, 0x458, 0xffffffff, 0x458, 0x458, 0x5, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x1, @ipv4=@rand_addr=0x64010101, @ipv4=@rand_addr=0x64010102, @port=0x4e21, @gre_key=0x4933}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0x2a}, [0xff, 0xffffffff, 0xff000000, 0xff], [0x0, 0xffffff00, 0xffffff00], 'veth1_macvtap\x00', 'nicvf0\x00', {}, {0xff}, 0x84, 0x0, 0x0, 0x10}, 0xf802, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x16, @ipv6=@loopback, @ipv4=@dev={0xac, 0x14, 0x14, 0x2c}, @icmp_id=0x66, @gre_key=0x9}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast1, [0xff000000, 0xffffff00, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0x7fffff7f], 'veth0_virt_wifi\x00', 'bridge0\x00', {0xff}, {0xff}, 0x32, 0x1, 0xc}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x15, @ipv6=@local, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @gre_key=0x2, @port=0x4e24}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x19, @ipv4=@rand_addr=0x64010100, @ipv6=@mcast2, @gre_key=0x3, @port=0x4e21}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0)

7.845542587s ago: executing program 2 (id=5266):
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x64}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$drirender128(0xffffffffffffff9c, 0x0, 0x2e440, 0x0)
r2 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f00000025c0)='8', 0x1}], 0x1)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff, 0x2c, 0x0, @val=@iter={&(0x7f0000000500)=@cgroup={0x3, 0xffffffffffffffff, 0x8}, 0x10}}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000040)={0x4, 0x7, 0xa, 0x1001})
readv(r4, &(0x7f0000000200)=[{&(0x7f0000000080)=""/168, 0xa8}], 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYRESOCT=r3], 0x7c}}, 0x400c450)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000280)='./file0/file0\x00', 0x18)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1080020, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB="2c726f6f746d6f64653d3030fbfc3030303030303030303030303030343034303030302c757365725f69", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

6.937155446s ago: executing program 5 (id=5268):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
write$cgroup_devices(r0, 0x0, 0xffdd)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0x0, 0x6, 0x8}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
getresuid(&(0x7f0000000040), &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000180))
quotactl_fd$Q_QUOTAOFF(r1, 0xffffffff80000301, r4, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={0x0, &(0x7f0000000c00)=""/122, 0x0, 0x7a, 0x1, 0x0, 0x10000, @value}, 0x28)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000030000"], 0x54}}, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x9)
ioctl$sock_netdev_private(r5, 0x8924, &(0x7f0000000000))

6.80937279s ago: executing program 1 (id=5269):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xfff3, 0x4}, {0x0, 0x1b}}}, 0x24}}, 0x0) (fail_nth: 6)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fd\x00')
r5 = fanotify_init(0x4, 0x0)
fanotify_mark(r5, 0x1, 0x40000011, r4, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
preadv(r6, 0x0, 0x0, 0xf4c, 0xd)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000004c0)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40000c0}, 0x2000006)

6.664696626s ago: executing program 2 (id=5270):
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4000810) (async)
r0 = syz_io_uring_setup(0x550a, &(0x7f0000000500)={0x0, 0x8008000, 0x100, 0x0, 0xfffffffd}, &(0x7f00000001c0), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000080)=[0x9, 0xe4a9]}, 0x20)

6.506753151s ago: executing program 1 (id=5271):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
io_setup(0x7, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socket(0x1000000000000010, 0x80802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
syz_open_procfs(0x0, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x1114, &(0x7f0000000300), &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x10, 0x0, 0x7, 0x0, 0x0})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x18, &(0x7f0000000100)={0x8, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff]}, 0x1)
timer_create(0x6, &(0x7f0000000100)={0x0, 0x26, 0x1, @thr={0x0, 0x0}}, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000007f00f5ff00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
fgetxattr(r5, &(0x7f0000000300)=@known='system.posix_acl_default\x00', &(0x7f00000001c0)=""/109, 0x6d)

6.497279407s ago: executing program 5 (id=5272):
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x8000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000480)={'wlan1\x00'})
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10128, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
pipe(0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
mkdir(0x0, 0x4f)
mount$bind(0x0, 0x0, 0x0, 0x399091, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
pivot_root(&(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000280)='./file0/../file0\x00')
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000500)=ANY=[@ANYBLOB="280000002c00010000000000000000000400008014"], 0x28}], 0x1}, 0x0)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
fallocate(r8, 0x69, 0x68d0, 0x1)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000108071e7f2d8fda9751a135b66e8de309c8eed5a7d39c33d0256f908fcbae6bf3d28e4ca1ea87158eab13d0b3620af3dd48192a28b8090c76b9f77d1043f22df5124cbdc4aaaa4c030ed85ccc30b2c1a3b51e2e370231d5d65cf359b3a15fba57ff2b3312697a33c61b068f62c580941dcf753d896707313eb5256ab41906574430a2afcb3638eda8aa6994546ea5f2d62085ce6e81fe49f7d7d5e4ccd6efeba4c58ccae0f7857aed2cef40e7a3992751434c9325eb162ff4e768c216a1bc7993b7469415fa93e957f389f6ea1fffe1e3f8052db311c7d873fda3d32a2d2512f60", @ANYRES16=r2, @ANYBLOB="010000000000000000003800000008000300", @ANYRES8=r7, @ANYRESDEC=r0], 0x1c}}, 0x24001080)

5.518788696s ago: executing program 2 (id=5273):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="034886dd090032000300140000006000000001002f0081e949b93897bc3b0000000000007d01ff02ffffffffffffeb2200000000000112"], 0xfdef)

5.118890489s ago: executing program 5 (id=5274):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_VMA(0x23, 0x0, &(0x7f000098b000/0x2000)=nil, 0x2000, 0x0)
r1 = mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0xff7f, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xbf, 0x0, &(0x7f0000000840)="53b748bf412183542dd1cd69f07c3cfc25b23ee4e4abdc48f6fdd19029b5c76adbd3b083fcd4b24c0cc996e07ec08b87a9257b435c7eede3a0c9763bece8cde2196810e89d584d1e7b2b33de5cdcffde26973a614e0b64cc3a0879242cae4eed25acb19b05ab68fbf5b164bdbe04489056447270b3032ed6e418eb672b3c57c946cf8c93453953e81c86e09211c6e0733b3bbb7bb0d6207159e0b1648c9453c8e064b45c680520811ba7d0d4cea0c5a700"/191, 0x0, 0x24, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.117738098s ago: executing program 4 (id=5275):
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, 0x0)
r2 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
read$FUSE(r2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x1d, &(0x7f0000000140)=ANY=[@ANYBLOB="180000001fffffff0000000000000000b7080000000000007b8af8ff00000000a7080000000000007b8a20ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

4.326321206s ago: executing program 1 (id=5276):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)}, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
r1 = syz_io_uring_setup(0x4174, &(0x7f0000000300)={0x0, 0x7e05, 0x10100}, &(0x7f0000000100), 0x0)
io_uring_setup(0x67bb, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ae4815e27a0000ca8881310d2543c80dc4a5a2", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a00010069706f6962000000040002800a000100ffffffffffff0000"], 0x40}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
syz_open_pts(0xffffffffffffffff, 0x22000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x186a1, 0x0, 0x0, 0x0, 0x3, 0x248a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4})
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
read$FUSE(r6, &(0x7f0000000380)={0x2020}, 0x2020)
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r7, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x4e24, @remote}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})
ioctl$sock_inet_SIOCADDRT(r8, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x4e23, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff})

4.325987775s ago: executing program 5 (id=5277):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, 0x0)
lsm_set_self_attr(0x64, &(0x7f0000000000)={0x65, 0x4, 0x24, 0x4, "ebea6d91"}, 0x24, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
fcntl$setstatus(r4, 0x4, 0x6800)
io_setup(0xff, &(0x7f0000000380)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000140)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f00000001c0)="7f", 0x1}])
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r3, &(0x7f0000013c00)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001b140100000000000000000008"], 0x28}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000006871eda63d81"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x1}, 0xe800, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

4.325732147s ago: executing program 4 (id=5278):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000280)={r1, 0x11, 0x6, @local}, 0x10)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f00000000c0)={r1, 0x11, 0x6, @local}, 0x10)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="02c90010000c00050017d90800af31ff"], 0x15)
r2 = socket$inet(0x2, 0x2, 0x1)
r3 = getpid()
geteuid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(r3, 0x8, &(0x7f0000000140)=0xf3)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000340)="2d5f269d000c", 0x6}], 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="1c000000000000000000000034"], 0x40}, 0x20000000)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0xff, 0xe4, 0x6, 0x5dd2}, {0x4, 0x3, 0xe, 0x3}, {0x4, 0x9, 0x3, 0x6}, {0x0, 0x3, 0x80, 0x5}, {0xc0, 0x6, 0x8, 0x2}, {0x1, 0x1, 0x5c, 0x7}, {0x1, 0x81, 0x9, 0x3}, {0x8, 0x6, 0x0, 0x8}, {0x7ff, 0x2, 0x0, 0x6}]}, 0x10)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r4, 0x8982, &(0x7f0000000100))

4.319311668s ago: executing program 0 (id=5279):
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180))
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {0x0, 0xcf}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GTP_CREATE_SOCKETS={0x5}, @IFLA_GTP_LOCAL6={0x14, 0x8, @loopback}]}}}]}, 0x4c}}, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb49f35c25d456591f0c15a08769bcd5107053ea1f85250ac10e50c14ffda0a7a98740f8cb9694c01f2babb95936415d219753d982b3e6ab52070adabe6f61dce71ee97249cf86cdd7b9a6b4b3d24ddebcf8ea9f1ae197c9a9cd65f15210181d736b2d3da7d24857a899b7c335b2d4b48de5e4e3e60e9cf582db610cbfea", 0x85)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x10, "00000000000000000015000000001010"}}}]}, 0x48}}, 0x0)
write$qrtrtun(r1, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58e", 0x3d8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)

3.412713343s ago: executing program 1 (id=5280):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x468, 0x0, 0x150, 0x150, 0x0, 0xf8010000, 0x398, 0x238, 0x238, 0x398, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x218, 0x280, 0x0, {}, [@common=@inet=@ecn={{0x28}}, @common=@inet=@sctp={{0x148}, {[], [], [0x0, 0x0, 0x40000], 0x0, [], 0x0, 0x0, 0xa}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@hbh={{0x48}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c8)

3.373640362s ago: executing program 0 (id=5281):
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x64}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$drirender128(0xffffffffffffff9c, 0x0, 0x2e440, 0x0)
r2 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f00000025c0)='8', 0x1}, {0x0}], 0x2)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff, 0x2c, 0x0, @val=@iter={&(0x7f0000000500)=@cgroup={0x3, 0xffffffffffffffff, 0x8}, 0x10}}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000040)={0x4, 0x7, 0xa, 0x1001})
readv(r4, &(0x7f0000000200)=[{&(0x7f0000000080)=""/168, 0xa8}], 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYRESOCT=r3], 0x7c}}, 0x400c450)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000280)='./file0/file0\x00', 0x18)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1080020, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB="2c726f6f746d6f64653d3030fbfc3030303030303030303030303030343034303030302c757365725f69", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

3.251803888s ago: executing program 2 (id=5282):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000007017c0000040000000c000180060016006558000004050280ff0417"], 0x528}}, 0xc000)

3.251216911s ago: executing program 4 (id=5283):
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x200000000000000, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d4873c6af6ddc7bde3c511a1315e4f85948a98ae388123b56361ed3cc4c3e5523eb70372d9fb8f341b24358d32f2fdd32382b9d53229b6d19d04b3461e6fbdbf7e44bb5c8945f07e63191e43c40c3372b9cb2e8453d54d5b127c3770c27d497f8bae8a00a8fc4c97fa81d88a317caa5657f596a825ae94ba0545c87758c6f4c077cc8665e0104e48e0ffe16a747d4a1efc5a76b1d45b09d2169995c5e5c5d473f452bcd7df769e2a28d4557abdc8ce959b1c8c49721bcf4efc90376f320b2c5d5f024a04b4435f49ce10dc4a0d127ad43b75a0c5b74d1ad596b90763c69649202169de1726d6b5590993406e55c"])

3.136989656s ago: executing program 5 (id=5284):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[], 0x58}}, 0x0)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0xfffffffc, 0x40}, &(0x7f0000000480), &(0x7f00000004c0))
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r3 = fcntl$dupfd(r2, 0x406, r2)
ioctl$SG_GET_ACCESS_COUNT(r3, 0x2289, &(0x7f00000057c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x4000080)
r9 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@newneigh={0x30, 0x1c, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, r11, 0x0, 0x4}, [@NDA_DST_MAC={0xa, 0x1, @link_local}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}]}, 0x30}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000000c0)={'ip_vti0\x00', &(0x7f0000000500)={'sit0\x00', r11, 0x80, 0x7, 0x1, 0x4, {{0x44, 0x4, 0x3, 0x3d, 0x110, 0x66, 0x0, 0x10, 0x29, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x12}, {[@timestamp_addr={0x44, 0x24, 0x66, 0x1, 0xb, [{@dev={0xac, 0x14, 0x14, 0x25}, 0x4}, {@broadcast, 0x1000}, {@dev={0xac, 0x14, 0x14, 0x3a}, 0x7fff}, {@dev={0xac, 0x14, 0x14, 0x12}, 0x2}]}, @ssrr={0x89, 0x17, 0x81, [@loopback, @loopback, @local, @local, @multicast2]}, @timestamp={0x44, 0x24, 0xff, 0x0, 0x2, [0x8, 0x8, 0x4, 0x87, 0x5, 0x8, 0x8, 0x1]}, @timestamp_prespec={0x44, 0x2c, 0x1f, 0x3, 0x9, [{@broadcast, 0x8}, {@rand_addr=0x64010102}, {@private=0xa010101, 0x800}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xf5}, {@multicast2, 0x3}]}, @rr={0x7, 0x17, 0x81, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local, @broadcast, @local, @loopback]}, @lsrr={0x83, 0x17, 0x94, [@broadcast, @empty, @dev={0xac, 0x14, 0x14, 0x3a}, @rand_addr=0x64010100, @multicast2]}, @lsrr={0x83, 0x13, 0xf2, [@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @local]}, @timestamp={0x44, 0x1c, 0x5e, 0x0, 0x5, [0x7, 0x7fffffff, 0x6e68, 0x2, 0x1, 0x0]}, @generic={0x7, 0x5, "538c27"}, @timestamp_prespec={0x44, 0xc, 0xf3, 0x3, 0x6, [{@private=0xa010101, 0x101}]}]}}}}})
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@random="2f5b02cb75db", @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "88c73b21f267636d01dbe5712c1c941e1cdafbbb43f09c70", "e13808ca72381f41e5fff9620915b6f78670dfaf9a2038083179cf6b7931c9b4"}}}}}}}, 0x0)

2.055065298s ago: executing program 1 (id=5285):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000003d0003010000000000000000017c0000040008800c00018006000600800a000008000280040006"], 0x76}, 0x1, 0x1000000000000000, 0x0, 0x10}, 0xc000)

1.544196983s ago: executing program 2 (id=5286):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
io_setup(0x7, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socket(0x1000000000000010, 0x80802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
syz_open_procfs(0x0, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x1114, &(0x7f0000000300), &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x10, 0x0, 0x7, 0x0, 0x0})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x18, &(0x7f0000000100)={0x8, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff]}, 0x1)
timer_create(0x6, &(0x7f0000000100)={0x0, 0x26, 0x1, @thr={0x0, 0x0}}, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000007f00f5ff00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
fgetxattr(r5, &(0x7f0000000300)=@known='system.posix_acl_default\x00', &(0x7f00000001c0)=""/109, 0x6d)

1.458972634s ago: executing program 4 (id=5287):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x81}, 0x0)
pipe(&(0x7f00000001c0))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1000, 0x3})
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
pipe2(&(0x7f0000000780)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000880)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000940)={@fd={0x66642a85, 0x0, r4}, @fd={0x66642a85, 0x0, r3, 0x0, 0xfcffffff}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x80001, 0x29}}, &(0x7f0000000840)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

1.417092953s ago: executing program 5 (id=5288):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x14, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x28000000, 0x4000d}, 0x20000000)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='affs\x00', 0x0, &(0x7f0000000140)='grpquota')
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x447f, &(0x7f0000000100)={0x0, 0x31b3, 0x4, 0x3, 0x3b4}, 0x0, 0x0)
syz_clone(0x80000480, 0x0, 0x0, 0x0, 0x0, 0x0)
mlockall(0x7)
syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)

