last executing test programs:

7m37.707529041s ago: executing program 3 (id=577):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x3e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000140)=0x2f, 0x4)
recvmmsg(r3, &(0x7f0000008880), 0x483, 0x44000102, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioperm(0x0, 0x7, 0x7)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x1}, 0x14}}, 0x0)

7m36.172183653s ago: executing program 3 (id=580):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x100000000, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
rseq(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x8afac50bb56c40cb}, 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000080)={<r2=>r0, 0x6, 0x4, 0x1a})
io_uring_setup(0x63fa, &(0x7f0000000300)={0x0, 0xe3db, 0x200, 0x1, 0xb6, 0x0, r2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000200)=@mmap={0x7, 0x9, 0x4, 0x0, 0x3fffc, {0x77359400}, {0x5, 0x0, 0x81, 0x6, 0x7f, 0x8, "14f31d90"}, 0x101, 0x1, {}, 0xade})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003b40)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}], 0x1, 0x4)
prctl$PR_GET_NAME(0x10, &(0x7f0000003bc0)=""/141)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x33, 0x5, 0x20000a2e, 0x0, 0x0, 0x3, 0x2000000, 0x0, 0x3000000}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x40d, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x48c50}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0xd2a5, 0x9}}]}]}]}, 0x48}}, 0x40040)

7m34.757161657s ago: executing program 3 (id=586):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_PREEMPT(r0, 0x40046109, &(0x7f00000003c0)={0xf0, 0x0, 0x2})
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000080)=0xffffffef)

7m34.507737982s ago: executing program 3 (id=589):
r0 = openat$random(0xffffff9c, &(0x7f0000000840), 0x82000, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000880))

7m33.199361501s ago: executing program 3 (id=593):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000580)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x3f, 0x0, "bd1c790806ed6dcd18899f9ea77ca9fb5184ff0ba54b7dfe784d2f6b7dcd9474d9b295588ac0b991d5c66461fca3f1ff5543acc65c52d0ad22d692e8db58210000000072ff3b00"}, 0xd8)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000200)=0x10)
bind$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@my=0x0, 0x1})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000680)={@local})
close_range(r1, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], &(0x7f0000000f40)=""/4089, 0x3a, 0xff9, 0xa, 0x0, 0x0, @void, @value}, 0x28)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f000000e0c0), 0x10010)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x400, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x0)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x9587, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000200)=@gcm_256={{0x304}, "00e0f07600", "832b4d2434b35bca8c0b78d2afff6d70d2025c7f53123828322d5af0d5c6c3a5", '`\a-N', "298f0e6df9ae9b3d"}, 0x38)

7m30.794927323s ago: executing program 3 (id=604):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) (async)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x200}, &(0x7f0000000000), &(0x7f0000000040))
mmap(&(0x7f000075b000/0xa000)=nil, 0xa000, 0x0, 0x11, 0xffffffffffffffff, 0x6340d000)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0) (async)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = dup(r1)
syz_fuse_handle_req(r2, &(0x7f00000022c0)="9373c576d47f2830a1e9ea6a4acdda4bd65cfd8106e0de7e7d3e0f845b7d203453cd949910c0286bb9cce7cf157e03197abf3581ef3d9c234e6bae325f4f7dc42d0552a16311fde3262725e6de0f140a69820896cb8174035a7ffc04ddcf75e13c054c1de738ac2b33c684443d0bf1ee784831b99ba614328340c1d76e1d89ccab46a692d59a6cccb5e5404407ab1afa4d62878e44edb6667a3a12cd6c5a09c0806a4ee64218d779f57a73acd5bbe673d628d9be3a66cc5b131991af983960d513ce9b48770d9475e1935ff8592c1e5e10d731dd312054e012a78a62b73ab8306e5867d695cdac63a0847cd2bba4e738100de41d1091da46e59c0f9c3c0186b078f555f0d93c5e76f8d84dcd1963c1a30e37fb6ae62f65cdd1c9f84d25fdefbb4150cb76f6c677ba3d3351f47e43e541a7bc266fa3d8b9f52379e655045ae21b9212ec4667655e1e1c9deca3d35dd88019b194894cd3cc36f58f7e4078bea90e1dfc5d948084d770969acaf47b916da95570237dfcd809d67ce06d6b60285e129c81e167b06b6b6479d3ee736b2315dddac357d91b707b6f0ccf22cd945754d6835608d8855d8221080ef9aae8519dea73df385735dacc679223054df37e1ff7f2d10c253eed0d7992a81188b039489bca80fd287232b59be785fa911a4f6ace2e3c63f27128d5a8838afdbef4b4bb05358e2fa8e5af06cfb739b997822783a1aa689f655585743e4120b00624d25969a167edbaa1ce2873579e166851a30abe789383e041b23ea698dc8491a6f0e7627a4cd7079909189745ecc6a9b77757b5bb59bda2604a2ae28317841158b7830bd4976406b9e524c8fd3a24e6998a1d6bf4df27680975046e20dff9c90d530a7f6a1a7d64745e0355afa61e26719bc5c177e90a333e2544c2a263b083ea6341d8d2d202d1a44d8eb9cf27054dc3e9e842e22c65bbea1954a29632b601dca961bd588cecd35af960dca00512d6795d32daf0c0fd2090e105002d16674258e46c9840248aa8cb521f90b954807fa63905f4e27012d3c3defe6b8128ca013c344ab830b5cba7df288f4fe395586918fe743b6f837571c0bc28fc4a2be58f52699a59ca8327dacc21e08858d3cf484085a76d373db064c735440906b6966f946f021a95a970b4009693504e233e3ccc5e2055bbe1226cd5456db91bc2be824e9faf67c3a077cd333a910f7e93b3c013de67fb0129873e42175c1da04a073e4a5a2d2ca3ef490e976e42d538182d1ec6fc0e4ccf3690742aeb184188009a9d6956dd6d7d9d59ad0cf81b683c88b8b5ddcd7ed4ebbe196a37036bab57bbcad9ab9b6a01f476b6b28eb64f493114722fc085b77fb9b5206c58326af7776bf98e68e707874a143ef9f899b781e19a82c86bb6f60919218b3b1336b69864a7c8eba2bb16dfb739492e443e4d0b3aa4f65f59910acd0e388e5004624a985edc4040bbb6e8e81ba8dbab4c8d23ba1f4f78d80d72608d2bd6a965c7d99b7331695b8082892171ed356522967cd12b8f0047b0beff3d3056f89be2ddd63e16da4be133f0876456e4ea8a081bdb1525f2d55941a9d14059d06205cc53a879d2302e99d8926c480963eee3290c6a8bb3bbb7b258e15519a5bf27d08ac1d515dab2bdaad30fad5f8898a63d2a7d43825e2d4eaa5214c10b99c63b3fb9f736da9e7fc19a116c61d8526b50c4d2505bcc69e57ba26363c8075ee11bdfbf27932570292ade8082ca052299371a94cb5b87199d96916a292da87e7154477c1e3c5c5ae5911e6c2bac8fc8db1cf33088a2f086c06af58bd48afef80c1df4334798e0e43df1a5d308bb4f6359fb0ce94a653feb9d70b3ba9eee90d8a918c86b8c518e51d18791d0bc7a0aa0b2b67f74b8e66a54c8b1e802ba877d03e2ff09280095e75254590284e409b86ee622a07b0a6c2521ac32b5fa3264c3d3da595c4bc444d75f50d864acaa442b0addf73dd1ee3430d1a5ff77da5d3ad980461352ab5f5074916a522647c8e46fae4e2fdbd021542663fef1f9773230021a6abb131270eafd9e20ecd1f8f1c329cf393d0973f4894658323281adf0d45cda7cf38e06eaac796cb4ecb9edbe90f4aa4e2a29762e69695e885649a47c9016d4582aab457fe49c0f193833fbc0069a261ccb02547439a599e29d46fc39a9817b87f4862a34f34d47428b43a1263e8cf36fc2cf83ea97e212f9af206559bf3a09197a68651bb45cb75696fe1ba1a576dbece712c00544d26feb534ffd87b38424c23ef193ab6f7fcefc909c8bbed166343d2c2d4d674ea122f74ab85b15efd7c7a77473a4de540483feec7370b11a4dde7cb504a8d8e8fef7aec8b0721f0ad156e0865d04ab89a8613a0180f9637fabc6b5ac35e927307c0392b102e5460614c6a7ea12b9a75f6b00aedf25e9ff9686e704f4c42eee850ff0737a2d7ac9311df9323f095c1b6d5b7687cb0b141a38ddc0c95f1d9a717560352466459b42d735b4d11eb5eb4c43441b1b332a5952dc19af7b965529880142ca5ec38a47bccca060615b84fa8a4fd8245a7dafb35d12fcedcc4bc7d686005c32c3e5efa66a2d9c6e0e4e81f61610070b3cd72fa22f5ee2d340330e33c1a3cdf94de80028484a24e730346430fd619fb7000ac07aaa167b5f40b66e79359bf63f38f11c7116bcca7252326074e54833de139c1dc116645331c2b45dbd091d3fa2f4b1a6115e41f3f6f7442091f96639d07e40986cec2aab840c60fb16eb16dd701323033a81e0828ec6bed5367f0f83d15c9435e7eefe75fae847651c25cd81173364da574ec26a6040613f8872c6e55fc8d727d7bef53bfbf16f11f7904c3f0076ffa5694ef4b823d31c0b7cebe507ca874aae0e7fb28684e4adefd63f72a6420d14ab5c8955f7846b8fa9c51386a063b62fbb7c0be59bd99d6acf7983d1a80a57dc2a9f87b9ed79e05a52b283ff6d101f7dd2ad375fd8eb9838c5af5f7f6e9062867cac3346333afeec788e185db2e73281e4c12fe37040b23288d96aa2fa82554706fa242b920254c6e0a36d83e338ca7c9342afa3af393421b54b0bc75a2c8e33017781506d6cab2b19797166d49638f3cd48b6d51de0dd090525d6ccd62523cd3d201f704e6ec2fdf3a7866ae5d901afafc10be715c0baf30b3c8520327a1b15f04bd7c6c61c6f5bec44712a518004a6d58b729ba1e6154509187171bd9328784a46e2904b1c824f73bc8038ae7a02f6f909e8fabb6ed0090533ad68e99a7c8930f51494782d6ff6669636aa72552232fdaaf30f3cfc782fbd984b237713dde3a985ad29dfcd18a7c7eae7de482fd662f045d86579b6d9fef5c428e3349177651915846d13aa094e2311f3a49b8ac38cdfcf894cf6aed1531501905a2710aabcc8a08dcf43d29c372c132842c755ff04fa630d21185e4e1b9c66a3cab5a71eb922fd704c11be88b617cc5b12d39704bed631d56324aea0ba5eda1c3f60227e391c1692dabc4d15423903877584d62fe448e7379bd08e24307628427caa1dcb1d20c57ed55a67f21b68f084b8ff461739d706af2af788d1cd19f661b1cc4532abb834cd6691982a36d6037fab413cd4c1e537708d15577d7e665fd25ea9c19d05317ae96b89812da54085423139462fb1711ef48a8f6175d5128c63b8c2a6bafc8a4b6d5d707d5db8b8305e308340eb04ba687ae925d03c299f573726dfbe2f7ccb3f3990894dd2e47ae1aa2faebcdc267399c70bf2f758f92563839ae6a99e6fe9682480d0613d7a19298830bdde406639d48628a9e13c6bb1afe5d04d1f312aa4811cfa9af9b9a1ce206611dbd525f167595c4837aaf74d66774ccaa3351d806a0978089e229a19487638cf2692a363fa4bf9021b6f809d1ba4a682f7d91e35df6d12c99e245404d4e4ab26b574995e60d0682d0f8f88a86674b8dfe58d7a19b058571d97a2b3ea468b5c36470539fff36e09ea466fa2305cadd055d0650a11e105a8befbd7557025eccab738aa714cc63c62fe2b447538e1c5a575ab555b1ffc48e4baa7ffbd611984b7b438c64d8f88fde70e4485c267d129a21cc4abb8354b9df9c606a820b0e62090e5a0e1b52985b43af4ff5957d817274993ca2a450c1b882e403861edbe8f5b0ef6ef08dc9c19dd78617c4990fb12654cff449bc1e9ece6fe65f6c1880456988e2d002381216f7ce696b173f7ae65f6049ba2533a3e06ebc66ff241f91b5e591ce75567c2fd50f4566eb76f76b01bd8d160dfd04f6c03871b3cd5b7a7adb143e66dd7f7de1898ed8e2b28ed40f16b77ae61ced32ebc5cd01d7aec9745a074c2878b76e94b504b86bb7bcc385c12c563cabc58c63e55158649c6385bb1dc33e323542c004a53f918a1784c1f08cc98686874d503c892124412bc651d5fdd29667da5bbc38f3225ac73dc4278ccd6577b3583fa6a7105c3556378a76ebc996a51d4e459986c9e6cbc2a0e1e8326860fb97e39a73de6e6a36e1fc3762cfe975d5a5882d9f9dcb72b0f12bda1ae36004bf314d09daa0566e8863ae8dfd901482c7196cf3f2fa07c5267d0233632eb285b8dbe6deb2fa04d61a90c6fe38358718f1026b2577e79aed8cef6b8674a3a1e7ee2f30291f3d6ac65757426cff5ea90d9a3098f3e203788418ab0c41e1222585d9613348c0821829ab5e82924e18e0e11d2888937f3c49516b8195525e3e4ab18c08d2ac1936ab659c38e599e6752a489fe32f14ffc2938a10e896436b9f9cd80d9651a2d4a3529c00ce23f9da124dcb0448e1ee96f6228637b72214ceec6c551e245633235dc408b7cca0b7ef6631361b3b17c88346a6574cd40aae84a9e18473aa6a54963aa4ea3147a26e673f34b72da71b7e4188aad23056d4b07eb65e05d03cf04d83518d9ff0fcab9bc5f0f4f8402a84c97ea398d64cf957e6ea241d372cf8e5a7bf865eb194c2dd6cb57e3d148ec735e4fa15825019b9d0cc83b5c6f99d9a3f0dd9d8a9436060e2f1a5409c97a8cd9e30b6d90ef89ded6f16f60f1fdf625a34d2aff0a236f3ff0a686a71678f1ebc414580e2a91fe804c999d1c8ff404156d2bdc7232cb81dd280b961efe430534a8e2918390baaaaf3245c915176d7d5a5e12c29f692dbfbd4b5e1cdd66ab1067473c120c63ce174f380a2cde938f545ea65cf1172cbef980f55fb9918f3a88d86dbc4c7e8527c646f89644da0828762c700a43c68a80ebbd9379069a26d2fb6a8fd3a594b6a467448dc746ee408cb3db4e47baacaa9df236c2d36966c98f46dba88bc867683e8573ec0c31893567caba86a2b709effde3c7483ded2a3bac2447b3e7f3e797d1a8445a4b5af1ddf38bc7251b9c3687fc94215f1338c7d2b9caf25c7ce9ba54b5a448c4b0dd505555bd8e5d768d11d37976c4c6b5cb71a91d6e8cf5e37dca7c5c8a3f6326d971cf7206af59b043f85b8b3a0bf02f1df58e1f042ac8c5aa55200a9978968f56d03c7d26f83739d66730f62f1fd6023ab3a6f01087ea9c32f927aab7708169703e36c441249bd345338efd83ff785cecbbeca462dce7dd50b6ad427712d51a439d3da7fb15032e50b634dfeb54a096fd967f9226a91dc0076cff2b8f7422c933ff67a6ab6085bd1edbbe77b049842a696acaf0d142f938b71dd50d1865570ec12f2c1a718c3edbc0a4a7f3bb4f7e6a03959c971b7c360fd6226e63ca247231878c4283e7cbecfd4b9d363be6236b40bf4e3d50cdfc7e0a3326e3ab02026c66ff9ea72fbd99f734b2029354c56e02810feda0da5865dbf461c69f38490c4235570c451bedfce770dce2b696a8b8162e7ebc43175e7a0ea8519c1e5d27d817b96b796527f8a81ba66235ea5611a7a8b0e4609ab609ffdc42a66657b9d5061046622cb09c16b4d4149c3c1c97eaa716071086b727af0538f3e26fc58d7dcf9816797bb0f1bacf08c44f82812f1f9f1e6b3941e142dba3f794b2e170df8f1d9a69ac1403fded85bbdf5f7099bfe8dad23fa79aaa770df29d97c981a9d5c6e854b108fcfa1e4f779feb50e3dbce8e0ec411a05069b4f3de488a5946cc6d3ab4e6c3450cbe13c48c8779d660a25a215e9d78cbae5e3ded769e929102419d7f73eab12fffdbf12c1c4439b7dec4d6e1c4d5d5cdc82ded0a6624bf9b1a4119c7b17b340a45546b94de0893fe50c48200914a305f93b86963a0e4da5873b45eda030471205bafcedf8495aaded998b37f86eb50803d332f1954250560b7eb8e9ed55786013ab65745667669547adfce7d9bbbdbb80c4a1f290b9851df1899a7d74dceef79e0f8bdd709b67cec3efbff986effb50b079bb41c8395b2196f8d1ba7b52f743c75be073b13ddcdfce2d79fff6620d51d52051484d721eed9871b512f6a44437dde5eec9ca9c6e2cb587e2dd43f45406cf5a15cfb3655f0a2fd2652e1632907afddf865c9f60d98408e25b7c2da4ae359c59ee5bde24c8ee6d58c32cf4427d07732540a9e7233bd6d5079f2e7049e541cf9f0ac342654fb568cecdc3b39d39704fae39e7a4842e563430efc69461c7ec9a7dd70e8caeddeb56db48ea772c2d2bca2169f344f9e2f788eaf9a824544c3bf5eac7ccb5d8ec8d1c2849ab5ebedebee276df1c91188d708f40bb1fda0576773a2140ebd215bd830f3b328dac0d113e8fd28371c107b743496ae425fee7c4cacbcf85638e5b107180a9c23d7b0276a2e712f935d382af8e704c59ec24f6614d5d62cc80717568433539caca50fac8201ceef1bc959ebbe2af51e05f8467155c935060ef2d49da95290e5fcfc6d55bebc1ce75c2c04fba572242c45f2ffcf6249901fd408c08bbf79b16db5d55c44f7f75cc38b6a