1.022933584s ago: executing program 1 (id=5289):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
r3 = epoll_create1(0x0)
r4 = openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x101000)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r5, 0x10e, 0x3, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0x30000009})
write$UHID_INPUT(r2, &(0x7f0000001040)={0xa, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3266078b089b3b083844090890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b333b0d07680936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0afc9397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6258742317662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e0088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76ccc2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2e57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849d11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f9d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f0712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1ccced94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1025}}, 0x1006)
ioctl$TIOCSSOFTCAR(r2, 0x541a, &(0x7f0000000000))
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0x168, 0x6c, 0x0, 0x168, 0x0, 0x248, 0x258, 0x258, 0x248, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [], 'wlan1\x00', 'ip6gre0\x00', {}, {}, 0x11, 0x0, 0x0, 0x48}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x40000, 0x0, 0x2, 0x0, 0x5}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0xfffffffd, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ipv6={@dev, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0x0, 0x11000000], [], 'netdevsim0\x00', 'lo\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x2001}}, {0x28}}}}, 0x378)

649.207587ms ago: executing program 0 (id=5290):
semtimedop(0x0, &(0x7f0000000040)=[{0x0, 0xfffd}], 0x1, 0x0) (async)
r0 = semget$private(0x0, 0x1, 0x0)
semop(r0, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) (async)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xb, 0x200, &(0x7f0000000380)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645093fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31265aba9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f145ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9912607d459b4c28ebea9745bcd4697d73d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35782ad7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc478a305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800000000000000000000001000"}) (async)
semctl$SEM_INFO(r0, 0x3, 0x13, &(0x7f00000001c0)=""/34) (async)
semctl$IPC_RMID(r0, 0x0, 0x0) (async)
bind$netlink(0xffffffffffffffff, 0x0, 0x0) (async)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffa, 0x4) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @in={0x2, 0x0, @broadcast}, @in6={0xa, 0x0, 0x0, @loopback}, @in={0x2, 0x4e21, @dev}], 0x58) (async)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4) (async)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000680)={0x964, 0x0, 0x5, 0x3, 0x0, 0x0, {0x3, 0x0, 0xa}, [{{0x254, 0x1, {{0x0, 0x1}, 0xf0, 0x6, 0x86, 0x9, 0x1e, 'syz0\x00', "709141bf865c9a268bad51a581c0bdd0b4408c6f904b21c98f802ca1ec8fb032", "509a0592506ecbac4f361463e25c7d0a0164cba61b98932f73567d39db45d99c", [{0x7f, 0xb, {0x0, 0xffffffff}}, {0x0, 0x7, {0x0, 0x81}}, {0x80, 0x5, {0x2, 0xe7}}, {0x9, 0x8, {0x2}}, {0x6, 0xfffd, {0x3, 0x9}}, {0x9, 0x5, {0x1, 0x8}}, {0x2, 0x4, {0x3, 0x6}}, {0x4, 0xf2d, {0x1, 0x2b}}, {0xe2bb, 0x404, {0x3, 0x1ff}}, {0x12e2, 0x9, {0x2, 0x7}}, {0x6, 0x5, {0x2, 0xffff}}, {0x4, 0x5, {0x2, 0x9}}, {0x8001, 0x1ff, {0x2, 0x7}}, {0x6, 0x2111, {0x1, 0x8001}}, {0x1, 0x6, {0x2, 0x8}}, {0x7, 0xeee3, {0x3, 0xffffc1de}}, {0x8, 0x4, {0x1, 0x7fffffff}}, {0x1, 0x8, {0x1, 0x4}}, {0x6, 0x2, {0x3, 0x9}}, {0x3, 0x8, {0x1, 0x1}}, {0xe, 0xfff, {0x3, 0x7}}, {0x2, 0x0, {0x1, 0xd53}}, {0x9, 0xb, {0x2, 0x4}}, {0x6, 0x4, {0x1, 0x7fff}}, {0x6, 0x4, {0x3, 0x2}}, {0x6, 0xd, {0x0, 0x3}}, {0x8e, 0xfffc, {0x2, 0xf}}, {0x9, 0x5, {0x2, 0x666}}, {0xfff, 0x8, {0x3, 0x6}}, {0x7, 0x7, {0x2, 0x9}}, {0x7fff, 0x3, {0x3, 0xc}}, {0x1, 0x8, {0x3}}, {0x5, 0x8, {0x3, 0x9}}, {0x5, 0x1000, {0x3, 0x7ff}}, {0x3, 0xffff}, {0x2, 0x7, {0x0, 0x2}}, {0x7ed0, 0x8, {0x3, 0x9}}, {0x9, 0x401, {0x3, 0x7f}}, {0xe3, 0x3, {0x3, 0x8}}, {0x412, 0x7ff, {0x3, 0x10001}}]}}}, {{0x254, 0x1, {{0x1, 0x5}, 0x9, 0x0, 0x5, 0x101, 0x4, 'syz1\x00', "c3691b3fdb46b1522ac7eab639a8f330a99166b1025b07b06b846bf8b3387d4c", "447142c8e256158327a3f9e2c27201111c493702ce8ddee3617ac6c230fb7e6e", [{0x2, 0x5, {0x1, 0x800000}}, {0x0, 0x5, {0x3, 0x3}}, {0x9, 0xc59, {0x3, 0x7}}, {0x2, 0xd7, {0x1, 0x10001}}, {0x9, 0x6, {0x3, 0x7f}}, {0x8, 0x1, {0x1, 0xffffffff}}, {0xe, 0x0, {0x2, 0x1}}, {0x0, 0x2, {0x1, 0x4}}, {0x3, 0x9, {0x0, 0x5}}, {0x3, 0x101, {0x3}}, {0x8, 0xfff, {0x2, 0xfff}}, {0x6, 0xfffe, {0x1, 0x9}}, {0xd3b, 0x0, {0x0, 0x40}}, {0x7, 0x8, {0x0, 0xa}}, {0xc98, 0x0, {0x2, 0x1}}, {0x98, 0x101, {0x0, 0x6}}, {0x8, 0x7, {0x1, 0x1}}, {0xf3b, 0x7, {0x3, 0xd425}}, {0x8, 0x5, {0x0, 0x5c}}, {0x2964, 0x7, {0x1, 0x6}}, {0xd0, 0xa89, {0x2, 0xff}}, {0xfff, 0x7, {0x0, 0x100}}, {0xffff, 0xe4, {0x2, 0x100}}, {0x9, 0x1, {0x2, 0x8}}, {0x3, 0x3, {0x1, 0x8001}}, {0x1, 0xb21d, {0x1, 0x42}}, {0x8001, 0x3, {0x0, 0x4}}, {0x0, 0x3, {0x1}}, {0xc87f, 0x4d, {0x1, 0x7fff}}, {0x7, 0x8, {0x2, 0xd7}}, {0x1, 0xc, {0x2, 0xff}}, {0x7fff, 0x6, {0x0, 0x926d}}, {0xed09, 0x2, {0x1, 0xf1}}, {0x1, 0xa, {0x0, 0x7f}}, {0x0, 0x5, {0x2, 0x9}}, {0x7ff, 0xfffd, {0x2, 0x2}}, {0x3, 0x44, {0x2, 0x2}}, {0x3, 0x3, {0x1, 0xfffffff7}}, {0x2, 0x4, {0x2, 0x4}}, {0x442f, 0x1, {0x1, 0x81}}]}}}, {{0x254, 0x1, {{0x0, 0x3}, 0x62, 0x9, 0x2, 0x51d, 0x27, 'syz0\x00', "0cdfd91ce1403e3ce06862ee7b5534019bfea597d0eab13b29f35cf84aedd6e6", "f8d95f94edfc6966088a2562728d97cb5178d619e6b3411db7b7cdaeeb3c80ba", [{0xfff2, 0x4, {0x1}}, {0x8, 0xfe00, {0x1, 0x8}}, {0x5f, 0x7ff, {0x2, 0x4}}, {0x8, 0x9, {0x3, 0x8000}}, {0x5, 0x7, {0x2, 0xfffffffb}}, {0x4, 0x0, {0x0, 0x5}}, {0xe4e, 0xfff8, {0x2, 0x5}}, {0x44c, 0x100, {0x2, 0x6}}, {0x2, 0x9, {0x0, 0x5}}, {0x46, 0x7, {0x0, 0x8d3c}}, {0x8, 0x0, {0x0, 0x81}}, {0x1, 0xe8e9, {0x0, 0x2}}, {0x4, 0x5}, {0xacc6, 0x7, {0x3, 0x7}}, {0x9, 0xd3, {0x2, 0x10001}}, {0x7, 0x0, {0x2, 0x80000000}}, {0x1, 0x2, {0x3, 0x8}}, {0x7ff, 0x6, {0x1, 0xfffffffb}}, {0x3, 0x8, {0x0, 0x7}}, {0x1, 0x56, {0x1, 0x1}}, {0x3, 0x10, {0x2, 0x10000}}, {0x7, 0x1, {0x0, 0x3}}, {0x7, 0x5, {0x0, 0x7}}, {0x6, 0x8, {0x1, 0x1}}, {0x6, 0x2, {0x2, 0x30}}, {0x3, 0x37d2, {0x0, 0x100}}, {0x2, 0x3, {0x2, 0x3}}, {0x4, 0x6, {0x1, 0x80}}, {0x664, 0x2, {0x1, 0x4}}, {0x1, 0x2, {0x1}}, {0x8, 0x3, {0x0, 0x5}}, {0xfffc, 0x2, {0x1, 0x7}}, {0x6, 0x400, {0x2, 0x9}}, {0x101, 0xfff9, {0x0, 0x1}}, {0x7, 0x7f, {0x3, 0x8}}, {0xb1, 0x7ff, {0x1, 0x3}}, {0x8, 0x7fff, {0x0, 0x81}}, {0xf801, 0xac1, {0x2, 0x42e144f5}}, {0x8, 0x2, {0x1, 0x1}}, {0x3, 0x267e, {0x2, 0x3ff}}]}}}, {{0x254, 0x1, {{0x2, 0x8e}, 0x0, 0x7, 0x5, 0x9, 0x1c, 'syz1\x00', "1a051c5fbaa0b7ebb1c60e4f9662bc89473e92fd663824eb59f090698e220e88", "e85fb32be0465169c3a4ed4f7933bb5f3fd786f5094d74b85a5bc8dc0a36c950", [{0x4, 0x3, {0x0, 0x7fff}}, {0x7821, 0xfff, {0x3, 0x40}}, {0x10, 0x63, {0x2, 0xa5}}, {0x8, 0x8, {0x2, 0x1}}, {0x800, 0x7, {0x3, 0x4}}, {0x0, 0x21, {0x2, 0x7f}}, {0x400, 0xb2, {0x0, 0x2}}, {0x9, 0x9, {0x0, 0x7}}, {0x9, 0xb588, {0x2, 0x3c}}, {0x2, 0x1ff, {0x1, 0x100}}, {0x0, 0x7, {0x2, 0xfffffff7}}, {0x1, 0x387d, {0x2, 0xb7ea}}, {0x1, 0x9, {0x1, 0x33fa}}, {0x2, 0x7, {0x1, 0x80}}, {0x81, 0x306, {0x0, 0x5}}, {0xe7e2, 0x5, {0x3, 0x80}}, {0xbe7, 0x43a9, {0x0, 0x9}}, {0x3, 0x200, {0x2, 0x3}}, {0xabb9, 0x3ff, {0x1}}, {0x3ff, 0x101, {0x0, 0x2}}, {0x8000, 0x40, {0x0, 0x800}}, {0x7, 0x9, {0x2, 0x5}}, {0x4, 0x8e, {0x2, 0x77}}, {0xff05, 0x8, {0x1, 0x7fffffff}}, {0x2, 0x9, {0x1, 0xffffffff}}, {0x7, 0x5, {0x3, 0x5}}, {0x1, 0x100, {0x2, 0x1}}, {0x4, 0x6, {0x2, 0xe122}}, {0x7547, 0x8}, {0x0, 0xffff, {0x0, 0x7}}, {0x5, 0xffff, {0x2, 0x125b}}, {0xfffb, 0x1, {0x3, 0xb1}}, {0x2, 0xffff, {0x0, 0x2}}, {0xd79e, 0x101, {0x3, 0x6}}, {0xfc1, 0x2, {0x1, 0x8}}, {0x5, 0x147, {0x2, 0x9}}, {0xde, 0xff80, {0x1, 0x7}}, {0x2, 0x9c, {0x3, 0x8bbc}}, {0x4, 0x3, {0x1, 0x3}}, {0x3, 0x1dd, {0x1, 0x4}}]}}}]}, 0x964}}, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400fcf4923aedf893b1ba0e93a27300002c00010026bd7000fcdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)

591.850011ms ago: executing program 4 (id=5291):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000040))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000080), r3, 0x0, 0x2, 0x4}}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000180)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x20, &(0x7f00000004c0)=[{}], 0x8, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xc5, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0xf8, 0x15}}]}, &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r6, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000180), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xfc, &(0x7f0000000200)=[{}], 0x8, 0x10, &(0x7f0000000240), &(0x7f0000000280), 0x8, 0xd9, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

18.315554ms ago: executing program 4 (id=5292):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ptrace$PTRACE_GETSIGMASK(0x420a, r3, 0x0, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='cifs\x00', 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4,,[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r2, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x0, 0x20, 0x4000000000000005, 0x4}, &(0x7f0000000100)=0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@mpls_delroute={0x24, 0x19, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_OIF={0x8}]}, 0x24}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, r8}, 0x18)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000140)={0x1d, r8}, 0x18)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f0000000340)={'syztnl1\x00', <r9=>0x0, 0x40, 0x80, 0x4, 0x6, {{0xe, 0x4, 0x2, 0x2, 0x38, 0x64, 0x0, 0x10, 0x29, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ssrr={0x89, 0x23, 0xf5, [@multicast2, @rand_addr=0x64010100, @remote, @remote, @dev={0xac, 0x14, 0x14, 0x27}, @local, @private=0xa010102, @loopback]}, @end]}}}}})
sendmmsg$inet(r0, &(0x7f0000000540)=[{{&(0x7f0000000080)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000000)="c3a3f35e4600718ee15050b6da17e19c93ba5590446f429c3ca52b2aebf1dbac7b8a8d818e3821aaab6eaf3aef9139ed52589f3164ffc09c9ca35df40621c0d0fb737d5b93f58fc2add18214c283f714eae2a05393384e28a377bfcc004f54251724f3c0f1897b4e71674b8ee434fa55f45537ee599509080a3761a4f4", 0x7d}, {&(0x7f00000000c0)="44cfc6f3fbed5a7c84cbbd48fd594c072d2d96f24fa9dd2ca7990ea166ce493916328caa3d8bb566ad6cb5549f4fe4ed442a1db9ab93c2778a86b9dc07d078512714432194b108fa07061f280e543cb2c42d55fe080ec796b749e7f7002e6a29ef8f42cf2257ed8f9c4057cea75e105b82797d6717d10c9314173531543bb96c1263386666e771c8c68620c584d8bea2798429a55d36881d6546ac833512443ddf11339799ee4c4fb9fe5a39b675e154853ef529c704363e67947d40d6a1db48d937097c8dbe12c70fb13ab55c78bd619c1cbd5147ac656e081a327d6702c4cab5e7ff6b539843dbf2f9307a5d77b2a3df248d0e4e9a1caf947be8", 0xfb}, {&(0x7f00000001c0)="7c6014e231efb94da2a862282665c575bd71657ae80d3ee1723a53aec9b7f603b0df253cc1b440c68db6bc32873989d9a835c5297f190d1c625d5c8a63bd0ea6365baaceec35d293b6", 0x49}], 0x3}}, {{&(0x7f0000000500)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000980)=ANY=[@ANYRES32=r0], 0x140}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000280)="69349c98143721f202a38f76669f740725d77f4e34d6c80f2488a3ea3ec93480f279be4940504b6e", 0x28}], 0x1, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @local, @broadcast}}}, @ip_retopts={{0x40, 0x0, 0x7, {[@generic={0x89, 0x7, "41881dc1f0"}, @generic={0x89, 0x6, "e3c06cca"}, @timestamp_addr={0x44, 0x14, 0x9b, 0x1, 0x4, [{@private=0xa010101, 0x54d}, {@remote, 0x10001}]}, @cipso={0x86, 0xf, 0x2, [{0x1, 0x9, "0a8b4cc9f2e65c"}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xafc}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @private=0xa010101}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @broadcast, @empty}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}], 0xf0}}], 0x3, 0x0)

0s ago: executing program 0 (id=5293):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341)
ioctl$USBDEVFS_IOCTL(r2, 0xc00c5512, &(0x7f0000000200))
ioctl$USBDEVFS_BULK(r2, 0xc0185502, &(0x7f0000000140)={{{0x1, 0x1}}, 0x4, 0x7b12d845, &(0x7f0000000040)="8277f4c7"})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x84000000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001640)=[{{&(0x7f0000000040)={0x2, 0x4e22, @private=0xa010102}, 0x10, 0x0}}], 0x1, 0x240080e4)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

295 subj=_ pid=20005 comm="syz.1.4038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1326.928089][   T29] audit: type=1326 audit(1735310689.220:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20005 comm="syz.1.4038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1329.890702][T20040] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[ 1329.918219][T20041] loop6: detected capacity change from 0 to 524287999
[ 1331.960180][T20081] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4059'.
[ 1332.271411][T20089] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[ 1332.433363][T20095] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[ 1332.446495][T20095] netdevsim netdevsim5 netdevsim0: left promiscuous mode
[ 1332.628607][T20103] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4067'.
[ 1332.761476][T20103] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4067'.
[ 1332.812630][T20104] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4067'.
[ 1332.849025][T20104] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4067'.
[ 1332.862564][T20105] loop6: detected capacity change from 0 to 524287999
[ 1334.326967][   T29] kauditd_printk_skb: 14 callbacks suppressed
[ 1334.327010][   T29] audit: type=1326 audit(1735310696.207:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1334.675531][   T29] audit: type=1326 audit(1735310696.217:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1334.730833][   T29] audit: type=1326 audit(1735310696.217:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1334.793787][   T29] audit: type=1326 audit(1735310696.217:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1335.229971][   T29] audit: type=1326 audit(1735310696.217:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1335.341731][   T29] audit: type=1326 audit(1735310696.217:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1335.380742][   T29] audit: type=1326 audit(1735310696.217:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1335.402423][   T29] audit: type=1326 audit(1735310696.217:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1335.424665][   T29] audit: type=1326 audit(1735310696.217:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1335.446844][   T29] audit: type=1326 audit(1735310696.217:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20106 comm="syz.5.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1335.500625][T20130] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4073'.
[ 1335.519503][T20132] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[ 1335.974995][ T2149] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1336.156392][ T2149] usb 3-1: Using ep0 maxpacket: 8
[ 1336.182906][ T2149] usb 3-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice=58.4c
[ 1336.193744][ T2149] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1336.611619][ T2149] usb 3-1: Product: syz
[ 1336.615839][ T2149] usb 3-1: Manufacturer: syz
[ 1336.627577][ T2149] usb 3-1: SerialNumber: syz
[ 1336.668949][ T2149] usb 3-1: config 0 descriptor??
[ 1336.895770][ T5899] usb 3-1: USB disconnect, device number 33
[ 1337.039016][ T2149] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[ 1337.199412][ T2149] usb 1-1: Using ep0 maxpacket: 16
[ 1337.212394][ T2149] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1337.225070][ T2149] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1337.242058][ T2149] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1337.260932][ T2149] usb 1-1: Product: syz
[ 1337.265291][ T2149] usb 1-1: Manufacturer: syz
[ 1337.269905][ T2149] usb 1-1: SerialNumber: syz
[ 1337.297414][ T2149] usb 1-1: config 0 descriptor??
[ 1337.305252][ T2149] hub 1-1:0.0: bad descriptor, ignoring hub
[ 1337.311368][ T2149] hub 1-1:0.0: probe with driver hub failed with error -5
[ 1337.323184][ T2149] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input83
[ 1338.136214][T20168] devpts: called with bogus options
[ 1340.790662][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1340.790680][   T29] audit: type=1326 audit(1735310701.483:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.802409][T20186] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4087'.
[ 1340.832664][   T29] audit: type=1326 audit(1735310701.483:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.854653][   T29] audit: type=1326 audit(1735310701.689:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.876252][   T29] audit: type=1326 audit(1735310701.689:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.902556][   T29] audit: type=1326 audit(1735310701.689:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.924285][   T29] audit: type=1326 audit(1735310701.792:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.947009][   T29] audit: type=1326 audit(1735310701.792:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.969866][   T29] audit: type=1326 audit(1735310701.792:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1340.991794][   T29] audit: type=1326 audit(1735310701.885:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1341.014026][   T29] audit: type=1326 audit(1735310701.885:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20171 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1341.219012][ T2149] usb 1-1: USB disconnect, device number 70
[ 1341.286743][T20193] sctp: [Deprecated]: syz.5.4089 (pid 20193) Use of int in maxseg socket option.
[ 1341.286743][T20193] Use struct sctp_assoc_value instead
[ 1342.022824][T20206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4092'.
[ 1342.045855][T20206] netlink: 'syz.2.4092': attribute type 30 has an invalid length.
[ 1342.080993][T20206] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4092'.
[ 1342.097169][T20206] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4092'.
[ 1342.303300][ T2149] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[ 1342.666570][T20221] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1343.349238][T20223] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1344.675478][ T2149] usb 1-1: Using ep0 maxpacket: 8
[ 1344.738968][ T2149] usb 1-1: device descriptor read/all, error -71
[ 1344.838926][T20240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4102'.
[ 1344.848375][T20240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4102'.
[ 1345.670899][T20241] sctp: [Deprecated]: syz.1.4103 (pid 20241) Use of int in maxseg socket option.
[ 1345.670899][T20241] Use struct sctp_assoc_value instead
[ 1345.714722][T20240] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1345.903970][T20240] ip6gretap0: entered promiscuous mode
[ 1346.012976][T20240] debugfs: Directory 'hsr2' with parent 'hsr' already present!
[ 1346.032725][T20240] Cannot create hsr debugfs directory
[ 1346.072145][T20249] netlink: 'syz.4.4105': attribute type 1 has an invalid length.
[ 1347.443182][T20262] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1348.371504][T20274] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4112'.
[ 1348.471019][T20279] smk_cipso_doi:693 remove rc = -2
[ 1348.476786][T20279] smk_cipso_doi:706 cipso add rc = -17
[ 1349.936240][T20289] netlink: 'syz.1.4117': attribute type 30 has an invalid length.
[ 1350.023453][T20290] sctp: [Deprecated]: syz.0.4116 (pid 20290) Use of int in maxseg socket option.
[ 1350.023453][T20290] Use struct sctp_assoc_value instead
[ 1350.147711][T20289] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4117'.
[ 1350.156937][T20289] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4117'.
[ 1350.425032][T20302] netlink: 'syz.5.4118': attribute type 30 has an invalid length.
[ 1350.788628][T20294] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4118'.
[ 1350.826136][T20294] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4118'.
[ 1351.536898][T20318] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4122'.
[ 1352.494087][T20323] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1352.558870][T20330] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4126'.
[ 1353.943656][T20346] netlink: 'syz.0.4130': attribute type 30 has an invalid length.
[ 1354.024478][T20347] xt_l2tp: v2 tid > 0xffff: 262144
[ 1354.082761][T20346] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4130'.
[ 1354.082790][T20346] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4130'.
[ 1354.636127][T20374] xt_NFQUEUE: number of total queues is 0
[ 1354.975612][T20386] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input85
[ 1355.006961][T20388] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4142'.
[ 1356.119660][T20403] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4146'.
[ 1357.344264][T20411] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4146'.
[ 1357.372762][T20411] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4146'.
[ 1357.426012][T17306] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[ 1357.437535][T20408] netlink: 'syz.1.4146': attribute type 30 has an invalid length.
[ 1357.551395][T20418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4150'.
[ 1357.585041][T20418] bridge_: renamed from bridge
[ 1357.598213][T17306] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1357.619115][T17306] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1357.647211][T17306] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[ 1357.658893][T20420] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[ 1357.677135][T20423] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4151'.
[ 1357.687949][T17306] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[ 1357.706570][T20428] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4149'.
[ 1357.725746][T20428] netlink: 22 bytes leftover after parsing attributes in process `syz.4.4149'.
[ 1357.726365][T17306] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1357.796892][T17306] usb 3-1: New USB device strings: Mfr=12, Product=0, SerialNumber=1
[ 1357.819325][T17306] usb 3-1: Manufacturer: syz
[ 1357.847229][T17306] usb 3-1: SerialNumber: syz
[ 1357.854622][T20432] netlink: 'syz.1.4154': attribute type 11 has an invalid length.
[ 1357.871270][T20406] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1357.878680][T20406] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1357.887545][T17306] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[ 1357.983014][T20437] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input86
[ 1358.112586][T17306] cdc_acm 3-1:1.0: ttyACM0: USB ACM device
[ 1358.131581][T17306] usb 3-1: USB disconnect, device number 34
[ 1360.354243][T20473] __nla_validate_parse: 2 callbacks suppressed
[ 1360.354302][T20473] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4161'.
[ 1360.991508][T20468] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4161'.
[ 1361.007595][T20468] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4161'.
[ 1361.043145][T20484] netlink: 176 bytes leftover after parsing attributes in process `syz.4.4165'.
[ 1361.152965][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1361.152981][   T29] audit: type=1326 audit(1735310721.594:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.224161][   T29] audit: type=1326 audit(1735310721.594:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.286098][T20491] netlink: 'syz.4.4167': attribute type 2 has an invalid length.
[ 1361.293930][   T29] audit: type=1326 audit(1735310721.631:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.317528][T20491] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.4167'.
[ 1361.369467][   T29] audit: type=1326 audit(1735310721.631:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.386427][T20492] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input87
[ 1361.402301][T17306] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1361.542150][   T29] audit: type=1326 audit(1735310721.631:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.585493][   T29] audit: type=1326 audit(1735310721.631:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.597632][T17306] usb 1-1: Using ep0 maxpacket: 16
[ 1361.607447][   T29] audit: type=1326 audit(1735310721.631:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.637093][   T29] audit: type=1326 audit(1735310721.650:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1361.648547][T17306] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1361.659071][   T29] audit: type=1326 audit(1735310721.650:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.4166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1363.425775][T20511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4172'.
[ 1363.675893][T20513] erofs (device erofs): cannot read erofs superblock
[ 1363.927555][T17306] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1363.937587][T17306] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1363.945630][T17306] usb 1-1: Product: syz
[ 1363.950010][T17306] usb 1-1: Manufacturer: syz
[ 1363.958021][T17306] usb 1-1: SerialNumber: syz
[ 1364.364855][   T29] audit: type=1326 audit(1735310724.400:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20510 comm="syz.4.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ecb85d29 code=0x7ffc0000
[ 1364.401757][T17306] usb 1-1: config 0 descriptor??
[ 1364.435213][T17306] usb 1-1: can't set config #0, error -71
[ 1365.020816][T17306] usb 1-1: USB disconnect, device number 73
[ 1365.252764][T20527] pimreg: entered allmulticast mode
[ 1365.258188][T20527] pimreg: left allmulticast mode
[ 1365.736211][T20536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4178'.
[ 1366.144193][T20541] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4179'.
[ 1366.193943][T20532] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4178'.
[ 1366.204875][T20537] netlink: 'syz.4.4178': attribute type 30 has an invalid length.
[ 1366.205344][T20532] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4178'.
[ 1366.308850][T20543] smk_cipso_doi:693 remove rc = -2
[ 1366.332927][T20543] smk_cipso_doi:706 cipso add rc = -17
[ 1366.948562][T20550] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input88
[ 1368.169730][T20555] loop6: detected capacity change from 0 to 524287999
[ 1368.990263][T20568] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1369.643365][T20583] netlink: 'syz.1.4191': attribute type 1 has an invalid length.
[ 1369.826543][T20583] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1371.031085][T20599] syzkaller1: entered promiscuous mode
[ 1371.036792][T20599] syzkaller1: entered allmulticast mode
[ 1372.427009][T20603] sp0: Synchronizing with TNC
[ 1373.847192][T20603] Invalid ELF header magic: != ELF
[ 1373.857608][T20603] ntfs3(nullb0): Primary boot signature is not NTFS.
[ 1373.864959][T20603] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[ 1374.266951][T20617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4200'.
[ 1374.284119][T20618] loop6: detected capacity change from 0 to 524287999
[ 1374.413480][ T5822] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[ 1374.446497][T20622] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input89
[ 1374.587280][T20613] : entered promiscuous mode
[ 1374.607512][ T5822] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1374.616033][ T5822] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1374.626099][ T5822] usb 1-1: can't read configurations, error -71
[ 1375.322507][T20634] netlink: 140 bytes leftover after parsing attributes in process `syz.5.4205'.
[ 1376.371645][T20640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4209'.
[ 1376.758287][T20646] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1376.766785][T20646] IPv6: NLM_F_CREATE should be set when creating new route
[ 1376.824080][T20646] netlink: 'syz.1.4209': attribute type 27 has an invalid length.
[ 1377.934961][T20665] x_tables: duplicate underflow at hook 2
[ 1378.834406][T20670] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input90
[ 1379.147230][T20646] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1379.175587][T20646] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1379.256456][ T5838] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1379.265497][T20681] loop6: detected capacity change from 0 to 524287999
[ 1379.282768][T20646] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1379.293615][T20646] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1379.302900][T20646] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1379.312028][T20646] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1379.414073][T20646] gre1: left promiscuous mode
[ 1379.418961][T20646] gre1: left allmulticast mode
[ 1379.426958][T20646] bond2: left promiscuous mode
[ 1379.432080][T20646] bond2: left allmulticast mode
[ 1379.449120][T20646] ipip0: left promiscuous mode
[ 1379.528737][ T5838] usb 1-1: config 0 has no interfaces?
[ 1379.534838][ T5838] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1379.560979][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1379.780324][ T5838] usb 1-1: config 0 descriptor??
[ 1380.064943][T20677] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4215'.
[ 1380.131777][T20677] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4215'.
[ 1380.769279][T17306] usb 1-1: USB disconnect, device number 76
[ 1381.775896][T20700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1381.784995][T20700] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1381.856132][T20695] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1382.026901][T20695] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[ 1382.369322][T20714] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4226'.
[ 1382.380477][T20714] smk_cipso_doi:693 remove rc = -2
[ 1382.385686][T20714] smk_cipso_doi:706 cipso add rc = -17
[ 1382.462080][T20715] input: syz0 as /devices/virtual/input/input91
[ 1382.783134][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1383.197340][T20719] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1383.366957][T20726] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input92
[ 1383.599928][   T29] kauditd_printk_skb: 4 callbacks suppressed
[ 1383.599969][   T29] audit: type=1326 audit(1735310742.538:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1383.999402][   T29] audit: type=1326 audit(1735310742.538:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.021168][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1384.058337][   T29] audit: type=1326 audit(1735310742.538:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.084827][   T29] audit: type=1326 audit(1735310742.538:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.115916][   T29] audit: type=1326 audit(1735310742.547:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.146732][   T29] audit: type=1326 audit(1735310742.547:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.172762][   T29] audit: type=1326 audit(1735310742.547:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.227146][   T29] audit: type=1326 audit(1735310742.547:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.301735][   T29] audit: type=1326 audit(1735310742.547:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1384.358937][   T29] audit: type=1326 audit(1735310742.547:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20722 comm="syz.2.4230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1384.877549][T20761] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4239'.