79c2abfe8094750da283cf6a22aa62fd3c09fc3e162540db3cb5a75017183f24d311a4de315b7beb004a73e86eaed77cc2d39b2b30b048b04f09618b87bba1fc6f44c43f58c7d5ed44ea8e801bdf0415d3e12f31ba2c2e0e6cf773c39b4fd8990f9645a79599665f8bc0bbb31c157857edd024f2490ed26278d461acc80da8ecc5b45928f476b3ba24f030a7a0678bd700ead3e8e8f58945635f9da85b8bd7dbcd9090e0b1be1baac301a8a862a049e7823d8aafd29364741ad5674e8b2e712f7e80aaff13211a4861eb658f4bed182761abcbd7c49df653c735ea36c2f3dd17a85089e74e907e6bfc2261c657d104dfc1b71515003fd4fb21740cd808985be7e68e87a251516d1bf5326149fd7047628c679b321ad1c4df51e501adc90e460cc41fd555bd43fa80217c229df17314767ac3b4a204843cdf1408f950e0d378cd8a5b142a51e87322fb326227296c788448fd2b99cb8a961a141562c0d5257e7648904e7fabac1333adc1136db34784feed0aecd29472d49f3222c5b596ba8fc09ad33367004677197ff79e098a38f673daa46ac6dc831d257df7add2be3f9bda752f6262978377cf8a271ffb54d8563469966153654c730697aef0cf15536a5a705a457fba849005cb8249096299ec938a56b19db23cfcda1975d362b7820929a2d6df628606fce4cf13e1a72e182bc3c9b069948371682f926751d3f5eb2f3c09b99e19db9f0224623549e204d1a0723d6bc1db3efef77cc878332f391839a14e4a92915120ca0a51a7ae36b3d7011aa96d72653aba4067d6df393f844ea019711f36d8cf4a763cae77528a70b4dc39594ad4c59806bdcf67f32abfeab5d7f246f4fcab2e4197399de380846a3723bb8045cf65a5eb884fe854112a86f36c571092e91e2d0f5dd5eaa60a33646d37529435fe641848f7c722e18225c52b3465b79ee3c38eb27062100c77c8b2c2556fbca5611d8ec692e4c6fdeabb4b2c7166caae3ef6eccbacffc752620ce58eab582a954c8e8d8de708da2d2e12170b86b147e47fa51465f721cb4a1d73c9425a091476bec8570f4b5f446dbb3d3205f3f8535a901a529e1b2c303b10b4743ed2b279946971ac3f141df9c984d51176001ff3e76ad5fc584759682d077f1c523f9b4d1a22562e487391403cdd702a91eea96b3255c0f6b9253d8a37a69011882d62d087343617a34698b0ba4f5a23cb9cc3c7e0ec26170522b301c83c27303217635ae127177df220e91e9f914993b043e7da559a8ca99f6ba9cc0bf1039e9b69e61bc534eda26aee72dde4f7eb07dc3bc1ada8604f4c8b6bf3fa8408ac923eb07d63e338af4e25cc857772cc4cee31399d000b250cc9a2f93fa5d96b9e03cf2b5f70b780d269c16bde218c08f8c6754f452b5efd4cd505a666007837b84a0e7e6155b2ab5c29328b7518781ddcb3651dd03977d9564bceded5866468101589395d8fb4adf667c6a5b3db210a2607de98430cbf1423f53d45df9f43d3e76ffd098b76a4851d12f93361cf3c90bf01267be2712d7ca85d2b2c42a522e30c895554b859d4c6d8325ee8b7a5db0b9b7b40c4371c6ea00fd61ac7a8cefa9d532cc33ed92e89bb2b240e82eb2c35f8764069d366aeec73783747fd7191cdd6452095cbed554cbbd547e9064189054a76513eb4db06529d033719a69de92f6f689fe316950c826ef856095bd2e62544f2616930f671608e66f0e65e6a69f7f7378412ecb9e3cf71caf752f2e293b704f1926f273cf159d5aee1c69656852cc06c66fec7e37b29c21695cccdc847829efce47f7336003975390f9a949b818f41d09e08d5d9769a94681cdeb3a5d3711fb43d87ef040bcdab99c213c56c063d2df0b4b236c3d9584ea2b0dc45200dce55eaf2f5af5170f5499a82091afeabecb05a015c308f592ff5d3b8a88a71b0615f16117d4ea812eaef19774e8b19f2b58f7fda4ef23ecc85e04d4fea37c17152cfafc92ce331c1995fb8846b68ea1934b415c880052180d043a1c1aad93dae6f3e00d60f3e361faa0cb28f6c2790792f965bfe7fa084623a89b5a67db15758388a92343ca6de75f9a985fd79bd5d9a234d742479cc8ad898770c5910d07c0afa408be7c8fac60f7e5c1a6a63fbbfed85bba28cfb56430126477818d038743a7c17c849a2bf758cdb790ea200bfc74d502e313b94fdd71938e8c45edc1f0c0e4ddc3001d8a6d5e59ba65e0a161d587e3e10228468e660bb8c9f145b2ef2e7f90e36f46503f76121d6a523a8574346994586a0f9705704031b5273cc0d7e3277c9c863c01e2c6906328641a2977e11d61871759f4bdbdd5dbfe157e01d01663bfddb975d7392fefde0a8d68a94cad604453a3eacd3b859d547b671b1b8cc3726a9f3b63b4363764efc79a0cceded7f5f927bc8552bc7980be6833e107723cc6c84cb129cc3b6bdf3034a5fcf6e267f51f58cb6567216d5673124cd947f65e99393998eddf8df7b774b11ae5357826149e0406120b3b54f13cb53a30470a584c538fb0de041d75c959e297f91bf6d21a4aae4b7ab5f37cbf8fad3d018fdd2a5ed9142909a6b8b6e38a89fd8aabc47890305846043ee918aa556669eb0fdf9b110822fa292aca4d8b9913a81dbf2847713ba7a9cf22de6728be3ec3bef75208bc837426b206da7573d7954610d60a900c2b99a676c95f8a2049a9aa31f553c5283f5cdaefc8f4fe6ab0959a36aa58907a369ee8f4994366b574b8259b3d0b5d8a45a302c345b24284f1fe1397bcbb77823d604f4126cd3bca644d03149575f9de0bfa88c46a4d3d983fb00fb8c9b911682fc04a5618e028242d4509949062f97d221a455e339a3d76ec7eaa939fc697e1e47a8610ee319604cbbedd2592d9431d187e016705fe9d4fa207de20f2b011fb45c93fa8c81c539961e54d0fd4217c55a2f3c18f3523eadc4a180d049d65b6dc83a05670967f66307afb4f9e97a38518444906c283db5a1080270d002abbde736cb25bc9ee8efa6fe000953521467bff42b82c43eb2a2724e04f28e3baf3d6edbf7687d001d44c08f263db33d2d6cb74e9ee99b3f136bde3eabf9a5b93daebb9093185217e3ef0b734a1db4d25d8d8316d95d539341f55742fd6f2bb1f7164e1d2bfa299d8b602743a193ae47fafe2e42ec3ac4133fd6d9ef2c8672c9c86935b6513448d7218131996453e0188e02cc145d936118f48d0063ebabdb2e13dc34dd0c5f51289c93791f24389c620633902811fde3a57159685dc55cb9c046acf4c34c50354237f7f5bb7e5f8d5a33f86da37f6e2fbe433fb83ce17d233f23c268bbe6e6928b0927a6dfe96f1450aec0ee0061c8e360e9e26dae195e08506cdc8231c4a6b11fdd8dc86c5ca57541a830821f32d806fd75448545287f9a13c0350b69d8e22e23767e9a6d21d40a8c0e542a001e8803e88b8c7c692ffee86f84b670bdd2ff2c8ad19d1034a44aa9a3b3eebe3ec036abfebcbba89cadccf9a757d4a13e907650807ab4803b2e385ea0d182df865f961b9644e39ea09802a00ff0fac1e8dc53a65a0ce2da748acfa5c8051aec2b840030d727082c3af208bd86a296a53502edddf64e5fe54ce6455eabe3eb818e0d3994ad4cc4e299005db468197f57672c061050782e00ac2df7a5111fe48db36bd996d916117bf1bc7aec29ec4a7a6aa824d0bec0c6818c8d7ac72a6ebb9589603ccacc2fe1966dc993a911ba2dde36a9c3d7c77a4a2f289bebb735e59dad0a11da161009b287e8e93fb5a042c7e4deb32d6488c3aedba399f97ddd2a86903ba6f1d6816223433cedf21ee0e87c1d650685916adfee932c1d28e862a8d53ab54d3f276a3f72a612a5744d55609a2589637dd494ee62baa9a5011e0d0e17c8ccc054b50323ec02852dbd740dde405dd7efdd9738da0573c4de4b3fce7ca7485fd27893bac5ea20866e3089e376c1ab8044d61714c6327b7758a7db1a1326ac7f9356811feba6a2e2bb11f655c23209ac8936d6200e7408832cafa4ae6648c143a1f0194f26521d2c32a0c06e7a559adfe7b4b1b75b47aae0449c927a2bb95fd8fd093dc44bc0296c3768a9da07a398a1e9b265665fa800baa665f5af454a55ef348c694920e2a7f48455acfee2d961f95a471d4e08ff6e06477799e999b06a634de3eba8c77bebbc21bc38a0a092417621387de0a908022cab0242cda0d67d7f2eeae67b4d4c9dad8b2579553f2b06ff5bff5f05f708de02b81ab5f585e2ba5862697b4ad874a7e2294014df431a81a1afef782b81be5a2459384a836209407b5ff2c622c4576ea2c3c6bbc484ed641b5fff026458d51fc4d117d33cd135ff6bb7efd5d3d06fce2944514e32efb5643cf5e4d7fbd36ce1d01b1ab2c8d7a1b86943a4cc1b03ac15a185ccbe95a828309e97484a263100c7a8fcd868c68867801edf188bd8bf88819ce902233510d1ef62c6dbff8c24300d10b296138cc68832a5da7e5fb22a414101185ace0f2e9cb281f644dce277208fd5ec2a66cce2708ccdd3f021335f83f12a8033a18634131a12881ea1ac6e48087837e8e7a65b351ca2b3ec04acc13f75ccc05413fcfa7f0d264205b160c57c753998435b5ef3ec3518da720f69b87ff1c8416ebbf8bc6ac16d85c7f13ef8b41740dba61e3e65d35527938570da4ec4fa4716771832ff7f6f4601f15da51158848ccaab296499bfa2b25b866942d6fee8c4391e6c33d7f7be63e88b83c4368a18742a635e5c49b8812491abe7fae8d6f10e8e8f2890083579a746dadda7", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000640)={0x60, 0x1, &(0x7f0000869000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0xa1c9, &(0x7f00000005c0)=[{0x4, 0x9, 0x8}, {0x8, 0x7, 0x4}, {0x1, 0x9, 0x8000}], 0x3, 0x80, 0x2, 0x2, 0x0, 0x14})
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x672c0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x541c, &(0x7f0000000040))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bec9ff10cd0631016016af020301090271754b850e1476a909dbd6f67b58d7c061096df5496897fcb3b5032bdfe7e124b5fe8b15887978af416b10a57f417a57719448d3df663b97d5e7c6d2e2c8ef7116132cb2ad38c5837aa4a1b70e150c58e412828aaddcba152da1c0ce4a5a8cdd22b9ff2fecb04a9b56f6834cd6fe987d8c41c0008ef1769cd000094eb8", @ANYRESDEC=r0, @ANYRESOCT=r4], 0x0) (async)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bec9ff10cd0631016016af020301090271754b850e1476a909dbd6f67b58d7c061096df5496897fcb3b5032bdfe7e124b5fe8b15887978af416b10a57f417a57719448d3df663b97d5e7c6d2e2c8ef7116132cb2ad38c5837aa4a1b70e150c58e412828aaddcba152da1c0ce4a5a8cdd22b9ff2fecb04a9b56f6834cd6fe987d8c41c0008ef1769cd000094eb8", @ANYRESDEC=r0, @ANYRESOCT=r4], 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101800, 0x0) (async)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101800, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(r6, 0xc0045401, &(0x7f00000000c0)=0x111) (async)
ioctl$SNDCTL_TMR_TIMEBASE(r6, 0xc0045401, &(0x7f00000000c0)=0x111)
syz_usb_connect$cdc_ncm(0x1, 0x7f, &(0x7f0000000180)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6d, 0x2, 0x1, 0x46, 0x140, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "55960d9a08"}, {0x5, 0x24, 0x0, 0x8000}, {0xd, 0x24, 0xf, 0x1, 0xc39, 0x7, 0x5, 0x2}, {0x6, 0x24, 0x1a, 0x69}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x7}, @network_terminal={0x7, 0x24, 0xa, 0x81, 0x0, 0xe, 0xb}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x5, 0x5, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x8, 0x8, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xd9, 0x7f, 0x81}}}}}}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x300, 0x7, 0x9, 0x9, 0x40}, 0x5, &(0x7f0000000240)={0x5, 0xf, 0x5}, 0x2, [{0x6e, &(0x7f0000000280)=@string={0x6e, 0x3, "f1a2530158a6b35e04ced156b8b27a6343436ce6986e0ec5a98cf431e2d77f1bda31e0a06ffc7d91ca634c8416c2c3786e5d439d53b0f388f7463c4f69211f9332710098b9f7223e15847177d20e9fe22ac4cd7cf1921171a56c95de1d8bf149120979b7afbf3d2a3f3b0d39"}}, {0x85, &(0x7f0000000300)=@string={0x85, 0x3, "9067eece57b39d5fa6818827d2b20eb32d2b9a30f70c129065d8c473c712aa4568cdd8028550e859ccccbf8c72500a0b3253c0a4fc2f08bd225fb6209b210c48913928915d4709b7dca9f3c51b2064bc90c5ed6634c8a107c1a4588bd618d29cae184ad9a9c0167d00e95c27fa4416a8fafced067f87f7c5377b5bb04ade9c136c5a7d"}}]})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000500)=ANY=[@ANYBLOB="04aa4f4d7d0000000000000003000000050000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000010000000000000800000000000000000000a0ee98a133b29c05de15443c00000000000000c4bdd021"]) (async)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000500)=ANY=[@ANYBLOB="04aa4f4d7d0000000000000003000000050000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000010000000000000800000000000000000000a0ee98a133b29c05de15443c00000000000000c4bdd021"])
symlink(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='./file0\x00')