[ 1384.888275][T20761] smk_cipso_doi:693 remove rc = -2
[ 1384.893625][T20761] smk_cipso_doi:706 cipso add rc = -17
[ 1385.100521][T20766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4241'.
[ 1386.103579][T20776] QAT: failed to copy from user.
[ 1387.827433][T20783] 9pnet: Could not find request transport: fd0xffffffffffffffff
[ 1388.022095][T20790] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4251'.
[ 1388.032448][T20790] smk_cipso_doi:693 remove rc = -2
[ 1388.037681][T20790] smk_cipso_doi:706 cipso add rc = -17
[ 1388.482404][ T5822] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1388.561829][T20804] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4254'.
[ 1388.653632][ T5822] usb 3-1: Using ep0 maxpacket: 16
[ 1388.690341][ T5822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1388.737169][ T5822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1388.805472][ T5822] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1388.868459][ T5822] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1388.899706][ T5822] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.648518][T20813] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4256'.
[ 1389.962949][ T5822] usb 3-1: config 0 descriptor??
[ 1390.163926][T20815] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input93
[ 1390.301760][T20817] 9pnet: Could not find request transport: fd0x0000000000000003
[ 1390.823418][ T5822] microsoft 0003:045E:07DA.000E: ignoring exceeding usage max
[ 1391.114675][ T5822] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.000E/input/input94
[ 1391.243917][ T5822] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1391.256284][T20835] netlink: 'syz.1.4263': attribute type 1 has an invalid length.
[ 1391.304885][ T5822] usb 3-1: USB disconnect, device number 35
[ 1391.396017][T20844] netlink: 'syz.5.4265': attribute type 1 has an invalid length.
[ 1392.444883][T20868] 9pnet: Could not find request transport: fd0x0000000000000003
[ 1392.553230][T20876] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4275'.
[ 1392.553821][T20876] netlink: 'syz.5.4275': attribute type 30 has an invalid length.
[ 1392.594826][T20876] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4275'.
[ 1392.594855][T20876] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4275'.
[ 1396.295290][T20930] overlayfs: failed to resolve './bus/file0': -2
[ 1396.334390][T20932] overlayfs: failed to resolve './bus/file0': -2
[ 1397.316571][T20961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[ 1397.389222][T20959] netlink: 'syz.0.4302': attribute type 30 has an invalid length.
[ 1398.122919][T20954] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4302'.
[ 1398.176288][T20954] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4302'.
[ 1398.510335][T20951] warn_alloc: 1 callbacks suppressed
[ 1398.510356][T20951] syz.2.4300: vmalloc error: size 283115520, failed to allocated page array size 552960, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1399.175444][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1399.175460][   T29] audit: type=1326 audit(1735310756.868:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1399.322506][   T29] audit: type=1326 audit(1735310756.868:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1399.958617][   T29] audit: type=1326 audit(1735310757.018:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1399.980912][T20951] CPU: 0 UID: 0 PID: 20951 Comm: syz.2.4300 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1399.991717][T20951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1400.001789][T20951] Call Trace:
[ 1400.005079][T20951]  <TASK>
[ 1400.008024][T20951]  dump_stack_lvl+0x241/0x360
[ 1400.012728][T20951]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1400.017943][T20951]  ? __pfx__printk+0x10/0x10
[ 1400.022563][T20951]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[ 1400.029005][T20951]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[ 1400.035530][T20951]  warn_alloc+0x278/0x410
[ 1400.039888][T20951]  ? __pfx_warn_alloc+0x10/0x10
[ 1400.044775][T20951]  ? vb2_vmalloc_alloc+0xf2/0x340
[ 1400.049823][T20951]  ? __get_vm_area_node+0x1c8/0x2d0
[ 1400.055040][T20951]  ? __get_vm_area_node+0x25c/0x2d0
[ 1400.060267][T20951]  __vmalloc_node_range_noprof+0x62f/0x1380
[ 1400.066205][T20951]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1400.072559][T20951]  ? __kasan_kmalloc+0x98/0xb0
[ 1400.077344][T20951]  vmalloc_user_noprof+0x74/0x80
[ 1400.079426][   T29] audit: type=1326 audit(1735310757.018:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1400.082279][T20951]  ? vb2_vmalloc_alloc+0xf2/0x340
[ 1400.082326][T20951]  vb2_vmalloc_alloc+0xf2/0x340
[ 1400.082350][T20951]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[ 1400.082370][T20951]  __vb2_queue_alloc+0xa0b/0x16f0
[ 1400.082421][T20951]  vb2_core_reqbufs+0xd2e/0x17c0
[ 1400.082465][T20951]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1400.082492][T20951]  ? __lock_acquire+0x1397/0x2100
[ 1400.082520][T20951]  ? __video_do_ioctl+0x4ea/0xdd0
[ 1400.082550][T20951]  ? vb2_verify_memory_type+0x1f7/0x570
[ 1400.082580][T20951]  vb2_ioctl_reqbufs+0x4e3/0x830
[ 1400.082621][T20951]  __video_do_ioctl+0xc23/0xdd0
[ 1400.082661][T20951]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1400.082686][T20951]  ? smack_log+0x123/0x540
[ 1400.082716][T20951]  ? __might_fault+0xc6/0x120
[ 1400.082743][T20951]  video_usercopy+0x89b/0x1180
[ 1400.104494][   T29] audit: type=1326 audit(1735310757.018:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1400.109248][T20951]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1400.114619][   T29] audit: type=1326 audit(1735310757.139:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1400.119495][T20951]  ? __pfx_video_usercopy+0x10/0x10
[ 1400.124582][   T29] audit: type=1326 audit(1735310757.139:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1400.129403][T20951]  ? smack_file_ioctl+0x2f7/0x3a0
[ 1400.134774][   T29] audit: type=1326 audit(1735310757.139:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1400.139759][T20951]  ? __fget_files+0x2a/0x410
[ 1400.139785][T20951]  ? __fget_files+0x2a/0x410
[ 1400.139808][T20951]  v4l2_ioctl+0x189/0x1e0
[ 1400.139833][T20951]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1400.139859][T20951]  __se_sys_ioctl+0xf5/0x170
[ 1400.139886][T20951]  do_syscall_64+0xf3/0x230
[ 1400.139915][T20951]  ? clear_bhb_loop+0x35/0x90
[ 1400.139937][T20951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.144965][   T29] audit: type=1326 audit(1735310757.139:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1400.150465][T20951] RIP: 0033:0x7fa77ed85d29
[ 1400.150487][T20951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1400.150506][T20951] RSP: 002b:00007fa77fb38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1400.150530][T20951] RAX: ffffffffffffffda RBX: 00007fa77ef75fa0 RCX: 00007fa77ed85d29
[ 1400.150546][T20951] RDX: 00000000200000c0 RSI: 00000000c0145608 RDI: 0000000000000003
[ 1400.150562][T20951] RBP: 00007fa77ee01b08 R08: 0000000000000000 R09: 0000000000000000
[ 1400.150577][T20951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1400.150591][T20951] R13: 0000000000000000 R14: 00007fa77ef75fa0 R15: 00007ffdca9c4188
[ 1400.150623][T20951]  </TASK>
[ 1400.250855][T20951] Mem-Info:
[ 1400.256984][   T29] audit: type=1326 audit(1735310757.139:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20965 comm="syz.5.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1400.262103][T20951] active_anon:3223 inactive_anon:24865 isolated_anon:0
[ 1400.262103][T20951]  active_file:25233 inactive_file:34775 isolated_file:0
[ 1400.262103][T20951]  unevictable:768 dirty:234 writeback:0
[ 1400.262103][T20951]  slab_reclaimable:13086 slab_unreclaimable:124300
[ 1400.262103][T20951]  mapped:34220 shmem:25580 pagetables:653
[ 1400.262103][T20951]  sec_pagetables:0 bounce:0
[ 1400.262103][T20951]  kernel_misc_reclaimable:0
[ 1400.262103][T20951]  free:1251354 free_pcp:453 free_cma:0
[ 1400.738948][T20951] Node 0 active_anon:12892kB inactive_anon:99460kB active_file:100812kB inactive_file:139100kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137656kB dirty:736kB writeback:200kB shmem:100784kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11884kB pagetables:2612kB sec_pagetables:0kB all_unreclaimable? no
[ 1400.806252][T20951] Node 1 active_anon:0kB inactive_anon:0kB active_file:120kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1400.894078][T20951] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1400.939558][T20984] netlink: 'syz.4.4310': attribute type 39 has an invalid length.
[ 1401.022989][T20951] lowmem_reserve[]: 0 2465 2466 0 0
[ 1401.029476][T20951] Node 0 DMA32 free:1077020kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:12888kB inactive_anon:103144kB active_file:100028kB inactive_file:139048kB unevictable:1536kB writepending:444kB present:3129332kB managed:2552772kB mlocked:0kB bounce:0kB free_pcp:2008kB local_pcp:1164kB free_cma:0kB
[ 1401.140256][T20951] lowmem_reserve[]: 0 0 0 0 0
[ 1401.146886][T20951] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:784kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[ 1401.211025][T20951] lowmem_reserve[]: 0 0 0 0 0
[ 1401.221246][T20951] Node 1 Normal free:3903704kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:120kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1401.939525][T20951] lowmem_reserve[]: 0 0 0 0 0
[ 1401.963029][T20951] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1401.986737][T20951] Node 0 DMA32: 2*4kB (ME) 5*8kB (UME) 4*16kB (ME) 7*32kB (UE) 24*64kB (UE) 201*128kB (UME) 75*256kB (UM) 11*512kB (UME) 19*1024kB (UME) 13*2048kB (UME) 237*4096kB (UM) = 1069264kB
[ 1402.006990][T20991] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4311'.
[ 1402.057640][T20951] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1402.071351][T20951] Node 1 Normal: 198*4kB (UE) 46*8kB (UE) 31*16kB (UME) 199*32kB (UE) 78*64kB (UME) 32*128kB (UME) 14*256kB (UME) 12*512kB (UM) 6*1024kB (UME) 6*2048kB (UME) 942*4096kB (UM) = 3903704kB
[ 1402.145392][T20951] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1402.184053][T20951] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1402.246209][T20951] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1402.261689][T20951] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1402.272050][T20951] 85551 total pagecache pages
[ 1402.277622][T20951] 0 pages in swap cache
[ 1402.281870][T20951] Free swap  = 124492kB
[ 1402.309140][T20951] Total swap = 124996kB
[ 1402.313369][T20951] 2097051 pages RAM
[ 1402.538768][T20951] 0 pages HighMem/MovableOnly
[ 1402.610227][T20951] 427006 pages reserved
[ 1402.647866][T20951] 0 pages cma reserved
[ 1404.554888][T21010] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4315'.
[ 1405.265637][T21022] xt_NFQUEUE: number of total queues is 0
[ 1407.181532][T21042] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4324'.
[ 1407.202105][T21042] netlink: 'syz.0.4324': attribute type 30 has an invalid length.
[ 1407.330784][T21040] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4324'.
[ 1407.339827][T21040] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4324'.
[ 1407.438830][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1407.438847][   T29] audit: type=1326 audit(1735310764.894:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1407.474447][   T29] audit: type=1326 audit(1735310764.922:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1407.617630][   T29] audit: type=1326 audit(1735310764.931:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1407.751837][   T29] audit: type=1326 audit(1735310764.931:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1407.835638][   T29] audit: type=1326 audit(1735310764.931:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1408.102573][   T29] audit: type=1326 audit(1735310764.931:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1408.127155][T21055] netlink: 'syz.0.4330': attribute type 1 has an invalid length.
[ 1408.201825][T21055] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1408.230767][   T29] audit: type=1326 audit(1735310764.931:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1408.275714][   T29] audit: type=1326 audit(1735310764.931:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1408.340786][   T29] audit: type=1326 audit(1735310764.931:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21047 comm="syz.0.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1408.733812][T21063] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1409.149543][ T5899] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1409.330308][ T5899] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1409.350806][ T5899] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1409.371243][ T5899] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1409.387641][T21074] overlayfs: missing 'lowerdir'
[ 1409.437380][T21072] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4335'.
[ 1409.678405][ T5899] usb 3-1: config 0 descriptor??
[ 1409.964052][ T5899] usbhid 3-1:0.0: can't add hid device: -71
[ 1409.970148][ T5899] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1409.980167][ T5899] usb 3-1: USB disconnect, device number 36
[ 1410.203319][T21084] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4334'.
[ 1411.125297][ T5899] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1412.268802][ T5899] usb 3-1: Using ep0 maxpacket: 16
[ 1412.422372][ T5899] usb 3-1: device descriptor read/all, error -71
[ 1413.159318][T21113] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1413.616967][T21115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4343'.
[ 1413.735223][T21115] netlink: 'syz.2.4343': attribute type 30 has an invalid length.
[ 1414.996763][T21104] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4343'.
[ 1415.038211][T21104] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4343'.
[ 1415.590357][T21142] FAULT_INJECTION: forcing a failure.
[ 1415.590357][T21142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1415.590432][T21142] CPU: 1 UID: 0 PID: 21142 Comm: syz.1.4349 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1415.590458][T21142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1415.590470][T21142] Call Trace:
[ 1415.590479][T21142]  <TASK>
[ 1415.590489][T21142]  dump_stack_lvl+0x241/0x360
[ 1415.590521][T21142]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1415.590545][T21142]  ? __pfx__printk+0x10/0x10
[ 1415.590570][T21142]  ? __pfx_lock_release+0x10/0x10
[ 1415.590598][T21142]  should_fail_ex+0x3b0/0x4e0
[ 1415.590631][T21142]  _copy_from_user+0x2f/0xc0
[ 1415.590658][T21142]  do_sock_getsockopt+0x1d1/0x7e0
[ 1415.590686][T21142]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1415.590713][T21142]  ? __fget_files+0x2a/0x410
[ 1415.590734][T21142]  ? __fget_files+0x395/0x410
[ 1415.590753][T21142]  ? __fget_files+0x2a/0x410
[ 1415.590779][T21142]  __x64_sys_getsockopt+0x2a1/0x370
[ 1415.590807][T21142]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[ 1415.590831][T21142]  ? do_syscall_64+0x100/0x230
[ 1415.590859][T21142]  ? do_syscall_64+0xb6/0x230
[ 1415.590887][T21142]  do_syscall_64+0xf3/0x230
[ 1415.590912][T21142]  ? clear_bhb_loop+0x35/0x90
[ 1415.590934][T21142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.590959][T21142] RIP: 0033:0x7f1ef6f85d29
[ 1415.590977][T21142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1415.590994][T21142] RSP: 002b:00007f1ef4dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1415.591018][T21142] RAX: ffffffffffffffda RBX: 00007f1ef7176160 RCX: 00007f1ef6f85d29
[ 1415.591034][T21142] RDX: 000000000000001d RSI: 0000000000000006 RDI: 0000000000000005
[ 1415.591047][T21142] RBP: 00007f1ef4dd5090 R08: 0000000020000540 R09: 0000000000000000
[ 1415.591061][T21142] R10: 0000000020000500 R11: 0000000000000246 R12: 0000000000000001
[ 1415.591076][T21142] R13: 0000000000000000 R14: 00007f1ef7176160 R15: 00007ffee1c7dc88
[ 1415.591105][T21142]  </TASK>
[ 1417.097784][T21154] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4354'.
[ 1418.096727][T21151] syz.0.4353 (21151): drop_caches: 2
[ 1421.997966][T21167] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1424.499905][T21202] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4366'.
[ 1425.875020][T21217] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4370'.
[ 1426.001771][T21218] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4370'.
[ 1426.845380][T21238] netlink: 1296 bytes leftover after parsing attributes in process `syz.5.4378'.
[ 1426.861601][T21238] openvswitch: netlink: Flow key attr not present in new flow.
[ 1427.443883][T21245] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4380'.
[ 1428.050491][T21266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4388'.
[ 1428.420509][   T29] audit: type=1326 audit(1735310784.518:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ecb85d29 code=0x7ffc0000
[ 1428.474707][   T29] audit: type=1326 audit(1735310784.518:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f52ecb87c47 code=0x7ffc0000
[ 1428.528461][   T29] audit: type=1326 audit(1735310784.518:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f52ecb87bbc code=0x7ffc0000
[ 1428.603397][   T29] audit: type=1326 audit(1735310784.518:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f52ecb87af4 code=0x7ffc0000
[ 1428.632382][   T29] audit: type=1326 audit(1735310784.518:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f52ecb87af4 code=0x7ffc0000
[ 1428.663270][T21273] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1428.673566][   T29] audit: type=1326 audit(1735310784.518:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f52ecb8498a code=0x7ffc0000
[ 1428.718896][   T29] audit: type=1326 audit(1735310784.565:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ecb85d29 code=0x7ffc0000
[ 1428.743770][T21290] loop6: detected capacity change from 0 to 524287999
[ 1428.791631][   T29] audit: type=1326 audit(1735310784.565:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21275 comm="syz.4.4390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ecb85d29 code=0x7ffc0000
[ 1429.125341][T21293] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input95
[ 1429.737963][T21300] openvswitch: netlink: Message has 4 unknown bytes.
[ 1429.822312][T21300] syz.5.4397: attempt to access beyond end of device
[ 1429.822312][T21300] nbd5: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1429.855762][T21300] SQUASHFS error: Failed to read block 0x0: -5
[ 1429.861986][T21300] unable to read squashfs_super_block
[ 1430.001723][T21305] ipip0: entered promiscuous mode
[ 1430.892189][T21332] xt_NFQUEUE: number of total queues is 0
[ 1431.687906][T21337] netlink: 'syz.2.4410': attribute type 27 has an invalid length.
[ 1432.601629][T21349] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1433.373474][T21334] netlink: 'syz.1.4405': attribute type 2 has an invalid length.
[ 1434.107441][T21359] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4415'.
[ 1434.241791][T21365] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4416'.
[ 1434.557996][T21370] netlink: 1296 bytes leftover after parsing attributes in process `syz.2.4418'.
[ 1434.803462][T21370] openvswitch: netlink: Flow key attr not present in new flow.
[ 1435.837836][T21383] bond1: entered promiscuous mode
[ 1435.843054][T21383] bond1: entered allmulticast mode
[ 1435.850151][T21383] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1438.366442][T21413] gtp0: entered promiscuous mode
[ 1441.673504][T21443] netlink: 'syz.1.4439': attribute type 10 has an invalid length.
[ 1441.685955][T21443] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.695262][T21443] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.704349][T21443] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.713221][T21443] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.739295][T21443] team0: Port device geneve1 added
[ 1444.336020][T21457] syzkaller1: entered promiscuous mode
[ 1444.341646][T21457] syzkaller1: entered allmulticast mode
[ 1445.719047][T21459] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.4444'.
[ 1445.729634][T21459] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1446.546799][T21477] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input96
[ 1446.860927][T21483] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4452'.
[ 1447.155094][T21489] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4452'.
[ 1447.350161][T21489] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4452'.
[ 1447.812731][T21488] netlink: 'syz.5.4452': attribute type 30 has an invalid length.
[ 1447.943237][   T29] audit: type=1326 audit(1735310802.749:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.039063][   T29] audit: type=1326 audit(1735310802.749:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.121054][   T29] audit: type=1326 audit(1735310802.759:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.189495][T21502] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4456'.
[ 1448.225583][T21502] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4456'.
[ 1448.257912][   T29] audit: type=1326 audit(1735310802.759:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.282321][   T29] audit: type=1326 audit(1735310802.759:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.304008][   T29] audit: type=1326 audit(1735310802.759:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.304408][T21502] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1448.326391][   T29] audit: type=1326 audit(1735310802.759:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.326430][   T29] audit: type=1326 audit(1735310802.759:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.326462][   T29] audit: type=1326 audit(1735310802.759:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1448.326502][   T29] audit: type=1326 audit(1735310802.759:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21463 comm="syz.1.4443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1448.437390][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1449.066314][T21515] netlink: 1284 bytes leftover after parsing attributes in process `syz.5.4459'.
[ 1449.075625][T21515] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1449.590235][T21520] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input97
[ 1450.319385][T21538] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4464'.
[ 1450.381518][T21530] netlink: 'syz.2.4464': attribute type 30 has an invalid length.
[ 1450.402803][T21542] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4468'.
[ 1451.249592][T21530] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4464'.
[ 1451.297225][T21530] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4464'.
[ 1451.616196][T21555] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4471'.
[ 1452.629964][T21561] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input98
[ 1452.777888][T21563] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4473'.
[ 1453.217478][T21567] fuse: Unknown parameter '000000000000000000000060x0000000000000006'
[ 1455.071993][T21587] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1455.581352][T21591] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4483'.
[ 1455.651540][    T9] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1455.924209][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1455.941411][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1455.965720][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1456.012877][    T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1456.023642][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1456.381164][T21600] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1456.479802][    T9] usb 3-1: config 0 descriptor??
[ 1457.016029][    T9] plantronics 0003:047F:FFFF.000F: unknown main item tag 0xd
[ 1457.056872][    T9] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[ 1457.162867][    T9] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1457.483682][    T9] usb 3-1: USB disconnect, device number 39
[ 1457.532227][T21610] netlink: 'syz.1.4490': attribute type 2 has an invalid length.
[ 1457.564617][T21610] netlink: 784 bytes leftover after parsing attributes in process `syz.1.4490'.
[ 1457.807225][T21621] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4491'.
[ 1457.887475][T21626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1457.935139][T21626] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1458.121198][    T9] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[ 1460.214210][T21670] netlink: 'syz.0.4503': attribute type 39 has an invalid length.
[ 1460.444101][T21675] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4502'.
[ 1460.546179][T21672] netlink: 'syz.5.4502': attribute type 30 has an invalid length.
[ 1460.908133][T21669] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4502'.
[ 1460.946273][T21669] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4502'.
[ 1463.154962][T21710] netlink: 11 bytes leftover after parsing attributes in process `syz.1.4512'.
[ 1464.764228][T21729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4519'.
[ 1464.771587][T21728] netlink: 'syz.4.4520': attribute type 1 has an invalid length.
[ 1464.793467][T21729] netlink: 'syz.1.4519': attribute type 30 has an invalid length.
[ 1465.524435][T21748] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1465.534469][T21723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4519'.
[ 1465.572804][T21723] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4519'.
[ 1466.179505][T21763] IPv6: Can't replace route, no match found
[ 1467.026482][T21769] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4528'.
[ 1467.947621][T21795] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4537'.
[ 1467.968260][T21796] netlink: 'syz.1.4534': attribute type 10 has an invalid length.
[ 1468.341876][T21810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4541'.
[ 1468.667421][T21815] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1469.819769][T21828] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1470.090164][T21845] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[ 1470.145151][T21847] overlayfs: failed to resolve './file0': -2
[ 1470.401048][T21858] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4555'.
[ 1471.516136][T21872] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4560'.
[ 1471.795917][T21873] fuse: Unknown parameter '0x00000000000000060x0000000000000007'
[ 1472.240985][T21876] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4539'.
[ 1472.516253][T21880] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4562'.
[ 1473.131310][T21876] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4539'.
[ 1473.247624][T21883] netlink: 288 bytes leftover after parsing attributes in process `syz.0.4563'.
[ 1473.381013][T21889] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4565'.
[ 1474.180788][T21892] FAULT_INJECTION: forcing a failure.
[ 1474.180788][T21892] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1474.194035][T21892] CPU: 1 UID: 0 PID: 21892 Comm: syz.0.4566 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1474.204817][T21892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1474.214888][T21892] Call Trace:
[ 1474.218175][T21892]  <TASK>
[ 1474.221115][T21892]  dump_stack_lvl+0x241/0x360
[ 1474.225817][T21892]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1474.231029][T21892]  ? __pfx__printk+0x10/0x10
[ 1474.235641][T21892]  ? __pfx_lock_release+0x10/0x10
[ 1474.240696][T21892]  should_fail_ex+0x3b0/0x4e0
[ 1474.245387][T21892]  _copy_from_user+0x2f/0xc0
[ 1474.249977][T21892]  copy_msghdr_from_user+0xae/0x680
[ 1474.255184][T21892]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1474.260990][T21892]  ? __fget_files+0x2a/0x410
[ 1474.265579][T21892]  ? __fget_files+0x2a/0x410
[ 1474.270175][T21892]  __sys_sendmsg+0x209/0x350
[ 1474.274769][T21892]  ? __pfx_lock_release+0x10/0x10
[ 1474.279794][T21892]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1474.284913][T21892]  ? __pfx_vfs_write+0x10/0x10
[ 1474.289698][T21892]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1474.296026][T21892]  ? do_syscall_64+0x100/0x230
[ 1474.300789][T21892]  ? do_syscall_64+0xb6/0x230
[ 1474.305465][T21892]  do_syscall_64+0xf3/0x230
[ 1474.309969][T21892]  ? clear_bhb_loop+0x35/0x90
[ 1474.314641][T21892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1474.320533][T21892] RIP: 0033:0x7f9d19385d29
[ 1474.324942][T21892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1474.344543][T21892] RSP: 002b:00007f9d1a1b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1474.352951][T21892] RAX: ffffffffffffffda RBX: 00007f9d19575fa0 RCX: 00007f9d19385d29
[ 1474.360919][T21892] RDX: 0000000000000000 RSI: 0000000020013c00 RDI: 0000000000000004
[ 1474.368884][T21892] RBP: 00007f9d1a1b4090 R08: 0000000000000000 R09: 0000000000000000
[ 1474.376848][T21892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1474.384815][T21892] R13: 0000000000000000 R14: 00007f9d19575fa0 R15: 00007ffd82b0fb28
[ 1474.392796][T21892]  </TASK>
[ 1474.395891][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1474.700641][T21912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4570'.
[ 1475.779203][T21925] netlink: 'syz.5.4575': attribute type 1 has an invalid length.
[ 1475.864730][T21928] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4577'.
[ 1481.228169][T21975] netlink: 236 bytes leftover after parsing attributes in process `syz.1.4591'.
[ 1481.530922][T21990] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4597'.
[ 1483.193678][T22004] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4601'.
[ 1483.856609][T22017] vlan0: entered promiscuous mode
[ 1484.643240][T22022] Can't find a SQUASHFS superblock on nullb0
[ 1484.714211][T22022] netlink: 'syz.4.4605': attribute type 10 has an invalid length.
[ 1484.722188][T22022] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4605'.
[ 1484.732781][T22022] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[ 1486.462397][T22039] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1486.537176][T22042] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4609'.
[ 1486.546174][T22042] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4609'.
[ 1486.564137][T22039] bond0: (slave batadv0): Releasing backup interface
[ 1486.621471][T22039] bond0: (slave bond_slave_0): Releasing backup interface
[ 1486.683323][T22039] bond0: (slave bond_slave_1): Releasing backup interface
[ 1486.746297][T22039] team0: Port device team_slave_0 removed
[ 1486.782638][T22039] team0: Port device team_slave_1 removed
[ 1486.789164][T22039] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1486.796815][T22039] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1486.880725][T22039] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1486.895931][T22039] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1487.867258][T22073] Invalid/unusable pipe
[ 1490.027891][T22067] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4618'.
[ 1490.256999][T22098] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4628'.
[ 1490.270667][T22099] random: crng reseeded on system resumption
[ 1490.295656][T22093] bridge0: entered promiscuous mode
[ 1490.551894][T22113] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4632'.
[ 1490.565662][T22105] fuse: Bad value for 'fd'
[ 1492.053063][ T5838] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1492.226014][ T5838] usb 1-1: config 0 has an invalid interface number: 244 but max is 0
[ 1492.246113][ T5838] usb 1-1: config 0 has no interface number 0
[ 1492.254316][ T5838] usb 1-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[ 1492.277366][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1492.298301][ T5838] usb 1-1: Product: syz
[ 1492.306961][ T5838] usb 1-1: Manufacturer: syz
[ 1492.318185][ T5838] usb 1-1: SerialNumber: syz
[ 1492.323561][T22150] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4642'.
[ 1492.397527][T22151] smk_cipso_doi:693 remove rc = -2
[ 1492.403163][T22151] smk_cipso_doi:706 cipso add rc = -17
[ 1492.554939][ T5838] usb 1-1: config 0 descriptor??
[ 1492.558154][ T5838] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[ 1492.558640][ T5838] dvb-usb: bulk message failed: -22 (2/0)
[ 1492.560678][ T5838] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1492.635697][ T5838] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[ 1492.641314][ T5838] usb 1-1: media controller created
[ 1492.647746][ T5838] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1492.962655][ T5838] cxusb: set interface failed
[ 1492.967356][ T5838] dvb-usb: bulk message failed: -22 (1/0)
[ 1493.915767][ T5838] DVB: Unable to find symbol mt352_attach()
[ 1493.922283][ T5838] dvb-usb: bulk message failed: -22 (5/0)
[ 1493.928923][ T5838] zl10353_read_register: readreg error (reg=127, ret==-121)
[ 1493.936410][ T5838] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[ 1494.922704][ T5838] rc_core: IR keymap rc-dvico-mce not found
[ 1494.928808][ T5838] Registered IR keymap rc-empty
[ 1494.934485][ T5838] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[ 1494.945442][ T5838] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input100
[ 1494.978127][ T5838] dvb-usb: schedule remote query interval to 100 msecs.
[ 1494.987475][ T5838] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[ 1495.087499][ T5838] usb 1-1: USB disconnect, device number 78
[ 1495.251820][ T5838] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[ 1495.532496][T22188] netlink: 'syz.0.4650': attribute type 10 has an invalid length.
[ 1495.540539][T22188] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4650'.
[ 1495.550734][T22188] ipvlan1: entered promiscuous mode
[ 1495.556040][T22188] ipvlan1: entered allmulticast mode
[ 1495.561449][T22188] veth0_vlan: entered allmulticast mode
[ 1495.574694][T22188] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1496.757132][T22197] overlayfs: lower data-only dirs require metacopy support.
[ 1498.535364][T22243] FAULT_INJECTION: forcing a failure.
[ 1498.535364][T22243] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1498.575223][T22243] CPU: 0 UID: 0 PID: 22243 Comm: syz.2.4665 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1498.586042][T22243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1498.596114][T22243] Call Trace:
[ 1498.599404][T22243]  <TASK>
[ 1498.602352][T22243]  dump_stack_lvl+0x241/0x360
[ 1498.607058][T22243]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1498.612283][T22243]  ? __pfx__printk+0x10/0x10
[ 1498.616886][T22243]  ? __pfx_lock_release+0x10/0x10
[ 1498.621917][T22243]  should_fail_ex+0x3b0/0x4e0
[ 1498.626614][T22243]  _copy_from_user+0x2f/0xc0
[ 1498.631221][T22243]  __sys_bpf+0x1a4/0x810
[ 1498.635476][T22243]  ? __pfx___sys_bpf+0x10/0x10
[ 1498.640251][T22243]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1498.646234][T22243]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1498.652578][T22243]  ? do_syscall_64+0x100/0x230
[ 1498.657359][T22243]  __x64_sys_bpf+0x7c/0x90
[ 1498.661953][T22243]  do_syscall_64+0xf3/0x230
[ 1498.666458][T22243]  ? clear_bhb_loop+0x35/0x90
[ 1498.671132][T22243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1498.677025][T22243] RIP: 0033:0x7fa77ed85d29
[ 1498.681448][T22243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1498.701069][T22243] RSP: 002b:00007fa77fb38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1498.709492][T22243] RAX: ffffffffffffffda RBX: 00007fa77ef75fa0 RCX: 00007fa77ed85d29
[ 1498.717475][T22243] RDX: 0000000000000094 RSI: 0000000020000040 RDI: 0000000000000005
[ 1498.725446][T22243] RBP: 00007fa77fb38090 R08: 0000000000000000 R09: 0000000000000000
[ 1498.733413][T22243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1498.741388][T22243] R13: 0000000000000001 R14: 00007fa77ef75fa0 R15: 00007ffdca9c4188
[ 1498.749368][T22243]  </TASK>
[ 1498.752449][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1503.868079][T22311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4686'.
[ 1504.478619][T22317] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1504.878781][   T29] kauditd_printk_skb: 1 callbacks suppressed
[ 1504.879961][   T29] audit: type=1326 audit(1735310856.039:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190116][   T29] audit: type=1326 audit(1735310856.039:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190162][   T29] audit: type=1326 audit(1735310856.039:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190195][   T29] audit: type=1326 audit(1735310856.039:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190227][   T29] audit: type=1326 audit(1735310856.039:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190261][   T29] audit: type=1326 audit(1735310856.039:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190293][   T29] audit: type=1326 audit(1735310856.039:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190327][   T29] audit: type=1326 audit(1735310856.039:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190359][   T29] audit: type=1326 audit(1735310856.039:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f1ef6f85d29 code=0x7ffc0000