7m15.092923958s ago: executing program 32 (id=604):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) (async)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x200}, &(0x7f0000000000), &(0x7f0000000040))
mmap(&(0x7f000075b000/0xa000)=nil, 0xa000, 0x0, 0x11, 0xffffffffffffffff, 0x6340d000)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0) (async)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = dup(r1)
syz_fuse_handle_req(r2, &(0x7f00000022c0)="9373c576d47f2830a1e9ea6a4acdda4bd65cfd8106e0de7e7d3e0f845b7d203453cd949910c0286bb9cce7cf157e03197abf3581ef3d9c234e6bae325f4f7dc42d0552a16311fde3262725e6de0f140a69820896cb8174035a7ffc04ddcf75e13c054c1de738ac2b33c684443d0bf1ee784831b99ba614328340c1d76e1d89ccab46a692d59a6cccb5e5404407ab1afa4d62878e44edb6667a3a12cd6c5a09c0806a4ee64218d779f57a73acd5bbe673d628d9be3a66cc5b131991af983960d513ce9b48770d9475e1935ff8592c1e5e10d731dd312054e012a78a62b73ab8306e5867d695cdac63a0847cd2bba4e738100de41d1091da46e59c0f9c3c0186b078f555f0d93c5e76f8d84dcd1963c1a30e37fb6ae62f65cdd1c9f84d25fdefbb4150cb76f6c677ba3d3351f47e43e541a7bc266fa3d8b9f52379e655045ae21b9212ec4667655e1e1c9deca3d35dd88019b194894cd3cc36f58f7e4078bea90e1dfc5d948084d770969acaf47b916da95570237dfcd809d67ce06d6b60285e129c81e167b06b6b6479d3ee736b2315dddac357d91b707b6f0ccf22cd945754d6835608d8855d8221080ef9aae8519dea73df385735dacc679223054df37e1ff7f2d10c253eed0d7992a81188b039489bca80fd287232b59be785fa911a4f6ace2e3c63f27128d5a8838afdbef4b4bb05358e2fa8e5af06cfb739b997822783a1aa689f655585743e4120b00624d25969a167edbaa1ce2873579e166851a30abe789383e041b23ea698dc8491a6f0e7627a4cd7079909189745ecc6a9b77757b5bb59bda2604a2ae28317841158b7830bd4976406b9e524c8fd3a24e6998a1d6bf4df27680975046e20dff9c90d530a7f6a1a7d64745e0355afa61e26719bc5c177e90a333e2544c2a263b083ea6341d8d2d202d1a44d8eb9cf27054dc3e9e842e22c65bbea1954a29632b601dca961bd588cecd35af960dca00512d6795d32daf0c0fd2090e105002d16674258e46c9840248aa8cb521f90b954807fa63905f4e27012d3c3defe6b8128ca013c344ab830b5cba7df288f4fe395586918fe743b6f837571c0bc28fc4a2be58f52699a59ca8327dacc21e08858d3cf484085a76d373db064c735440906b6966f946f021a95a970b4009693504e233e3ccc5e2055bbe1226cd5456db91bc2be824e9faf67c3a077cd333a910f7e93b3c013de67fb0129873e42175c1da04a073e4a5a2d2ca3ef490e976e42d538182d1ec6fc0e4ccf3690742aeb184188009a9d6956dd6d7d9d59ad0cf81b683c88b8b5ddcd7ed4ebbe196a37036bab57bbcad9ab9b6a01f476b6b28eb64f493114722fc085b77fb9b5206c58326af7776bf98e68e707874a143ef9f899b781e19a82c86bb6f60919218b3b1336b69864a7c8eba2bb16dfb739492e443e4d0b3aa4f65f59910acd0e388e5004624a985edc4040bbb6e8e81ba8dbab4c8d23ba1f4f78d80d72608d2bd6a965c7d99b7331695b8082892171ed356522967cd12b8f0047b0beff3d3056f89be2ddd63e16da4be133f0876456e4ea8a081bdb1525f2d55941a9d14059d06205cc53a879d2302e99d8926c480963eee3290c6a8bb3bbb7b258e15519a5bf27d08ac1d515dab2bdaad30fad5f8898a63d2a7d43825e2d4eaa5214c10b99c63b3fb9f736da9e7fc19a116c61d8526b50c4d2505bcc69e57ba26363c8075ee11bdfbf27932570292ade8082ca052299371a94cb5b87199d96916a292da87e7154477c1e3c5c5ae5911e6c2bac8fc8db1cf33088a2f086c06af58bd48afef80c1df4334798e0e43df1a5d308bb4f6359fb0ce94a653feb9d70b3ba9eee90d8a918c86b8c518e51d18791d0bc7a0aa0b2b67f74b8e66a54c8b1e802ba877d03e2ff09280095e75254590284e409b86ee622a07b0a6c2521ac32b5fa3264c3d3da595c4bc444d75f50d864acaa442b0addf73dd1ee3430d1a5ff77da5d3ad980461352ab5f5074916a522647c8e46fae4e2fdbd021542663fef1f9773230021a6abb131270eafd9e20ecd1f8f1c329cf393d0973f4894658323281adf0d45cda7cf38e06eaac796cb4ecb9edbe90f4aa4e2a29762e69695e885649a47c9016d4582aab457fe49c0f193833fbc0069a261ccb02547439a599e29d46fc39a9817b87f4862a34f34d47428b43a1263e8cf36fc2cf83ea97e212f9af206559bf3a09197a68651bb45cb75696fe1ba1a576dbece712c00544d26feb534ffd87b38424c23ef193ab6f7fcefc909c8bbed166343d2c2d4d674ea122f74ab85b15efd7c7a77473a4de540483feec7370b11a4dde7cb504a8d8e8fef7aec8b0721f0ad156e0865d04ab89a8613a0180f9637fabc6b5ac35e927307c0392b102e5460614c6a7ea12b9a75f6b00aedf25e9ff9686e704f4c42eee850ff0737a2d7ac9311df9323f095c1b6d5b7687cb0b141a38ddc0c95f1d9a717560352466459b42d735b4d11eb5eb4c43441b1b332a5952dc19af7b965529880142ca5ec38a47bccca060615b84fa8a4fd8245a7dafb35d12fcedcc4bc7d686005c32c3e5efa66a2d9c6e0e4e81f61610070b3cd72fa22f5ee2d340330e33c1a3cdf94de80028484a24e730346430fd619fb7000ac07aaa167b5f40b66e79359bf63f38f11c7116bcca7252326074e54833de139c1dc116645331c2b45dbd091d3fa2f4b1a6115e41f3f6f7442091f96639d07e40986cec2aab840c60fb16eb16dd701323033a81e0828ec6bed5367f0f83d15c9435e7eefe75fae847651c25cd81173364da574ec26a6040613f8872c6e55fc8d727d7bef53bfbf16f11f7904c3f0076ffa5694ef4b823d31c0b7cebe507ca874aae0e7fb28684e4adefd63f72a6420d14ab5c8955f7846b8fa9c51386a063b62fbb7c0be59bd99d6acf7983d1a80a57dc2a9f87b9ed79e05a52b283ff6d101f7dd2ad375fd8eb9838c5af5f7f6e9062867cac3346333afeec788e185db2e73281e4c12fe37040b23288d96aa2fa82554706fa242b920254c6e0a36d83e338ca7c9342afa3af393421b54b0bc75a2c8e33017781506d6cab2b19797166d49638f3cd48b6d51de0dd090525d6ccd62523cd3d201f704e6ec2fdf3a7866ae5d901afafc10be715c0baf30b3c8520327a1b15f04bd7c6c61c6f5bec44712a518004a6d58b729ba1e6154509187171bd9328784a46e2904b1c824f73bc8038ae7a02f6f909e8fabb6ed0090533ad68e99a7c8930f51494782d6ff6669636aa72552232fdaaf30f3cfc782fbd984b237713dde3a985ad29dfcd18a7c7eae7de482fd662f045d86579b6d9fef5c428e3349177651915846d13aa094e2311f3a49b8ac38cdfcf894cf6aed1531501905a2710aabcc8a08dcf43d29c372c132842c755ff04fa630d21185e4e1b9c66a3cab5a71eb922fd704c11be88b617cc5b12d39704bed631d56324aea0ba5eda1c3f60227e391c1692dabc4d15423903877584d62fe448e7379bd08e24307628427caa1dcb1d20c57ed55a67f21b68f084b8ff461739d706af2af788d1cd19f661b1cc4532abb834cd6691982a36d6037fab413cd4c1e537708d15577d7e665fd25ea9c19d05317ae96b89812da54085423139462fb1711ef48a8f6175d5128c63b8c2a6bafc8a4b6d5d707d5db8b8305e308340eb04ba687ae925d03c299f573726dfbe2f7ccb3f3990894dd2e47ae1aa2faebcdc267399c70bf2f758f92563839ae6a99e6fe9682480d0613d7a19298830bdde406639d48628a9e13c6bb1afe5d04d1f312aa4811cfa9af9b9a1ce206611dbd525f167595c4837aaf74d66774ccaa3351d806a0978089e229a19487638cf2692a363fa4bf9021b6f809d1ba4a682f7d91e35df6d12c99e245404d4e4ab26b574995e60d0682d0f8f88a86674b8dfe58d7a19b058571d97a2b3ea468b5c36470539fff36e09ea466fa2305cadd055d0650a11e105a8befbd7557025eccab738aa714cc63c62fe2b447538e1c5a575ab555b1ffc48e4baa7ffbd611984b7b438c64d8f88fde70e4485c267d129a21cc4abb8354b9df9c606a820b0e62090e5a0e1b52985b43af4ff5957d817274993ca2a450c1b882e403861edbe8f5b0ef6ef08dc9c19dd78617c4990fb12654cff449bc1e9ece6fe65f6c1880456988e2d002381216f7ce696b173f7ae65f6049ba2533a3e06ebc66ff241f91b5e591ce75567c2fd50f4566eb76f76b01bd8d160dfd04f6c03871b3cd5b7a7adb143e66dd7f7de1898ed8e2b28ed40f16b77ae61ced32ebc5cd01d7aec9745a074c2878b76e94b504b86bb7bcc385c12c563cabc58c63e55158649c6385bb1dc33e323542c004a53f918a1784c1f08cc98686874d503c892124412bc651d5fdd29667da5bbc38f3225ac73dc4278ccd6577b3583fa6a7105c3556378a76ebc996a51d4e459986c9e6cbc2a0e1e8326860fb97e39a73de6e6a36e1fc3762cfe975d5a5882d9f9dcb72b0f12bda1ae36004bf314d09daa0566e8863ae8dfd901482c7196cf3f2fa07c5267d0233632eb285b8dbe6deb2fa04d61a90c6fe38358718f1026b2577e79aed8cef6b8674a3a1e7ee2f30291f3d6ac65757426cff5ea90d9a3098f3e203788418ab0c41e1222585d9613348c0821829ab5e82924e18e0e11d2888937f3c49516b8195525e3e4ab18c08d2ac1936ab659c38e599e6752a489fe32f14ffc2938a10e896436b9f9cd80d9651a2d4a3529c00ce23f9da124dcb0448e1ee96f6228637b72214ceec6c551e245633235dc408b7cca0b7ef6631361b3b17c88346a6574cd40aae84a9e18473aa6a54963aa4ea3147a26e673f34b72da71b7e4188aad23056d4b07eb65e05d03cf04d83518d9ff0fcab9bc5f0f4f8402a84c97ea398d64cf957e6ea241d372cf8e5a7bf865eb194c2dd6cb57e3d148ec735e4fa15825019b9d0cc83b5c6f99d9a3f0dd9d8a9436060e2f1a5409c97a8cd9e30b6d90ef89ded6f16f60f1fdf625a34d2aff0a236f3ff0a686a71678f1ebc414580e2a91fe804c999d1c8ff404156d2bdc7232cb81dd280b961efe430534a8e2918390baaaaf3245c915176d7d5a5e12c29f692dbfbd4b5e1cdd66ab1067473c120c63ce174f380a2cde938f545ea65cf1172cbef980f55fb9918f3a88d86dbc4c7e8527c646f89644da0828762c700a43c68a80ebbd9379069a26d2fb6a8fd3a594b6a467448dc746ee408cb3db4e47baacaa9df236c2d36966c98f46dba88bc867683e8573ec0c31893567caba86a2b709effde3c7483ded2a3bac2447b3e7f3e797d1a8445a4b5af1ddf38bc7251b9c3687fc94215f1338c7d2b9caf25c7ce9ba54b5a448c4b0dd505555bd8e5d768d11d37976c4c6b5cb71a91d6e8cf5e37dca7c5c8a3f6326d971cf7206af59b043f85b8b3a0bf02f1df58e1f042ac8c5aa55200a9978968f56d03c7d26f83739d66730f62f1fd6023ab3a6f01087ea9c32f927aab7708169703e36c441249bd345338efd83ff785cecbbeca462dce7dd50b6ad427712d51a439d3da7fb15032e50b634dfeb54a096fd967f9226a91dc0076cff2b8f7422c933ff67a6ab6085bd1edbbe77b049842a696acaf0d142f938b71dd50d1865570ec12f2c1a718c3edbc0a4a7f3bb4f7e6a03959c971b7c360fd6226e63ca247231878c4283e7cbecfd4b9d363be6236b40bf4e3d50cdfc7e0a3326e3ab02026c66ff9ea72fbd99f734b2029354c56e02810feda0da5865dbf461c69f38490c4235570c451bedfce770dce2b696a8b8162e7ebc43175e7a0ea8519c1e5d27d817b96b796527f8a81ba66235ea5611a7a8b0e4609ab609ffdc42a66657b9d5061046622cb09c16b4d4149c3c1c97eaa716071086b727af0538f3e26fc58d7dcf9816797bb0f1bacf08c44f82812f1f9f1e6b3941e142dba3f794b2e170df8f1d9a69ac1403fded85bbdf5f7099bfe8dad23fa79aaa770df29d97c981a9d5c6e854b108fcfa1e4f779feb50e3dbce8e0ec411a05069b4f3de488a5946cc6d3ab4e6c3450cbe13c48c8779d660a25a215e9d78cbae5e3ded769e929102419d7f73eab12fffdbf12c1c4439b7dec4d6e1c4d5d5cdc82ded0a6624bf9b1a4119c7b17b340a45546b94de0893fe50c48200914a305f93b86963a0e4da5873b45eda030471205bafcedf8495aaded998b37f86eb50803d332f1954250560b7eb8e9ed55786013ab65745667669547adfce7d9bbbdbb80c4a1f290b9851df1899a7d74dceef79e0f8bdd709b67cec3efbff986effb50b079bb41c8395b2196f8d1ba7b52f743c75be073b13ddcdfce2d79fff6620d51d52051484d721eed9871b512f6a44437dde5eec9ca9c6e2cb587e2dd43f45406cf5a15cfb3655f0a2fd2652e1632907afddf865c9f60d98408e25b7c2da4ae359c59ee5bde24c8ee6d58c32cf4427d07732540a9e7233bd6d5079f2e7049e541cf9f0ac342654fb568cecdc3b39d39704fae39e7a4842e563430efc69461c7ec9a7dd70e8caeddeb56db48ea772c2d2bca2169f344f9e2f788eaf9a824544c3bf5eac7ccb5d8ec8d1c2849ab5ebedebee276df1c91188d708f40bb1fda0576773a2140ebd215bd830f3b328dac0d113e8fd28371c107b743496ae425fee7c4cacbcf85638e5b107180a9c23d7b0276a2e712f935d382af8e704c59ec24f6614d5d62cc80717568433539caca50fac8201ceef1bc959ebbe2af51e05f8467155c935060ef2d49da95290e5fcfc6d55bebc1ce75c2c04fba572242c45f2ffcf6249901fd408c08bbf79b16db5d55c44f7f75cc38b6