[ 1505.190393][   T29] audit: type=1326 audit(1735310856.039:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22323 comm="syz.1.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1505.771119][T22334] xt_l2tp: v2 tid > 0xffff: 262144
[ 1506.003485][T22335] program syz.2.4692 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1507.409400][T22347] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1507.447375][T22347] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1507.447499][T22347] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1507.447513][T22347] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1507.482580][T22347] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1507.505321][T22347] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1507.513997][T22347] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1507.523550][T22347] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1507.524648][T22350] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4697'.
[ 1507.541104][T22350] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4697'.
[ 1507.862330][T22360] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4700'.
[ 1507.871371][T22360] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4700'.
[ 1510.881759][T22396] tipc: Failed to remove unknown binding: 66,1,1/2578849280:2280231432/2280231434
[ 1511.938946][T22431] FAULT_INJECTION: forcing a failure.
[ 1511.938946][T22431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1511.985085][T22431] CPU: 1 UID: 0 PID: 22431 Comm: syz.0.4722 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1511.995890][T22431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1512.005957][T22431] Call Trace:
[ 1512.009231][T22431]  <TASK>
[ 1512.012165][T22431]  dump_stack_lvl+0x241/0x360
[ 1512.016862][T22431]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1512.022067][T22431]  ? __pfx__printk+0x10/0x10
[ 1512.026667][T22431]  ? __pfx_lock_release+0x10/0x10
[ 1512.031693][T22431]  should_fail_ex+0x3b0/0x4e0
[ 1512.036377][T22431]  _copy_from_user+0x2f/0xc0
[ 1512.040971][T22431]  __se_sys_mount+0x17d/0x3c0
[ 1512.045652][T22431]  ? __pfx___se_sys_mount+0x10/0x10
[ 1512.050848][T22431]  ? do_syscall_64+0x100/0x230
[ 1512.055620][T22431]  ? __x64_sys_mount+0x20/0xc0
[ 1512.060381][T22431]  do_syscall_64+0xf3/0x230
[ 1512.064886][T22431]  ? clear_bhb_loop+0x35/0x90
[ 1512.069562][T22431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1512.075464][T22431] RIP: 0033:0x7f9d19385d29
[ 1512.079875][T22431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1512.099478][T22431] RSP: 002b:00007f9d1a1b4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1512.107890][T22431] RAX: ffffffffffffffda RBX: 00007f9d19575fa0 RCX: 00007f9d19385d29
[ 1512.115860][T22431] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[ 1512.123828][T22431] RBP: 00007f9d1a1b4090 R08: 00000000200000c0 R09: 0000000000000000
[ 1512.131796][T22431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1512.139760][T22431] R13: 0000000000000000 R14: 00007f9d19575fa0 R15: 00007ffd82b0fb28
[ 1512.147737][T22431]  </TASK>
[ 1512.150768][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1512.252629][T22431] 9pnet: Found fid 0 not clunked
[ 1514.101300][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1514.170253][T22460] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1514.285035][T22462] ipip0: entered promiscuous mode
[ 1514.482697][T22466] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1514.489948][T22466] IPv6: NLM_F_CREATE should be set when creating new route
[ 1514.497369][T22466] IPv6: NLM_F_CREATE should be set when creating new route
[ 1514.549384][T13484] Bluetooth: hci3: unexpected event for opcode 0x2026
[ 1515.484804][T22467] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1516.193992][T22485] debugfs: Directory 'x
€s
!' with parent 'ieee80211' already present!
[ 1516.300502][T22487] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4742'.
[ 1516.393686][T22493] netlink: 'syz.0.4744': attribute type 1 has an invalid length.
[ 1516.449708][T22498] netlink: 'syz.2.4746': attribute type 1 has an invalid length.
[ 1516.562846][T22498] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1516.958752][T22491] smk_cipso_doi:693 remove rc = -2
[ 1516.975997][T22491] smk_cipso_doi:706 cipso add rc = -17
[ 1517.054993][T22503] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 0
[ 1517.079628][    T9] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1518.292631][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1518.292647][   T29] audit: type=1326 audit(1735310868.022:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1518.426394][   T29] audit: type=1326 audit(1735310868.022:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1518.459498][   T29] audit: type=1326 audit(1735310868.022:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1518.514541][   T29] audit: type=1326 audit(1735310868.022:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1518.536101][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1518.654555][   T29] audit: type=1326 audit(1735310868.022:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1518.887412][   T29] audit: type=1326 audit(1735310868.022:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1518.911477][T13484] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1518.933408][T13484] Bluetooth: hci3: Injecting HCI hardware error event
[ 1518.964809][T13484] Bluetooth: hci3: hardware error 0x00
[ 1519.332357][   T29] audit: type=1326 audit(1735310868.031:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1519.452912][   T29] audit: type=1326 audit(1735310868.031:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1519.475258][T22528] netlink: 'syz.2.4753': attribute type 2 has an invalid length.
[ 1519.496445][T22528] netlink: 'syz.2.4753': attribute type 1 has an invalid length.
[ 1519.518365][   T29] audit: type=1326 audit(1735310868.031:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1519.547866][   T29] audit: type=1326 audit(1735310868.031:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22513 comm="syz.0.4750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[ 1519.569773][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1519.785654][T22535] input: syz0 as /devices/virtual/input/input102
[ 1521.349149][T22565] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4767'.
[ 1521.687035][T13484] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1522.117394][T22574] fuse: Bad value for 'rootmode'
[ 1522.230583][T22565] smk_cipso_doi:693 remove rc = -2
[ 1522.299138][T22565] smk_cipso_doi:706 cipso add rc = -17
[ 1523.827064][T22607] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4778'.
[ 1523.850143][T22607] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4778'.
[ 1524.074051][T22612] netlink: 'syz.5.4780': attribute type 9 has an invalid length.
[ 1524.097068][T22612] netlink: 'syz.5.4780': attribute type 6 has an invalid length.
[ 1525.008747][T22631] openvswitch: netlink: Message has 1275 unknown bytes.
[ 1525.016074][T22631] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1526.315148][T22636] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1527.404967][T22668] netlink: 236 bytes leftover after parsing attributes in process `syz.2.4791'.
[ 1527.622002][T22675] overlay: filesystem on ./bus not supported as upperdir
[ 1530.434004][T22696] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4798'.
[ 1531.672369][T22709] netlink: 'syz.5.4802': attribute type 39 has an invalid length.
[ 1532.222911][T22716] bond3: entered promiscuous mode
[ 1532.228410][T22716] bond3: entered allmulticast mode
[ 1532.234878][T22716] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1532.383970][T22721] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4799'.
[ 1533.185069][T22741] bridge2: entered promiscuous mode
[ 1535.713015][T22760] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1535.995094][T22757] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.023435][T22757] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.077623][T22757] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.123286][T22757] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.138388][T22764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.151697][T22764] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.187821][T22764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1536.199215][T22776] loop6: detected capacity change from 0 to 524287999
[ 1536.208266][T22764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4816'.
[ 1539.070270][T22809] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1539.452818][T22824] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4830'.
[ 1539.937723][T22824] hsr_slave_1 (unregistering): left promiscuous mode
[ 1540.388815][T22835] FAULT_INJECTION: forcing a failure.
[ 1540.388815][T22835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1540.397705][T22837] netlink: 'syz.1.4835': attribute type 1 has an invalid length.
[ 1540.402792][T22835] CPU: 1 UID: 0 PID: 22835 Comm: syz.0.4834 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1540.420482][T22835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1540.425521][T22837] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1540.430557][T22835] Call Trace:
[ 1540.430570][T22835]  <TASK>
[ 1540.430580][T22835]  dump_stack_lvl+0x241/0x360
[ 1540.430613][T22835]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1540.453318][T22835]  ? __pfx__printk+0x10/0x10
[ 1540.457943][T22835]  ? snprintf+0xda/0x120
[ 1540.462222][T22835]  should_fail_ex+0x3b0/0x4e0
[ 1540.466932][T22835]  _copy_to_user+0x31/0xb0
[ 1540.471381][T22835]  simple_read_from_buffer+0xca/0x150
[ 1540.476792][T22835]  proc_fail_nth_read+0x1e9/0x250
[ 1540.481849][T22835]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1540.487422][T22835]  ? rw_verify_area+0x55e/0x6f0
[ 1540.492294][T22835]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1540.497862][T22835]  vfs_read+0x1fc/0xb70
[ 1540.502046][T22835]  ? __pfx___mutex_lock+0x10/0x10
[ 1540.507136][T22835]  ? __pfx_vfs_read+0x10/0x10
[ 1540.511853][T22835]  ? __fget_files+0x2a/0x410
[ 1540.516468][T22835]  ? __fget_files+0x395/0x410
[ 1540.521161][T22835]  ? __fget_files+0x2a/0x410
[ 1540.525783][T22835]  ksys_read+0x18f/0x2b0
[ 1540.530046][T22835]  ? __pfx_ksys_read+0x10/0x10
[ 1540.534843][T22835]  ? do_syscall_64+0x100/0x230
[ 1540.539635][T22835]  ? do_syscall_64+0xb6/0x230
[ 1540.544339][T22835]  do_syscall_64+0xf3/0x230
[ 1540.548866][T22835]  ? clear_bhb_loop+0x35/0x90
[ 1540.553567][T22835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1540.559483][T22835] RIP: 0033:0x7f9d1938473c
[ 1540.563924][T22835] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1540.583553][T22835] RSP: 002b:00007f9d1a1b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1540.591992][T22835] RAX: ffffffffffffffda RBX: 00007f9d19575fa0 RCX: 00007f9d1938473c
[ 1540.599984][T22835] RDX: 000000000000000f RSI: 00007f9d1a1b40a0 RDI: 0000000000000008
[ 1540.607970][T22835] RBP: 00007f9d1a1b4090 R08: 0000000000000000 R09: 0000000000000000
[ 1540.615962][T22835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1540.623954][T22835] R13: 0000000000000000 R14: 00007f9d19575fa0 R15: 00007ffd82b0fb28
[ 1540.631976][T22835]  </TASK>
[ 1540.898536][T22846] loop6: detected capacity change from 0 to 524287999
[ 1541.468955][T22850] fuse: Unknown parameter '000000000000000000000060x0000000000000006'
[ 1543.094338][T22868] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4843'.
[ 1543.116061][T22868] netlink: 'syz.0.4843': attribute type 30 has an invalid length.
[ 1543.248147][T22868] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4843'.
[ 1543.282784][T22868] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4843'.
[ 1544.247915][T22890] input: syz0 as /devices/virtual/input/input105
[ 1544.428513][T22896] openvswitch: netlink: Geneve opt len 126 is not a multiple of 4.
[ 1544.721249][T22903] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4849'.
[ 1544.998551][T22912] loop6: detected capacity change from 0 to 524287999
[ 1545.293989][T22917] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4855'.
[ 1546.757821][T22934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4857'.
[ 1546.833179][T22925] netlink: 'syz.5.4857': attribute type 30 has an invalid length.
[ 1546.964400][T22925] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4857'.
[ 1546.990227][T22925] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4857'.
[ 1548.935735][T22991] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4870'.
[ 1548.975989][T22991] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4870'.
[ 1549.060128][T22991] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1549.093403][T22991] ip6gretap0: entered promiscuous mode
[ 1549.107601][T22991] debugfs: Directory 'hsr2' with parent 'hsr' already present!
[ 1549.128680][T22991] Cannot create hsr debugfs directory
[ 1549.402154][T22996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4874'.
[ 1550.547513][T23010] netlink: 236 bytes leftover after parsing attributes in process `syz.4.4879'.
[ 1550.733280][T23018] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1551.776557][T23026] xt_NFQUEUE: number of total queues is 0
[ 1552.363180][T23033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1552.372166][T23033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1553.552350][T23051] (syz.5.4888,23051,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1553.928438][T23051] (syz.5.4888,23051,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1554.389206][T23059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4887'.
[ 1554.853457][T23066] wg1: entered allmulticast mode
[ 1555.085124][T23070] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1556.827023][T23084] netlink: 'syz.2.4897': attribute type 1 has an invalid length.
[ 1556.869765][T23084] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4897'.
[ 1556.965440][T23074] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input107
[ 1557.000904][T23089] bridge1: entered promiscuous mode
[ 1559.973781][T23099] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1561.953907][T23129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4905'.
[ 1562.340302][T23125] netlink: 'syz.1.4905': attribute type 30 has an invalid length.
[ 1562.368135][T23141] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4905'.
[ 1562.387714][T23141] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4905'.
[ 1564.283079][T23171] loop6: detected capacity change from 0 to 524287999
[ 1564.793187][T23185] binder: 23184:23185 ioctl 400c620e 200014c0 returned -22
[ 1564.829281][T23185] binder: 23184:23185 ioctl c0306201 200001c0 returned -14
[ 1565.893167][T23200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4920'.
[ 1566.781604][T23210] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1566.789596][T23210] F2FS-fs (loop11): Can't find valid F2FS filesystem in 1th superblock
[ 1566.798455][T23210] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1566.806678][T23210] F2FS-fs (loop11): Can't find valid F2FS filesystem in 2th superblock
[ 1567.251543][T23210] netlink: 'syz.5.4922': attribute type 1 has an invalid length.
[ 1567.259374][T23210] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4922'.
[ 1567.632237][T23207] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4920'.
[ 1567.694417][T23207] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4920'.
[ 1567.749025][T23214] SET target dimension over the limit!
[ 1567.806673][T23204] netlink: 'syz.4.4920': attribute type 30 has an invalid length.
[ 1568.261150][T23225] netlink: 'syz.0.4926': attribute type 4 has an invalid length.
[ 1568.358494][T23227] loop6: detected capacity change from 0 to 524287999
[ 1570.318678][T23254] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4935'.
[ 1570.327884][T23254] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4935'.
[ 1570.337603][T23254] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1570.612633][T23256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4936'.
[ 1570.649123][T23256] netlink: 'syz.1.4936': attribute type 30 has an invalid length.
[ 1571.691476][T23262] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4937'.
[ 1571.892221][T23256] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4936'.
[ 1571.901433][T23256] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4936'.
[ 1571.994939][T23273] smk_cipso_doi:693 remove rc = -2
[ 1572.007788][T23272] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1572.030046][T23273] smk_cipso_doi:706 cipso add rc = -17
[ 1572.554945][T23277] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input108
[ 1572.590100][T23279] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4941'.
[ 1572.676450][T23286] loop6: detected capacity change from 0 to 524287999
[ 1573.589214][T23301] netlink: 'syz.1.4947': attribute type 1 has an invalid length.
[ 1573.753653][T23304] netlink: 'syz.2.4949': attribute type 2 has an invalid length.
[ 1573.813368][T23304] netlink: 'syz.2.4949': attribute type 1 has an invalid length.
[ 1574.279498][T23315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4950'.
[ 1574.326379][T23315] netlink: 'syz.1.4950': attribute type 30 has an invalid length.
[ 1574.411436][T23315] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4950'.
[ 1574.448739][T23315] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4950'.
[ 1574.960299][T23329] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input109
[ 1574.972572][T23327] netlink: 'syz.1.4956': attribute type 9 has an invalid length.
[ 1574.991551][T23327] netlink: 'syz.1.4956': attribute type 6 has an invalid length.
[ 1575.910442][T23347] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4960'.
[ 1576.048208][T17306] IPVS: starting estimator thread 0...