a79c2abfe8094750da283cf6a22aa62fd3c09fc3e162540db3cb5a75017183f24d311a4de315b7beb004a73e86eaed77cc2d39b2b30b048b04f09618b87bba1fc6f44c43f58c7d5ed44ea8e801bdf0415d3e12f31ba2c2e0e6cf773c39b4fd8990f9645a79599665f8bc0bbb31c157857edd024f2490ed26278d461acc80da8ecc5b45928f476b3ba24f030a7a0678bd700ead3e8e8f58945635f9da85b8bd7dbcd9090e0b1be1baac301a8a862a049e7823d8aafd29364741ad5674e8b2e712f7e80aaff13211a4861eb658f4bed182761abcbd7c49df653c735ea36c2f3dd17a85089e74e907e6bfc2261c657d104dfc1b71515003fd4fb21740cd808985be7e68e87a251516d1bf5326149fd7047628c679b321ad1c4df51e501adc90e460cc41fd555bd43fa80217c229df17314767ac3b4a204843cdf1408f950e0d378cd8a5b142a51e87322fb326227296c788448fd2b99cb8a961a141562c0d5257e7648904e7fabac1333adc1136db34784feed0aecd29472d49f3222c5b596ba8fc09ad33367004677197ff79e098a38f673daa46ac6dc831d257df7add2be3f9bda752f6262978377cf8a271ffb54d8563469966153654c730697aef0cf15536a5a705a457fba849005cb8249096299ec938a56b19db23cfcda1975d362b7820929a2d6df628606fce4cf13e1a72e182bc3c9b069948371682f926751d3f5eb2f3c09b99e19db9f0224623549e204d1a0723d6bc1db3efef77cc878332f391839a14e4a92915120ca0a51a7ae36b3d7011aa96d72653aba4067d6df393f844ea019711f36d8cf4a763cae77528a70b4dc39594ad4c59806bdcf67f32abfeab5d7f246f4fcab2e4197399de380846a3723bb8045cf65a5eb884fe854112a86f36c571092e91e2d0f5dd5eaa60a33646d37529435fe641848f7c722e18225c52b3465b79ee3c38eb27062100c77c8b2c2556fbca5611d8ec692e4c6fdeabb4b2c7166caae3ef6eccbacffc752620ce58eab582a954c8e8d8de708da2d2e12170b86b147e47fa51465f721cb4a1d73c9425a091476bec8570f4b5f446dbb3d3205f3f8535a901a529e1b2c303b10b4743ed2b279946971ac3f141df9c984d51176001ff3e76ad5fc584759682d077f1c523f9b4d1a22562e487391403cdd702a91eea96b3255c0f6b9253d8a37a69011882d62d087343617a34698b0ba4f5a23cb9cc3c7e0ec26170522b301c83c27303217635ae127177df220e91e9f914993b043e7da559a8ca99f6ba9cc0bf1039e9b69e61bc534eda26aee72dde4f7eb07dc3bc1ada8604f4c8b6bf3fa8408ac923eb07d63e338af4e25cc857772cc4cee31399d000b250cc9a2f93fa5d96b9e03cf2b5f70b780d269c16bde218c08f8c6754f452b5efd4cd505a666007837b84a0e7e6155b2ab5c29328b7518781ddcb3651dd03977d9564bceded5866468101589395d8fb4adf667c6a5b3db210a2607de98430cbf1423f53d45df9f43d3e76ffd098b76a4851d12f93361cf3c90bf01267be2712d7ca85d2b2c42a522e30c895554b859d4c6d8325ee8b7a5db0b9b7b40c4371c6ea00fd61ac7a8cefa9d532cc33ed92e89bb2b240e82eb2c35f8764069d366aeec73783747fd7191cdd6452095cbed554cbbd547e9064189054a76513eb4db06529d033719a69de92f6f689fe316950c826ef856095bd2e62544f2616930f671608e66f0e65e6a69f7f7378412ecb9e3cf71caf752f2e293b704f1926f273cf159d5aee1c69656852cc06c66fec7e37b29c21695cccdc847829efce47f7336003975390f9a949b818f41d09e08d5d9769a94681cdeb3a5d3711fb43d87ef040bcdab99c213c56c063d2df0b4b236c3d9584ea2b0dc45200dce55eaf2f5af5170f5499a82091afeabecb05a015c308f592ff5d3b8a88a71b0615f16117d4ea812eaef19774e8b19f2b58f7fda4ef23ecc85e04d4fea37c17152cfafc92ce331c1995fb8846b68ea1934b415c880052180d043a1c1aad93dae6f3e00d60f3e361faa0cb28f6c2790792f965bfe7fa084623a89b5a67db15758388a92343ca6de75f9a985fd79bd5d9a234d742479cc8ad898770c5910d07c0afa408be7c8fac60f7e5c1a6a63fbbfed85bba28cfb56430126477818d038743a7c17c849a2bf758cdb790ea200bfc74d502e313b94fdd71938e8c45edc1f0c0e4ddc3001d8a6d5e59ba65e0a161d587e3e10228468e660bb8c9f145b2ef2e7f90e36f46503f76121d6a523a8574346994586a0f9705704031b5273cc0d7e3277c9c863c01e2c6906328641a2977e11d61871759f4bdbdd5dbfe157e01d01663bfddb975d7392fefde0a8d68a94cad604453a3eacd3b859d547b671b1b8cc3726a9f3b63b4363764efc79a0cceded7f5f927bc8552bc7980be6833e107723cc6c84cb129cc3b6bdf3034a5fcf6e267f51f58cb6567216d5673124cd947f65e99393998eddf8df7b774b11ae5357826149e0406120b3b54f13cb53a30470a584c538fb0de041d75c959e297f91bf6d21a4aae4b7ab5f37cbf8fad3d018fdd2a5ed9142909a6b8b6e38a89fd8aabc47890305846043ee918aa556669eb0fdf9b110822fa292aca4d8b9913a81dbf2847713ba7a9cf22de6728be3ec3bef75208bc837426b206da7573d7954610d60a900c2b99a676c95f8a2049a9aa31f553c5283f5cdaefc8f4fe6ab0959a36aa58907a369ee8f4994366b574b8259b3d0b5d8a45a302c345b24284f1fe1397bcbb77823d604f4126cd3bca644d03149575f9de0bfa88c46a4d3d983fb00fb8c9b911682fc04a5618e028242d4509949062f97d221a455e339a3d76ec7eaa939fc697e1e47a8610ee319604cbbedd2592d9431d187e016705fe9d4fa207de20f2b011fb45c93fa8c81c539961e54d0fd4217c55a2f3c18f3523eadc4a180d049d65b6dc83a05670967f66307afb4f9e97a38518444906c283db5a1080270d002abbde736cb25bc9ee8efa6fe000953521467bff42b82c43eb2a2724e04f28e3baf3d6edbf7687d001d44c08f263db33d2d6cb74e9ee99b3f136bde3eabf9a5b93daebb9093185217e3ef0b734a1db4d25d8d8316d95d539341f55742fd6f2bb1f7164e1d2bfa299d8b602743a193ae47fafe2e42ec3ac4133fd6d9ef2c8672c9c86935b6513448d7218131996453e0188e02cc145d936118f48d0063ebabdb2e13dc34dd0c5f51289c93791f24389c620633902811fde3a57159685dc55cb9c046acf4c34c50354237f7f5bb7e5f8d5a33f86da37f6e2fbe433fb83ce17d233f23c268bbe6e6928b0927a6dfe96f1450aec0ee0061c8e360e9e26dae195e08506cdc8231c4a6b11fdd8dc86c5ca57541a830821f32d806fd75448545287f9a13c0350b69d8e22e23767e9a6d21d40a8c0e542a001e8803e88b8c7c692ffee86f84b670bdd2ff2c8ad19d1034a44aa9a3b3eebe3ec036abfebcbba89cadccf9a757d4a13e907650807ab4803b2e385ea0d182df865f961b9644e39ea09802a00ff0fac1e8dc53a65a0ce2da748acfa5c8051aec2b840030d727082c3af208bd86a296a53502edddf64e5fe54ce6455eabe3eb818e0d3994ad4cc4e299005db468197f57672c061050782e00ac2df7a5111fe48db36bd996d916117bf1bc7aec29ec4a7a6aa824d0bec0c6818c8d7ac72a6ebb9589603ccacc2fe1966dc993a911ba2dde36a9c3d7c77a4a2f289bebb735e59dad0a11da161009b287e8e93fb5a042c7e4deb32d6488c3aedba399f97ddd2a86903ba6f1d6816223433cedf21ee0e87c1d650685916adfee932c1d28e862a8d53ab54d3f276a3f72a612a5744d55609a2589637dd494ee62baa9a5011e0d0e17c8ccc054b50323ec02852dbd740dde405dd7efdd9738da0573c4de4b3fce7ca7485fd27893bac5ea20866e3089e376c1ab8044d61714c6327b7758a7db1a1326ac7f9356811feba6a2e2bb11f655c23209ac8936d6200e7408832cafa4ae6648c143a1f0194f26521d2c32a0c06e7a559adfe7b4b1b75b47aae0449c927a2bb95fd8fd093dc44bc0296c3768a9da07a398a1e9b265665fa800baa665f5af454a55ef348c694920e2a7f48455acfee2d961f95a471d4e08ff6e06477799e999b06a634de3eba8c77bebbc21bc38a0a092417621387de0a908022cab0242cda0d67d7f2eeae67b4d4c9dad8b2579553f2b06ff5bff5f05f708de02b81ab5f585e2ba5862697b4ad874a7e2294014df431a81a1afef782b81be5a2459384a836209407b5ff2c622c4576ea2c3c6bbc484ed641b5fff026458d51fc4d117d33cd135ff6bb7efd5d3d06fce2944514e32efb5643cf5e4d7fbd36ce1d01b1ab2c8d7a1b86943a4cc1b03ac15a185ccbe95a828309e97484a263100c7a8fcd868c68867801edf188bd8bf88819ce902233510d1ef62c6dbff8c24300d10b296138cc68832a5da7e5fb22a414101185ace0f2e9cb281f644dce277208fd5ec2a66cce2708ccdd3f021335f83f12a8033a18634131a12881ea1ac6e48087837e8e7a65b351ca2b3ec04acc13f75ccc05413fcfa7f0d264205b160c57c753998435b5ef3ec3518da720f69b87ff1c8416ebbf8bc6ac16d85c7f13ef8b41740dba61e3e65d35527938570da4ec4fa4716771832ff7f6f4601f15da51158848ccaab296499bfa2b25b866942d6fee8c4391e6c33d7f7be63e88b83c4368a18742a635e5c49b8812491abe7fae8d6f10e8e8f2890083579a746dadda7", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000640)={0x60, 0x1, &(0x7f0000869000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0xa1c9, &(0x7f00000005c0)=[{0x4, 0x9, 0x8}, {0x8, 0x7, 0x4}, {0x1, 0x9, 0x8000}], 0x3, 0x80, 0x2, 0x2, 0x0, 0x14})
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x672c0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x541c, &(0x7f0000000040))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bec9ff10cd0631016016af020301090271754b850e1476a909dbd6f67b58d7c061096df5496897fcb3b5032bdfe7e124b5fe8b15887978af416b10a57f417a57719448d3df663b97d5e7c6d2e2c8ef7116132cb2ad38c5837aa4a1b70e150c58e412828aaddcba152da1c0ce4a5a8cdd22b9ff2fecb04a9b56f6834cd6fe987d8c41c0008ef1769cd000094eb8", @ANYRESDEC=r0, @ANYRESOCT=r4], 0x0) (async)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bec9ff10cd0631016016af020301090271754b850e1476a909dbd6f67b58d7c061096df5496897fcb3b5032bdfe7e124b5fe8b15887978af416b10a57f417a57719448d3df663b97d5e7c6d2e2c8ef7116132cb2ad38c5837aa4a1b70e150c58e412828aaddcba152da1c0ce4a5a8cdd22b9ff2fecb04a9b56f6834cd6fe987d8c41c0008ef1769cd000094eb8", @ANYRESDEC=r0, @ANYRESOCT=r4], 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101800, 0x0) (async)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101800, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(r6, 0xc0045401, &(0x7f00000000c0)=0x111) (async)
ioctl$SNDCTL_TMR_TIMEBASE(r6, 0xc0045401, &(0x7f00000000c0)=0x111)
syz_usb_connect$cdc_ncm(0x1, 0x7f, &(0x7f0000000180)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6d, 0x2, 0x1, 0x46, 0x140, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "55960d9a08"}, {0x5, 0x24, 0x0, 0x8000}, {0xd, 0x24, 0xf, 0x1, 0xc39, 0x7, 0x5, 0x2}, {0x6, 0x24, 0x1a, 0x69}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x7}, @network_terminal={0x7, 0x24, 0xa, 0x81, 0x0, 0xe, 0xb}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x5, 0x5, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x8, 0x8, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xd9, 0x7f, 0x81}}}}}}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x300, 0x7, 0x9, 0x9, 0x40}, 0x5, &(0x7f0000000240)={0x5, 0xf, 0x5}, 0x2, [{0x6e, &(0x7f0000000280)=@string={0x6e, 0x3, "f1a2530158a6b35e04ced156b8b27a6343436ce6986e0ec5a98cf431e2d77f1bda31e0a06ffc7d91ca634c8416c2c3786e5d439d53b0f388f7463c4f69211f9332710098b9f7223e15847177d20e9fe22ac4cd7cf1921171a56c95de1d8bf149120979b7afbf3d2a3f3b0d39"}}, {0x85, &(0x7f0000000300)=@string={0x85, 0x3, "9067eece57b39d5fa6818827d2b20eb32d2b9a30f70c129065d8c473c712aa4568cdd8028550e859ccccbf8c72500a0b3253c0a4fc2f08bd225fb6209b210c48913928915d4709b7dca9f3c51b2064bc90c5ed6634c8a107c1a4588bd618d29cae184ad9a9c0167d00e95c27fa4416a8fafced067f87f7c5377b5bb04ade9c136c5a7d"}}]})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000500)=ANY=[@ANYBLOB="04aa4f4d7d0000000000000003000000050000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000010000000000000800000000000000000000a0ee98a133b29c05de15443c00000000000000c4bdd021"]) (async)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000500)=ANY=[@ANYBLOB="04aa4f4d7d0000000000000003000000050000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000010000000000000800000000000000000000a0ee98a133b29c05de15443c00000000000000c4bdd021"])
symlink(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='./file0\x00')