[ 1576.054033][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1576.054047][   T29] audit: type=1326 audit(1735310922.537:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="syz.2.4961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.114527][   T29] audit: type=1326 audit(1735310922.537:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="syz.2.4961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.157211][   T29] audit: type=1326 audit(1735310922.537:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.179052][   T29] audit: type=1326 audit(1735310922.537:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.236752][   T29] audit: type=1326 audit(1735310922.537:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.257742][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1576.269799][T23355] netlink: 1 bytes leftover after parsing attributes in process `syz.0.4962'.
[ 1576.305878][T23351] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1576.381315][T23356] netlink: 'syz.0.4962': attribute type 2 has an invalid length.
[ 1576.648465][   T29] audit: type=1326 audit(1735310922.537:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.799683][   T29] audit: type=1326 audit(1735310922.537:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77ed85d29 code=0x7ffc0000
[ 1576.821089][   T29] audit: type=1326 audit(1735310922.546:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa77ed84690 code=0x7ffc0000
[ 1576.842152][   T29] audit: type=1326 audit(1735310922.546:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa77ed8592b code=0x7ffc0000
[ 1576.864024][T17306] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1576.882838][   T29] audit: type=1326 audit(1735310922.546:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23349 comm="//(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa77ed8592b code=0x7ffc0000
[ 1577.052972][T17306] usb 3-1: Using ep0 maxpacket: 8
[ 1577.062289][T17306] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 3
[ 1577.073644][T17306] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1577.074086][T23359] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4964'.
[ 1577.088784][T17306] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1577.102642][T17306] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1577.113298][T17306] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1577.122999][T17306] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1577.133514][T17306] usb 3-1: config 0 descriptor??
[ 1577.135784][T23359] netlink: 'syz.5.4964': attribute type 30 has an invalid length.
[ 1577.140246][T23350] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1577.211973][T23359] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4964'.
[ 1577.239265][T23359] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4964'.
[ 1577.512142][T17306] usb 3-1: USB disconnect, device number 40
[ 1578.337349][T23395] tmpfs: Bad value for 'mpol'
[ 1579.307375][T23421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4978'.
[ 1579.788129][T23421] netlink: 'syz.1.4978': attribute type 30 has an invalid length.
[ 1579.826752][T23418] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4978'.
[ 1579.835929][T23418] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4978'.
[ 1580.410545][T23432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4982'.
[ 1580.514755][T23432] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4982'.
[ 1580.588678][T23435] netlink: 'syz.5.4983': attribute type 4 has an invalid length.
[ 1580.657226][T23436] netlink: 'syz.5.4983': attribute type 4 has an invalid length.
[ 1581.847031][T23450] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[ 1582.975848][T23460] netlink: 'syz.0.4992': attribute type 2 has an invalid length.
[ 1582.984003][T23460] netlink: 'syz.0.4992': attribute type 1 has an invalid length.
[ 1584.548888][T17306] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1584.749784][T17306] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[ 1584.767697][T17306] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1584.856616][T17306] usb 1-1: config 0 descriptor??
[ 1587.261243][T17306] playstation 0003:054C:0DF2.0010: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.0-1/input0
[ 1587.975352][T17306] playstation 0003:054C:0DF2.0010: Invalid reportID received, expected 9 got 0
[ 1587.997521][T17306] playstation 0003:054C:0DF2.0010: Failed to retrieve DualSense pairing info: -22
[ 1588.020602][T17306] playstation 0003:054C:0DF2.0010: Failed to get MAC address from DualSense
[ 1588.041925][T17306] playstation 0003:054C:0DF2.0010: Failed to create dualsense.
[ 1588.103348][T17306] playstation 0003:054C:0DF2.0010: probe with driver playstation failed with error -22
[ 1591.646430][T23549] netlink: 'syz.4.5013': attribute type 10 has an invalid length.
[ 1591.654339][T23549] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5013'.
[ 1591.663495][T23549] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1592.035868][ T2149] usb 1-1: USB disconnect, device number 80
[ 1592.174439][T23562] input: syz0 as /devices/virtual/input/input110
[ 1593.257587][T23575] netlink: 'syz.4.5022': attribute type 1 has an invalid length.
[ 1593.266031][T23575] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5022'.
[ 1596.507453][T23615] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[ 1596.516366][T23615] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[ 1596.525486][T23615] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[ 1597.536218][T23611] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1598.290101][T23633] netlink: 104 bytes leftover after parsing attributes in process `syz.4.5041'.
[ 1600.178704][T23661] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1601.111014][T23679] netlink: 1 bytes leftover after parsing attributes in process `syz.5.5048'.
[ 1601.222959][T23680] netlink: 'syz.5.5048': attribute type 2 has an invalid length.
[ 1602.304018][T23696] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5052'.
[ 1602.434967][   T29] kauditd_printk_skb: 56 callbacks suppressed
[ 1602.435010][   T29] audit: type=1326 audit(1735310947.156:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1602.976427][   T29] audit: type=1326 audit(1735310947.166:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.239857][   T29] audit: type=1326 audit(1735310947.166:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.262108][   T29] audit: type=1326 audit(1735310947.166:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.284045][   T29] audit: type=1326 audit(1735310947.166:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.311417][   T29] audit: type=1326 audit(1735310947.166:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.513299][   T29] audit: type=1326 audit(1735310947.166:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.579264][   T29] audit: type=1326 audit(1735310947.166:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.601263][   T29] audit: type=1326 audit(1735310947.166:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.623478][   T29] audit: type=1326 audit(1735310947.166:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23688 comm="syz.5.5055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a0d85d29 code=0x7ffc0000
[ 1603.744724][T23715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5059'.
[ 1604.257351][T23721] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1605.008367][T23725] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input112
[ 1607.864584][T23774] bond4: entered promiscuous mode
[ 1607.869771][T23774] bond4: entered allmulticast mode
[ 1607.876436][T23774] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1609.038689][T23794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5082'.
[ 1611.224776][T23798] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5081'.
[ 1611.233860][T23798] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1611.784583][T23824] sctp: [Deprecated]: syz.1.5088 (pid 23824) Use of int in maxseg socket option.
[ 1611.784583][T23824] Use struct sctp_assoc_value instead
[ 1614.751206][T23850] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1616.173117][T23874] netlink: 'syz.1.5099': attribute type 10 has an invalid length.
[ 1616.181305][T23874] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5099'.
[ 1616.191074][T23874] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1616.937256][T23878] input: syz0 as /devices/virtual/input/input113
[ 1617.370932][T23879] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5101'.
[ 1618.568557][T23898] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5107'.
[ 1618.604198][T23900] netlink: 'syz.0.5109': attribute type 2 has an invalid length.
[ 1618.644139][T23900] netlink: 'syz.0.5109': attribute type 1 has an invalid length.
[ 1625.246834][T23923] loop6: detected capacity change from 0 to 524287999
[ 1625.404138][ T5899] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1625.689651][ T5899] usb 3-1: config 0 has an invalid interface number: 135 but max is 0
[ 1625.698476][ T5899] usb 3-1: config 0 has no interface number 0
[ 1625.704755][ T5899] usb 3-1: config 0 interface 135 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 32
[ 1625.730522][ T5899] usb 3-1: config 0 interface 135 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1625.864482][T23934] FAULT_INJECTION: forcing a failure.
[ 1625.864482][T23934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1625.878143][T23934] CPU: 1 UID: 0 PID: 23934 Comm: syz.1.5117 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1625.888932][T23934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1625.899009][T23934] Call Trace:
[ 1625.902304][T23934]  <TASK>
[ 1625.905246][T23934]  dump_stack_lvl+0x241/0x360
[ 1625.909984][T23934]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1625.915270][T23934]  ? __pfx__printk+0x10/0x10
[ 1625.919895][T23934]  ? snprintf+0xda/0x120
[ 1625.924164][T23934]  should_fail_ex+0x3b0/0x4e0
[ 1625.928870][T23934]  _copy_to_user+0x31/0xb0
[ 1625.933313][T23934]  simple_read_from_buffer+0xca/0x150
[ 1625.938723][T23934]  proc_fail_nth_read+0x1e9/0x250
[ 1625.943784][T23934]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1625.949394][T23934]  ? rw_verify_area+0x568/0x6f0
[ 1625.954271][T23934]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1625.959844][T23934]  vfs_read+0x1fc/0xb70
[ 1625.964026][T23934]  ? __pfx___mutex_lock+0x10/0x10
[ 1625.969078][T23934]  ? __pfx_vfs_read+0x10/0x10
[ 1625.973781][T23934]  ? __fget_files+0x2a/0x410
[ 1625.978392][T23934]  ? __fget_files+0x395/0x410
[ 1625.983094][T23934]  ? __fget_files+0x2a/0x410
[ 1625.987712][T23934]  ksys_read+0x18f/0x2b0
[ 1625.991989][T23934]  ? __pfx_ksys_read+0x10/0x10
[ 1625.996788][T23934]  do_syscall_64+0xf3/0x230
[ 1626.001319][T23934]  ? clear_bhb_loop+0x35/0x90
[ 1626.006018][T23934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1626.011932][T23934] RIP: 0033:0x7f1ef6f8473c
[ 1626.016367][T23934] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1626.035983][T23934] RSP: 002b:00007f1ef4df6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1626.044398][T23934] RAX: ffffffffffffffda RBX: 00007f1ef7176080 RCX: 00007f1ef6f8473c
[ 1626.052371][T23934] RDX: 000000000000000f RSI: 00007f1ef4df60a0 RDI: 0000000000000005
[ 1626.060337][T23934] RBP: 00007f1ef4df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1626.068303][T23934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1626.076270][T23934] R13: 0000000000000000 R14: 00007f1ef7176080 R15: 00007ffee1c7dc88
[ 1626.084248][T23934]  </TASK>
[ 1626.109345][ T5899] usb 3-1: New USB device found, idVendor=05ac, idProduct=1402, bcdDevice=45.65
[ 1626.118883][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1626.128017][ T5899] usb 3-1: Product: syz
[ 1626.132251][ T5899] usb 3-1: Manufacturer: syz
[ 1626.137429][ T5899] usb 3-1: SerialNumber: syz
[ 1626.322269][ T5899] usb 3-1: config 0 descriptor??
[ 1626.369501][T23917] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1626.424111][T23917] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1626.735823][T23917] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1626.743264][T23917] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1627.826849][T23952] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1629.222065][T23960] xt_hashlimit: overflow, try lower: 1125899906842624/8
[ 1630.703108][ T5899] asix 3-1:0.135 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1630.731843][ T5899] asix 3-1:0.135: probe with driver asix failed with error -71
[ 1630.788060][ T5899] usb 3-1: USB disconnect, device number 41
[ 1631.187981][T23980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5128'.
[ 1634.595513][T24009] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1634.603467][T24009] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1634.611748][T24009] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1634.619679][T24009] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1636.169478][T24038] netlink: 'syz.5.5146': attribute type 2 has an invalid length.
[ 1636.188513][T24038] netlink: 'syz.5.5146': attribute type 1 has an invalid length.
[ 1637.886116][T24047] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5148'.
[ 1638.064650][T24043] netlink: 'syz.0.5148': attribute type 30 has an invalid length.
[ 1638.553472][T24043] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5148'.
[ 1638.562992][T24043] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5148'.
[ 1638.655869][T24060] loop2: detected capacity change from 0 to 7
[ 1638.667553][T24060] Dev loop2: unable to read RDB block 7
[ 1638.676462][T24060]  loop2: unable to read partition table
[ 1638.685005][T24060] loop2: partition table beyond EOD, truncated
[ 1638.702695][T24060] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1638.855567][T24070] sctp: [Deprecated]: syz.2.5154 (pid 24070) Use of int in maxseg socket option.
[ 1638.855567][T24070] Use struct sctp_assoc_value instead
[ 1639.252205][ T5838] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1639.329607][T24081] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1639.337518][T24081] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1639.346640][T24081] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1639.355317][T24081] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1640.442525][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1640.534913][ T5838] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1640.535501][T24087] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5161'.
[ 1640.547923][ T5838] usb 3-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00
[ 1640.547954][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1640.559158][ T5838] usb 3-1: config 0 descriptor??
[ 1640.618987][T24091] netlink: 'syz.1.5162': attribute type 2 has an invalid length.
[ 1640.637830][T24091] netlink: 'syz.1.5162': attribute type 1 has an invalid length.
[ 1645.462205][ T5838] usbhid 3-1:0.0: can't add hid device: -71
[ 1645.474973][ T5838] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1645.487864][ T5838] usb 3-1: USB disconnect, device number 42
[ 1645.778382][T24121] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1646.288314][T24121] netlink: 1 bytes leftover after parsing attributes in process `syz.4.5169'.
[ 1646.412395][T24124] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input114
[ 1646.514539][T24120] netlink: 'syz.5.5170': attribute type 10 has an invalid length.
[ 1646.522420][T24120] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5170'.
[ 1646.531708][T24120] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1647.020542][T24135] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1647.029150][T24135] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1647.037889][T24135] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1647.045792][T24135] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1648.806026][T24149] FAULT_INJECTION: forcing a failure.
[ 1648.806026][T24149] name failslab, interval 1, probability 0, space 0, times 0
[ 1648.818724][T24149] CPU: 1 UID: 0 PID: 24149 Comm: syz.0.5178 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1648.829506][T24149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1648.839583][T24149] Call Trace:
[ 1648.842880][T24149]  <TASK>
[ 1648.845825][T24149]  dump_stack_lvl+0x241/0x360
[ 1648.850527][T24149]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1648.855752][T24149]  ? __pfx__printk+0x10/0x10
[ 1648.860365][T24149]  ? kmem_cache_alloc_noprof+0x48/0x380
[ 1648.865934][T24149]  ? __pfx___might_resched+0x10/0x10
[ 1648.871238][T24149]  ? audit_filter+0x10fb/0x1180
[ 1648.876108][T24149]  should_fail_ex+0x3b0/0x4e0
[ 1648.880822][T24149]  should_failslab+0xac/0x100
[ 1648.885536][T24149]  ? audit_log_start+0x15e/0xa30
[ 1648.890492][T24149]  kmem_cache_alloc_noprof+0x70/0x380
[ 1648.895901][T24149]  audit_log_start+0x15e/0xa30
[ 1648.900697][T24149]  ? __pfx_audit_log_start+0x10/0x10
[ 1648.905999][T24149]  ? migrate_enable+0x395/0x510
[ 1648.910869][T24149]  ? __pfx_migrate_enable+0x10/0x10
[ 1648.916083][T24149]  ? __pfx___cant_migrate+0x10/0x10
[ 1648.921310][T24149]  audit_seccomp+0x63/0x1f0
[ 1648.925832][T24149]  __seccomp_filter+0xb38/0x1fe0
[ 1648.930792][T24149]  ? __pfx_lock_release+0x10/0x10
[ 1648.935836][T24149]  ? vfs_write+0x730/0xd30
[ 1648.940277][T24149]  ? __pfx___seccomp_filter+0x10/0x10
[ 1648.945666][T24149]  ? __mutex_unlock_slowpath+0x21e/0x790
[ 1648.951318][T24149]  ? __pfx_vfs_write+0x10/0x10
[ 1648.956108][T24149]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1648.962128][T24149]  ? __fget_files+0x2a/0x410
[ 1648.966735][T24149]  ? __fget_files+0x2a/0x410
[ 1648.971339][T24149]  ? __secure_computing+0x125/0x370
[ 1648.976546][T24149]  syscall_trace_enter+0xa8/0x150
[ 1648.981921][T24149]  do_syscall_64+0xcc/0x230
[ 1648.986429][T24149]  ? clear_bhb_loop+0x35/0x90
[ 1648.991119][T24149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.997040][T24149] RIP: 0033:0x7f9d19385d29
[ 1649.001454][T24149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1649.021059][T24149] RSP: 002b:00007f9d1a193038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1649.029510][T24149] RAX: ffffffffffffffda RBX: 00007f9d19576080 RCX: 00007f9d19385d29
[ 1649.037529][T24149] RDX: 0400000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 1649.045497][T24149] RBP: 00007f9d1a193090 R08: 0000000000000000 R09: 0000000000000000
[ 1649.053472][T24149] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 1649.061484][T24149] R13: 0000000000000000 R14: 00007f9d19576080 R15: 00007ffd82b0fb28
[ 1649.069468][T24149]  </TASK>
[ 1649.073991][T24149] audit_log_lost: 12 callbacks suppressed
[ 1649.074007][T24149] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[ 1649.087527][T24149] audit: out of memory in audit_log_start