13.48155886s ago: executing program 5 (id=2033):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r1 = creat(&(0x7f0000000380)='./file0\x00', 0x80)
write$binfmt_elf64(r1, &(0x7f00000006c0)=ANY=[], 0x78)
ioctl$sock_ax25_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4, [@null, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000100)='io_uring_poll_arm\x00', r0}, 0x18)
migrate_pages(0x0, 0x6, 0x0, &(0x7f0000001340)=0x1)

13.292361544s ago: executing program 5 (id=2034):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
lsm_set_self_attr(0x69, 0x0, 0x106, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000180)="900000001d001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0), r2)
r4 = getuid()
fchown(r1, r4, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(r2, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x29}]}, 0x1c}}, 0x0)
chdir(&(0x7f0000000140)='./file1\x00')
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
sendmsg$nl_xfrm(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0x50, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0x50}}, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

11.640152105s ago: executing program 0 (id=2039):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x420, 0x3f4, 0x2, 0x70bd27, 0x25dfdbfd, {0x10, 0x0, 0x4, [0xfffffffa, 0x0, 0x1, 0x8001, 0x12d, 0x6, 0x7f, 0x9, 0xb9, 0xe38c, 0xc3, 0x0, 0x8, 0x2, 0x8, 0x6, 0x9, 0x6, 0xfffff151, 0x6, 0x4, 0x1, 0x4, 0x7f, 0x8, 0x5, 0x0, 0x2, 0x8, 0x6, 0x5, 0x4, 0x5, 0x8, 0x6, 0x2, 0x8, 0x1, 0xf, 0x7, 0x6, 0xfffff801, 0x0, 0x5, 0x3ff, 0xb05, 0xffff9231, 0x7, 0xfffffffd, 0x7ff, 0x7, 0x1, 0x6, 0x0, 0x7, 0xb3, 0x5, 0xff, 0x8000, 0x100, 0xaea, 0x7fff, 0x6, 0xd0], [0x6, 0x7346, 0xfe, 0x1, 0x73c, 0x9, 0x462, 0xfffff2f5, 0x2, 0xd, 0x6, 0x1000, 0x2, 0x779, 0x2aa, 0xc, 0x1, 0x6, 0x551, 0x7f4, 0x7ff, 0x1, 0x86c, 0xeb0c, 0xff, 0x3, 0xfffffffd, 0x9, 0x4, 0x13, 0x10040, 0x7fff, 0x100, 0xffffff80, 0x3, 0x1178, 0xfffffff9, 0x5, 0x80000001, 0x3, 0x9, 0x4, 0x7, 0x2, 0x7, 0x2, 0x99, 0x2, 0x1, 0xadfb, 0x9, 0x6, 0x615, 0x3, 0x2, 0xc, 0xc, 0xe, 0x2, 0xb, 0x8, 0x4, 0x4, 0x2], [0x8000, 0x6f7, 0x6, 0x7, 0x80000001, 0x8, 0x10000, 0xc0f, 0x8, 0xfffffffa, 0x8, 0x8, 0xaf6, 0x8, 0x4, 0x7ff, 0xffff0000, 0x1000, 0x1, 0x6, 0x400, 0x8001, 0x5, 0x8, 0x8, 0x787, 0x7, 0x8001, 0x3, 0x5, 0x3, 0x3, 0x0, 0x9, 0x6, 0x7fffffff, 0x7f, 0x9, 0x8, 0x3, 0x10000, 0x9, 0x5, 0xfffffffb, 0x15, 0x5, 0x0, 0x9f1, 0xd, 0x200, 0x3, 0xd9c1, 0x5, 0xfffffff8, 0x8, 0xd, 0x4, 0x3ff, 0x1ff, 0x1, 0x3, 0x8000, 0xfffff575, 0xffff], [0x0, 0x87, 0x4, 0x5, 0x1, 0xdff, 0x5b, 0x5, 0x8, 0x80, 0x0, 0x5, 0x26, 0x8, 0x3, 0xc, 0x800007, 0x7, 0xad2, 0x58, 0x3, 0xf, 0x1, 0x3, 0x4, 0x8, 0x2, 0x7, 0x0, 0x400, 0x2, 0x85b, 0xfffffffe, 0x5, 0x2, 0xfffffffb, 0x5, 0x0, 0x5, 0x2, 0x9, 0x1955d002, 0x3800000, 0x3, 0x87, 0x9, 0xd6, 0x8, 0x8, 0x8, 0x3, 0x6, 0x6, 0x1, 0x9, 0x6ca9, 0x200, 0xa, 0x7, 0x1, 0xc82a, 0x5, 0x1, 0x635]}}, 0x420}}, 0x10)
syz_usb_connect(0x0, 0x5a, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ec13b2106d04f308280b0102030109024800010000000009046900000e010000084101"], 0x0)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0xfdfd)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_pressure(r1, &(0x7f0000000280)='cpu.pressure\x00', 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@cgroup=r1, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