[ 1649.091415][   T29] audit: type=1326 audit(1735310990.671:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.312158][   T29] audit: type=1326 audit(1735310990.671:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.334512][   T29] audit: type=1326 audit(1735310990.671:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.356641][   T29] audit: type=1326 audit(1735310990.671:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.378603][   T29] audit: type=1326 audit(1735310990.671:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.410821][   T29] audit: type=1326 audit(1735310990.671:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.434089][   T29] audit: type=1326 audit(1735310990.671:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.602805][   T29] audit: type=1326 audit(1735310990.671:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24142 comm="syz.0.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d19385d29 code=0x7ffc0000
[ 1649.784329][T24160] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5179'.
[ 1650.080602][T24176] netlink: 236 bytes leftover after parsing attributes in process `syz.5.5183'.
[ 1650.384312][T24188] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5187'.
[ 1650.467425][T24191] netlink: 'syz.2.5187': attribute type 30 has an invalid length.
[ 1650.907897][T24199] netlink: 'syz.1.5188': attribute type 2 has an invalid length.
[ 1651.632220][T24191] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5187'.
[ 1651.641879][T24191] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5187'.
[ 1651.708551][T24203] FAULT_INJECTION: forcing a failure.
[ 1651.708551][T24203] name failslab, interval 1, probability 0, space 0, times 0
[ 1651.746314][T24203] CPU: 0 UID: 0 PID: 24203 Comm: syz.4.5189 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1651.757115][T24203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1651.767181][T24203] Call Trace:
[ 1651.770470][T24203]  <TASK>
[ 1651.773402][T24203]  dump_stack_lvl+0x241/0x360
[ 1651.778079][T24203]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1651.783265][T24203]  ? __pfx__printk+0x10/0x10
[ 1651.787845][T24203]  should_fail_ex+0x3b0/0x4e0
[ 1651.792513][T24203]  should_failslab+0xac/0x100
[ 1651.797174][T24203]  ? skb_clone+0x20c/0x390
[ 1651.801572][T24203]  kmem_cache_alloc_noprof+0x70/0x380
[ 1651.806955][T24203]  skb_clone+0x20c/0x390
[ 1651.811222][T24203]  __netlink_deliver_tap+0x3cc/0x7f0
[ 1651.816540][T24203]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1651.821747][T24203]  netlink_deliver_tap+0x19d/0x1b0
[ 1651.826849][T24203]  netlink_unicast+0x7c4/0x990
[ 1651.831608][T24203]  ? __pfx_netlink_unicast+0x10/0x10
[ 1651.836883][T24203]  ? __virt_addr_valid+0x45f/0x530
[ 1651.841987][T24203]  ? __phys_addr_symbol+0x2f/0x70
[ 1651.846997][T24203]  ? __check_object_size+0x47a/0x730
[ 1651.852274][T24203]  netlink_sendmsg+0x8e4/0xcb0
[ 1651.857047][T24203]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1651.862342][T24203]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1651.867614][T24203]  __sock_sendmsg+0x221/0x270
[ 1651.872290][T24203]  ____sys_sendmsg+0x52a/0x7e0
[ 1651.877063][T24203]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1651.882364][T24203]  ? __fget_files+0x2a/0x410
[ 1651.886969][T24203]  ? __fget_files+0x2a/0x410
[ 1651.891582][T24203]  __sys_sendmsg+0x269/0x350
[ 1651.896192][T24203]  ? __pfx_lock_release+0x10/0x10
[ 1651.901239][T24203]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1651.906365][T24203]  ? __pfx_vfs_write+0x10/0x10
[ 1651.911167][T24203]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1651.917520][T24203]  ? do_syscall_64+0x100/0x230
[ 1651.922307][T24203]  ? do_syscall_64+0xb6/0x230
[ 1651.927007][T24203]  do_syscall_64+0xf3/0x230
[ 1651.931536][T24203]  ? clear_bhb_loop+0x35/0x90
[ 1651.936235][T24203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1651.942163][T24203] RIP: 0033:0x7f52ecb85d29
[ 1651.946595][T24203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1651.966216][T24203] RSP: 002b:00007f52eda0c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1651.974637][T24203] RAX: ffffffffffffffda RBX: 00007f52ecd76080 RCX: 00007f52ecb85d29
[ 1651.982616][T24203] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[ 1651.990589][T24203] RBP: 00007f52eda0c090 R08: 0000000000000000 R09: 0000000000000000
[ 1651.998556][T24203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1652.006522][T24203] R13: 0000000000000001 R14: 00007f52ecd76080 R15: 00007ffd0c648688
[ 1652.014504][T24203]  </TASK>
[ 1652.021035][T24203] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5189'.
[ 1652.044135][T24206] CIFS: VFS: Malformed UNC in devname
[ 1652.169264][T24196] netlink: 1 bytes leftover after parsing attributes in process `syz.1.5188'.
[ 1655.443032][T24240] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1658.016509][ T5899] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1658.278324][ T5899] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[ 1658.289902][T24287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5208'.
[ 1658.306458][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1658.334922][ T5899] usb 1-1: Product: syz
[ 1658.349013][T24289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5209'.
[ 1658.355978][ T5899] usb 1-1: Manufacturer: syz
[ 1658.373749][T24287] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input115
[ 1658.384331][ T5899] usb 1-1: SerialNumber: syz
[ 1658.391133][ T5899] usb 1-1: config 0 descriptor??
[ 1658.419483][ T5899] gspca_main: sunplus-2.14.0 probing 04fc:504a
[ 1658.794736][T24297] syzkaller1: entered promiscuous mode
[ 1658.800319][T24297] syzkaller1: entered allmulticast mode
[ 1659.615480][ T5899] gspca_sunplus: reg_w_riv err -110
[ 1659.620840][ T5899] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[ 1659.969289][T24311] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input116
[ 1660.181610][T24316] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5215'.
[ 1661.284418][ T5838] usb 1-1: USB disconnect, device number 81
[ 1661.341333][T24329] pim6reg527: entered allmulticast mode
[ 1661.458168][T24333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5220'.
[ 1661.539499][T24333] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input117
[ 1662.757191][T24349] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5225'.
[ 1662.809845][T24351] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5224'.
[ 1662.820040][T24351] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5224'.
[ 1662.836545][   T29] kauditd_printk_skb: 8 callbacks suppressed
[ 1662.836561][   T29] audit: type=1400 audit(1735311003.786:596): lsm=SMACK fn=smack_inode_permission action=denied subject="N" object="_" requested=wx pid=24343 comm="syz.0.5223" name="409" dev="tmpfs" ino=2182
[ 1662.880227][   T29] audit: type=1400 audit(1735311003.814:597): lsm=SMACK fn=smack_inode_permission action=denied subject="N" object="_" requested=rw pid=24343 comm="syz.0.5223" name="raw-gadget" dev="devtmpfs" ino=820
[ 1663.996425][T24361] 9pnet_fd: Insufficient options for proto=fd
[ 1665.398678][T24386] sp0: Synchronizing with TNC
[ 1666.569514][T24400] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5238'.
[ 1666.977259][T24407] netlink: 'syz.4.5240': attribute type 9 has an invalid length.
[ 1667.005073][T24407] netlink: 'syz.4.5240': attribute type 6 has an invalid length.
[ 1667.700940][T24416] tmpfs: Bad value for 'mpol'
[ 1669.495803][ T5838] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 1669.656167][ T5838] usb 3-1: device descriptor read/64, error -71
[ 1669.701309][T24437] tmpfs: Bad value for 'mpol'
[ 1669.704077][T24439] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5251'.
[ 1669.754903][T24439] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5251'.
[ 1669.942959][ T5838] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1670.007249][T24447] smk_cipso_doi:693 remove rc = -2
[ 1670.013218][T24447] smk_cipso_doi:706 cipso add rc = -17
[ 1670.521833][ T5838] usb 3-1: device descriptor read/64, error -71
[ 1671.121074][ T5838] usb usb3-port1: attempt power cycle
[ 1671.925904][T24454] tmpfs: Bad value for 'mpol'
[ 1672.204338][T24464] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5258'.
[ 1672.232706][T24464] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5258'.
[ 1672.307435][ T2149] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1672.313708][T24471] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5260'.
[ 1672.532022][ T2149] usb 1-1: Using ep0 maxpacket: 32
[ 1672.564162][ T2149] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1672.596694][ T2149] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1672.606250][ T2149] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1672.628360][ T2149] usb 1-1: Product: syz
[ 1672.633041][ T2149] usb 1-1: Manufacturer: syz
[ 1672.637758][ T2149] usb 1-1: SerialNumber: syz
[ 1672.715244][ T2149] usb 1-1: config 0 descriptor??
[ 1673.155077][ T2149] gs_usb 1-1:0.0: Configuring for 1 interfaces
[ 1673.232804][T24488] smk_cipso_doi:693 remove rc = -2
[ 1673.238305][T24488] smk_cipso_doi:706 cipso add rc = -17
[ 1673.860456][T24491] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5267'.
[ 1673.950661][T24497] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input118
[ 1673.962897][T24498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5269'.
[ 1676.311857][ T5838] usb 1-1: USB disconnect, device number 82
[ 1678.405376][T24554] smk_cipso_doi:693 remove rc = -2
[ 1678.411932][T24554] smk_cipso_doi:706 cipso add rc = -17
[ 1678.667693][T24546] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[ 1679.043489][T24560] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1680.582527][T24583] xt_l2tp: v2 tid > 0xffff: 262144
[ 1680.690335][T24571] ==================================================================
[ 1680.690352][T24571] BUG: KASAN: global-out-of-bounds in bit_putcs+0x147b/0x1db0
[ 1680.690382][T24571] Read of size 1 at addr ffffffff8c61b6d0 by task syz.1.5289/24571
[ 1680.690400][T24571] 
[ 1680.690408][T24571] CPU: 0 UID: 0 PID: 24571 Comm: syz.1.5289 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1680.690432][T24571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1680.690445][T24571] Call Trace:
[ 1680.690453][T24571]  <TASK>
[ 1680.690462][T24571]  dump_stack_lvl+0x241/0x360
[ 1680.690489][T24571]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1680.690512][T24571]  ? __pfx__printk+0x10/0x10
[ 1680.690534][T24571]  ? _printk+0xd5/0x120
[ 1680.690562][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.690583][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.690605][T24571]  print_report+0x169/0x550
[ 1680.690631][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.690651][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.690671][T24571]  ? __virt_addr_valid+0x45f/0x530
[ 1680.690691][T24571]  ? __phys_addr+0x113/0x170
[ 1680.690711][T24571]  ? bit_putcs+0x147b/0x1db0
[ 1680.690731][T24571]  kasan_report+0x143/0x180
[ 1680.690758][T24571]  ? bit_putcs+0x147b/0x1db0
[ 1680.690781][T24571]  bit_putcs+0x147b/0x1db0
[ 1680.690818][T24571]  ? __pfx_bit_putcs+0x10/0x10
[ 1680.690842][T24571]  ? __pfx_lock_release+0x10/0x10
[ 1680.690863][T24571]  ? fbcon_scroll+0x3d5/0x680
[ 1680.690885][T24571]  fbcon_putcs+0x2e0/0x450
[ 1680.690904][T24571]  ? __pfx_bit_putcs+0x10/0x10
[ 1680.690924][T24571]  ? __pfx_fbcon_putcs+0x10/0x10
[ 1680.690944][T24571]  do_con_write+0xf78/0x4c30
[ 1680.690985][T24571]  ? __pfx_do_con_write+0x10/0x10
[ 1680.691003][T24571]  ? trace_contention_end+0x3c/0x120
[ 1680.691026][T24571]  ? __mutex_lock+0x37f/0xee0
[ 1680.691051][T24571]  ? con_put_char+0x95/0xf0
[ 1680.691068][T24571]  ? __pfx_con_put_char+0x10/0x10
[ 1680.691085][T24571]  ? this_cpu_in_panic+0x4f/0x80
[ 1680.691109][T24571]  ? __pfx___mutex_lock+0x10/0x10
[ 1680.691140][T24571]  con_write+0x26/0x40
[ 1680.691157][T24571]  n_tty_write+0xd62/0x1230
[ 1680.691184][T24571]  ? __pfx_n_tty_write+0x10/0x10
[ 1680.691203][T24571]  ? __pfx_woken_wake_function+0x10/0x10
[ 1680.691225][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.691244][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.691264][T24571]  ? __virt_addr_valid+0x45f/0x530
[ 1680.691285][T24571]  ? __check_object_size+0x47a/0x730
[ 1680.691316][T24571]  ? __pfx_n_tty_write+0x10/0x10
[ 1680.691335][T24571]  file_tty_write+0x546/0x9b0
[ 1680.691364][T24571]  vfs_write+0xaeb/0xd30
[ 1680.691388][T24571]  ? __pfx_tty_write+0x10/0x10
[ 1680.691413][T24571]  ? __pfx_vfs_write+0x10/0x10
[ 1680.691435][T24571]  ? __fget_files+0x2a/0x410
[ 1680.691455][T24571]  ? __fget_files+0x2a/0x410
[ 1680.691477][T24571]  ksys_write+0x18f/0x2b0
[ 1680.691500][T24571]  ? __pfx_ksys_write+0x10/0x10
[ 1680.691522][T24571]  ? do_syscall_64+0x100/0x230
[ 1680.691556][T24571]  ? do_syscall_64+0xb6/0x230
[ 1680.691581][T24571]  do_syscall_64+0xf3/0x230
[ 1680.691606][T24571]  ? clear_bhb_loop+0x35/0x90
[ 1680.691626][T24571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.691651][T24571] RIP: 0033:0x7f1ef6f85d29
[ 1680.691668][T24571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1680.691686][T24571] RSP: 002b:00007f1ef7ce5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1680.691708][T24571] RAX: ffffffffffffffda RBX: 00007f1ef7175fa0 RCX: 00007f1ef6f85d29
[ 1680.691724][T24571] RDX: 0000000000001006 RSI: 0000000020001040 RDI: 0000000000000005
[ 1680.691738][T24571] RBP: 00007f1ef7001b08 R08: 0000000000000000 R09: 0000000000000000
[ 1680.691751][T24571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1680.691764][T24571] R13: 0000000000000000 R14: 00007f1ef7175fa0 R15: 00007ffee1c7dc88
[ 1680.691785][T24571]  </TASK>
[ 1680.691794][T24571] 
[ 1680.691799][T24571] The buggy address belongs to the variable:
[ 1680.691807][T24571]  fontdata_8x16+0x1010/0x1480
[ 1680.691827][T24571] 
[ 1680.691832][T24571] The buggy address belongs to the physical page:
[ 1680.691848][T24571] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc61b
[ 1680.691865][T24571] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[ 1680.691890][T24571] raw: 00fff00000002000 ffffea00003186c8 ffffea00003186c8 0000000000000000
[ 1680.691908][T24571] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 1680.691919][T24571] page dumped because: kasan: bad access detected
[ 1680.691934][T24571] page_owner info is not present (never set?)
[ 1680.691942][T24571] 
[ 1680.691948][T24571] Memory state around the buggy address:
[ 1680.691959][T24571]  ffffffff8c61b580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1680.691973][T24571]  ffffffff8c61b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1680.691986][T24571] >ffffffff8c61b680: 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
[ 1680.691995][T24571]                                                  ^
[ 1680.692006][T24571]  ffffffff8c61b700: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[ 1680.692018][T24571]  ffffffff8c61b780: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[ 1680.692028][T24571] ==================================================================
[ 1680.699067][T24571] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1680.699083][T24571] CPU: 0 UID: 0 PID: 24571 Comm: syz.1.5289 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[ 1680.699107][T24571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1680.699120][T24571] Call Trace:
[ 1680.699128][T24571]  <TASK>
[ 1680.699137][T24571]  dump_stack_lvl+0x241/0x360
[ 1680.699166][T24571]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1680.699190][T24571]  ? __pfx__printk+0x10/0x10
[ 1680.699212][T24571]  ? preempt_schedule+0xe1/0xf0
[ 1680.699236][T24571]  ? vscnprintf+0x5d/0x90
[ 1680.699258][T24571]  panic+0x349/0x880
[ 1680.699279][T24571]  ? check_panic_on_warn+0x21/0xb0
[ 1680.699303][T24571]  ? __pfx_panic+0x10/0x10
[ 1680.699326][T24571]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 1680.699348][T24571]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1680.699370][T24571]  ? print_report+0x502/0x550
[ 1680.699396][T24571]  check_panic_on_warn+0x86/0xb0
[ 1680.699417][T24571]  ? bit_putcs+0x147b/0x1db0
[ 1680.699437][T24571]  end_report+0x77/0x160
[ 1680.699461][T24571]  kasan_report+0x154/0x180
[ 1680.699486][T24571]  ? bit_putcs+0x147b/0x1db0
[ 1680.699510][T24571]  bit_putcs+0x147b/0x1db0
[ 1680.699556][T24571]  ? __pfx_bit_putcs+0x10/0x10
[ 1680.699580][T24571]  ? __pfx_lock_release+0x10/0x10
[ 1680.699599][T24571]  ? fbcon_scroll+0x3d5/0x680
[ 1680.699622][T24571]  fbcon_putcs+0x2e0/0x450
[ 1680.699641][T24571]  ? __pfx_bit_putcs+0x10/0x10
[ 1680.699661][T24571]  ? __pfx_fbcon_putcs+0x10/0x10
[ 1680.699681][T24571]  do_con_write+0xf78/0x4c30
[ 1680.699723][T24571]  ? __pfx_do_con_write+0x10/0x10
[ 1680.699741][T24571]  ? trace_contention_end+0x3c/0x120
[ 1680.699766][T24571]  ? __mutex_lock+0x37f/0xee0
[ 1680.699790][T24571]  ? con_put_char+0x95/0xf0
[ 1680.699807][T24571]  ? __pfx_con_put_char+0x10/0x10
[ 1680.699823][T24571]  ? this_cpu_in_panic+0x4f/0x80
[ 1680.699849][T24571]  ? __pfx___mutex_lock+0x10/0x10
[ 1680.699880][T24571]  con_write+0x26/0x40
[ 1680.699897][T24571]  n_tty_write+0xd62/0x1230
[ 1680.699925][T24571]  ? __pfx_n_tty_write+0x10/0x10
[ 1680.699946][T24571]  ? __pfx_woken_wake_function+0x10/0x10
[ 1680.699967][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.699988][T24571]  ? __virt_addr_valid+0x183/0x530
[ 1680.700007][T24571]  ? __virt_addr_valid+0x45f/0x530
[ 1680.700028][T24571]  ? __check_object_size+0x47a/0x730
[ 1680.700055][T24571]  ? __pfx_n_tty_write+0x10/0x10
[ 1680.700074][T24571]  file_tty_write+0x546/0x9b0
[ 1680.700103][T24571]  vfs_write+0xaeb/0xd30
[ 1680.700126][T24571]  ? __pfx_tty_write+0x10/0x10
[ 1680.700150][T24571]  ? __pfx_vfs_write+0x10/0x10
[ 1680.700172][T24571]  ? __fget_files+0x2a/0x410
[ 1680.700192][T24571]  ? __fget_files+0x2a/0x410
[ 1680.700214][T24571]  ksys_write+0x18f/0x2b0
[ 1680.700236][T24571]  ? __pfx_ksys_write+0x10/0x10
[ 1680.700258][T24571]  ? do_syscall_64+0x100/0x230
[ 1680.700283][T24571]  ? do_syscall_64+0xb6/0x230
[ 1680.700309][T24571]  do_syscall_64+0xf3/0x230
[ 1680.700333][T24571]  ? clear_bhb_loop+0x35/0x90
[ 1680.700352][T24571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.700378][T24571] RIP: 0033:0x7f1ef6f85d29
[ 1680.700395][T24571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1680.700413][T24571] RSP: 002b:00007f1ef7ce5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1680.700435][T24571] RAX: ffffffffffffffda RBX: 00007f1ef7175fa0 RCX: 00007f1ef6f85d29
[ 1680.700451][T24571] RDX: 0000000000001006 RSI: 0000000020001040 RDI: 0000000000000005
[ 1680.700465][T24571] RBP: 00007f1ef7001b08 R08: 0000000000000000 R09: 0000000000000000
[ 1680.700478][T24571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1680.700491][T24571] R13: 0000000000000000 R14: 00007f1ef7175fa0 R15: 00007ffee1c7dc88
[ 1680.700513][T24571]  </TASK>
[ 1680.700739][T24571] Kernel Offset: disabled