11.316791311s ago: executing program 5 (id=2041):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8) (async)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000094ae94405f0520c4336a000000010902120001000000000904"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$printer(r1, 0x0, 0x0) (rerun: 64)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/176, 0xb0}, 0x4}], 0x1, 0x2b, 0x0) (async)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) (async, rerun: 64)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x1, 0x4) (async, rerun: 64)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) (async)
syz_usb_connect(0x0, 0x36, &(0x7f00000006c0)=ANY=[@ANYBLOB="12010000220edf104c05c10687c20102030109022400010000000009040000024f6996000905c6d6000000000009050202e1"], 0x0)

10.080086405s ago: executing program 4 (id=2045):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0xffffffff}]}}}]}, 0x44}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r5, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x40}, 0x0)
accept4(r5, 0x0, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="0000aaba09000000fc6000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000800012800b0001006261746164760000700002800c0001004241544d414e5f560d0001004241544d414e5f49560000000d0001004241544d414e5f49560000000c0001004241544d414e5f560c0001004241544d414e5f560d0001004241544d414e5f49560000000c0001004241544d414e5f560c0001004241544d414e5f560a000200aaaaaaaaaaaa0000"], 0xac}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x18, 0x5543, 0x42, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3, 0x1c0, 0x9, [{{0x9, 0x4, 0x0, 0x86, 0x2, 0x3, 0x1, 0x2, 0x10, {0x9, 0x21, 0x5, 0x1, 0x1, {0x22, 0x189}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x40}}}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x310, 0x1, 0x9, 0x1, 0x8, 0x3}, 0xb7, &(0x7f0000000440)={0x5, 0xf, 0xb7, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x6, 0x9, 0x6, 0x9}, @ext_cap={0x7, 0x10, 0x2, 0x14, 0x3, 0x3, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x5, 0xe, 0x2}, @ext_cap={0x7, 0x10, 0x2, 0xa, 0xa, 0x2, 0xe}, @ptm_cap={0x3}, @generic={0x93, 0x10, 0xb, "e85f011c2633da2905075d19edeeb5b81401845a782c2d3c8f7787245a0d6234a0394007e0c1826de3753b0fe76957b3ec669f829ca710fd14f86232ba2c375bd517e36ce438f16b1def05becdcaff8ea9f27e78f7c17aa5eaa799219c97c03aa33b0996a76a9e6032ff971a3f41f6d4ea8a449d976ba0b8f3f2e0d306a0daa22ef82cc9ef03290c44211060eb2ff544"}]}, 0x2, [{0xc8, &(0x7f0000000500)=@string={0xc8, 0x3, "1a7d5ee29bd0cfa8baa1575bcada6b917346b771f8b0046383ae7ac5fa0ca2d3f115cd5b00eee47f2ef30227ab27a32ff0182fbf04b6c1e85d35dfd32fb967f6c57f88a6a3a04fa3ac2ffcefc5e8e5ccd5a2f92c1abec85b348bf40276989f8ea5487309fd42d64803ff29f7634d4941b2dcae4d554e38f93d195e0ef1369375d21095cd0ea439c7713f18e5fcfb00504a8896d3434b7780c7ec1023fc18ad301c678cc1a321d81c67c7f9af543afbb3bae0b5622a598e3614f6fc19bea7de607075021ac55e"}}, {0x9f, &(0x7f0000000600)=@string={0x9f, 0x3, "c2e174d1cbcb462c593978455c60dfa5e95e61ab697ca2907529b37d15cd7bc026e656d8260fd4d6de56218c9ea27753a24a54d4a9012c58084b8f4e9e6f87e29b017a78f5a7d7ccd7e4aa0b5379c01ac54e5f9da0257321685a1d243e83ef65d9b20e529c35d3d15d3009e7c42d0532aac0740dba2b9ab927686fb6ca46c64970689b1b8bc913b74d4cf30c05ab4a35d546133a759900da5e85581ef4"}}]})
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r3}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x4c}}, 0x8000)

9.79232141s ago: executing program 0 (id=2048):
r0 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001100)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='setgroups\x00')
writev(r3, &(0x7f0000003740)=[{&(0x7f0000001440)='deny', 0x4}], 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
ppoll(&(0x7f0000000040)=[{r2, 0x100}, {r0, 0xe}, {r0, 0xc8}, {r3, 0x1094}, {r0, 0x9084}, {r1, 0x1000}, {r4, 0x40}, {r1, 0x8040}, {r1, 0x1}], 0x9, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)={[0x8109]}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4)

8.213551483s ago: executing program 0 (id=2049):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4044841)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
read$smackfs_cipsonum(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffffff, 0x0, 0x640e40, 0x107)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x20, r4, 0x1, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}]}, 0x20}}, 0x4044)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x6b76f27452643c0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
futex(0x0, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000001740)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000540)={r7, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000001040)=[0x0, 0x0, 0x0, 0x0, 0x0]})
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

8.208740228s ago: executing program 5 (id=2050):
socket$inet_dccp(0x2, 0x6, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fc0f00000a"], 0x48)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5, 0x4000000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

6.885291744s ago: executing program 1 (id=2053):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$setperm(0x5, 0x0, 0x52b242d)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000000200)='.\x00', 0x8000, &(0x7f0000001dc0)={0x2}, 0x20)

6.736330213s ago: executing program 0 (id=2054):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000001c0)=[{{&(0x7f0000000440)=@sco={0x1f, @fixed}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000500)=""/108, 0x6c}, {&(0x7f0000000580)=""/140, 0x8c}, {&(0x7f0000000640)=""/111, 0x6f}, {&(0x7f00000000c0)=""/62, 0x3e}, {&(0x7f00000006c0)=""/146, 0x92}], 0x5, &(0x7f0000000800)=""/162, 0xa2}, 0x6}], 0x1, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000004c0)='wbt_stat\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_SCAN_REQ(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)={0x24, 0x0, 0x1, 0x70bd2b, 0x25dfdbf8, {}, [@IEEE802154_ATTR_DURATION={0x5, 0x15, 0xc}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0xf}]}, 0x24}}, 0x4010)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000000200)={0x0, 0x80000000, 0x2, {0x6, @pix_mp={0x1, 0x7, 0x31384142, 0x8, 0x6, [{0x6, 0x5}, {0xd, 0x1}, {0x1, 0x7}, {0xffffffff, 0x1}, {0x888, 0x4}, {0xb2, 0x8}, {0x4000, 0x2}, {0xac46, 0xec8}], 0x5, 0x3, 0x3, 0x2, 0x6}}, 0x65c})
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x20000000)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$PPPIOCGIDLE(r5, 0x8010743f, &(0x7f0000000000))

6.662476546s ago: executing program 5 (id=2055):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x14, r1, 0x20, 0x70bd24, 0x25dfdbfc, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0xec2884ff7160a5ce)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0)
ioperm(0x0, 0x82, 0x1f)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$kcm(0x2, 0x0, 0x106)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x22803)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = syz_open_procfs(0x0, &(0x7f0000004440)='net/ptype\x00')
read$FUSE(r7, &(0x7f0000002040)={0x2020}, 0x2020)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@verity_on}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r3, 0x6, 0x19, &(0x7f0000000ec0)=r2, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)

6.604189276s ago: executing program 4 (id=2057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
copy_file_range(r2, &(0x7f0000000280)=0x8, r2, &(0x7f0000000300)=0xfffffffffffffff9, 0x7, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VIDIOC_CROPCAP(r3, 0xc02c563a, &(0x7f0000000000)={0x3, {}, {0xfffffffd, 0x4}})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x4, 0x4002)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = syz_open_dev$usbfs(0x0, 0x74, 0x101301)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x6)
r7 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0xe, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd], 0x2, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc, 0x0, 0xffff], [0x0, 0x4]}}}}]}, 0x88}}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r4}, &(0x7f0000000800), &(0x7f0000000840)=r10}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r11}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

6.429172507s ago: executing program 2 (id=2058):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000630100000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000002c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b0, 0x1f8, 0xc8, 0x8, 0x0, 0x5803, 0x2e0, 0x2e8, 0x2e8, 0x2e0, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1f8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x3}}, @common=@mh={{0x28}, {"df07"}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x3, 0x4, 0x2, 'snmp_trap\x00', 'syz1\x00', {0x450d74d1}}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0xb, 0x800, 0x2, 0x6, 0x9, 0xcb, 0xb1, 0xff]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x410)
keyctl$restrict_keyring(0x3, 0xfffffffffffffffb, 0x0, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x2)
request_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000040)='\x00\xb2\xd1)\xda\xff|\xd1\x85b\xad77\x00\fJ\xfc\xb4\x1e\xae\xe8:`\xe9\x9ew\xf5l\xee\x8dg\xc2\'\x88\xe9\xf3\x05\xe02\xe6\v_\xe9\x89\x86s\x8dh#$\xe4\xb1\xd0\x93\xceh\xfcsP)\xd9\xce\x19+?\xc6\xf7\xc0[G\x15\xde-x\xa9\xe5,\xec\xf6\xfb\xc9~2\xa1\xeb\xb3Pp\x93\x90\x17\xb2\x95\xe7\r\xae^\x92n\xbd\xf3\xb1\xac\xe3sf\xc9X\x05j:\xb6~\xa6#\xbf\x06t\xf2\xb5gd\xd7\xcc\"A_\xecu\xe8<dR}\x8e\b\x16\x8c\xa6\x01\x11\x97S\x99k\x1e\x03\x8e\xea\v}+\".\xda,\xfe\xb7\xbf\x01T\x99\xbdF\xd4\x925[\xd1\xeb\xdf\x98\xfa\xb0\x93\xc3>\x84\xe3\x92J\xaa!\xae\xa2\xd7\xf3\xc6J\xb9i\x9d\xb4{\xee\xf0|\xd9\x05\xaa\xbb\xfe\x12\xa0\xbb\xecY\x0f \xa3\xba?#\x90\x8c,nNQ<pCoa\xf2\xd1\x96\x8f\xf3>\xa1\xed', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'vlan0\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4b, 0x50, 0xf7, 0x1, 0x80, 0xfe, 0xc2, 0xc, 0x66, 0x4, [0x40, 0x9, 0xf, 0x10001, 0x6, 0x8, 0xfffffeff, 0x2174]}})

5.520156855s ago: executing program 1 (id=2059):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
unshare(0x28020480)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
exit(0x0)
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x57)
shutdown(r3, 0x0)
accept4$netrom(r3, 0x0, 0x0, 0x80000)
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x2711, @hyper}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
unshare(0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, 0x0, 0x0)
unshare(0x2000680)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0), 0x4)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
unshare(0x400)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='hpfs\x00', 0x1c443, 0x0)
fcntl$setsig(r5, 0x3, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x3004000, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES64=r1, @ANYRESDEC=r0, @ANYRES8=r1, @ANYRES32=r6, @ANYRES32=0x0, @ANYRES64=r0, @ANYRESHEX=r1])

4.885296893s ago: executing program 0 (id=2060):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000100)='9p\x00', 0xc73cf9fa8ce85c99)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(,:', 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x0, 0x5bfe}})
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000840)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000000c0)=',', 0x1)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x1ffffe, 0x0, 0x7})
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x16, 0x12, &(0x7f0000000580)=ANY=[@ANYBLOB="080800f68000"/16, @ANYRES32, @ANYRES64=r2, @ANYRES32=r2, @ANYRES8=r3], &(0x7f0000000500)='GPL\x00', 0x32f, 0xec, &(0x7f0000000340)=""/236, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x8, 0x0, 0xfffffffffffffffc}}, 0x10)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(0xffffffffffffffff, 0x3ba0, &(0x7f0000000300)={0x48, 0x8, r6, 0x0, 0x2fff, 0x2, &(0x7f0000000140)="c636"})
prctl$PR_GET_TSC(0x43, &(0x7f00000000c0))
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x12141)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0xfeffff, 0x113, 0x0, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x0, 0x43, &(0x7f0000000000), &(0x7f0000000000), 0x7}, 0x50)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='cpuset.effective_mems\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000869000/0x1000)=nil)

4.867014863s ago: executing program 4 (id=2061):
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet(0x2, 0x1, 0x0)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

4.80036417s ago: executing program 2 (id=2062):
socket$can_raw(0x1d, 0x3, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000280), 0x127440, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
pipe(0x0)
vmsplice(r0, 0x0, 0x0, 0x6)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pidfd_send_signal(r2, 0x12, 0x0, 0x4)

3.982230618s ago: executing program 2 (id=2063):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
eventfd(0xc0b)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0xde, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x28}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
listxattr(&(0x7f0000001e80)='./file0\x00', 0x0, 0x2)

2.881803833s ago: executing program 2 (id=2064):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)={0x19c, r1, 0x5, 0xe703, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x39, 0xe, {{{}, {}, @device_b, @broadcast, @from_mac=@device_b}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7, {0x0, 0x1, 0x0, 0x1, 0x0, 0x8b, 0x8}}, @void}}, @NL80211_ATTR_PROBE_RESP={0xc2, 0x91, "63b5faa04e297b6a75223c7b7f521dcf4a7e54742e9a9bae0f7e436472f136307011787f170dbe3b44736a6509b1a2e4e2519ad366509867670ce206937b0361691f88c48f63d09ba79dac99630f4df7a2a8d8174e3ba402c84ecf5f4cf33f486b7d161bc69a8874a0817a72f2b2c73951d896f5bc73bc2b505ac15cd68559832a7125b33a33f04b6f7985545d2de9b80a145e8221d050d3e1c66acceb968ec1e16769c7c23530fddf69bd97eeb7099921aa7afcdb03654a11e43b378645"}, @NL80211_ATTR_IE_ASSOC_RESP={0x47, 0x80, [@prep={0x83, 0x25, {{0x0, 0x1}, 0x5, 0x5, @broadcast, 0x3, @value, 0x80000001, 0x10, @broadcast, 0x8}}, @ht={0x2d, 0x1a, {0x2000, 0x1, 0x4, 0x0, {0x0, 0x19a, 0x0, 0x9, 0x0, 0x1, 0x1, 0x3, 0x1}, 0x1, 0x3f6003d9, 0x9}}]}, @NL80211_ATTR_BEACON_TAIL={0x1f, 0xf, [@rann={0x7e, 0x15, {{0x1, 0x8}, 0xf3, 0xff, @device_a, 0x8, 0x61, 0x41c5}}, @supported_rates={0x1, 0x2, [{0x9}, {0x1b, 0x1}]}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x19c}}, 0x0)

2.744185161s ago: executing program 1 (id=2065):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x400000000000004)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x100000, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x20, 0x1, 0x1, 0x0, {0xa, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x30}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)=ANY=[], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3, 0x2, {0xa, 0x4e23, 0x1, @remote, 0xfffff801}}}, 0x32)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newsa={0x170, 0x10, 0x633, 0x0, 0x0, {{@in6=@private0, @in=@broadcast, 0x0, 0x4000, 0x0, 0x8001, 0x0, 0x20}, {@in=@dev, 0x0, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0xb}, {0x323}, {}, {}, 0x70bd29, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x20, {0x0, 0x4e22, 0x0, @in=@remote}}, @encap={0x1c, 0x4, {0x2, 0x4e21}}]}, 0x170}}, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000040), 0x4)

2.697588332s ago: executing program 4 (id=2066):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1})
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e22, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000980)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000300000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x210)
setsockopt$inet_group_source_req(r3, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private=0x4000000}}}, 0x108)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0)
capset(0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3, 0x0, 0x0, 0x0, 0x4}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x0, 0x9, 0x0, 0x0, 0xf})

2.605675768s ago: executing program 0 (id=2067):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
unshare(0x400)
fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
r2 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000000040)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
io_uring_enter(r2, 0x48e9, 0x0, 0x0, 0x0, 0x0)
epoll_create1(0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040))

2.552320921s ago: executing program 2 (id=2068):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
lsm_set_self_attr(0x69, 0x0, 0x106, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000180)="900000001d001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = getuid()
fchown(r1, r2, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
socket$nl_xfrm(0x10, 0x3, 0x6)
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'erspan0\x00', &(0x7f0000000280)={'syztnl0\x00', 0x0, 0x700, 0x8000, 0x0, 0x0, {{0xe, 0x4, 0x1, 0x1c, 0x38, 0x68, 0x0, 0x9, 0x4, 0x0, @local, @broadcast, {[@rr={0x7, 0xf, 0x62, [@rand_addr=0x89, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @ra={0x94, 0x4}, @rr={0x7, 0xf, 0xa4, [@dev={0xac, 0x14, 0x14, 0x2e}, @empty, @empty]}]}}}}})

2.496528418s ago: executing program 5 (id=2069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1600000000000000040000000500000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000053bf23800bb3053200000000000000000000000059b878b996c4894ea2fb1a55382e4747a4b73203d2c70b385aba1024b97b0f5639b98622bb22d9e2b0b6d4"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_SET(r3, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001c00000018000180140002007665746831"], 0x2c}}, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpgid(0x0)
sched_setscheduler(r4, 0x1, &(0x7f0000000080)=0x93)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = dup3(r7, r7, 0x0)
socket(0x1d, 0x2, 0x6)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r8, 0x40045532, &(0x7f00000000c0)=0x5)
r9 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r8, 0xc0884113, &(0x7f0000000240)={0x1, 0x1400000, 0x0, 0x10001, 0x0, 0xfffffffffffffffe, 0x480, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3})
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)
r10 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r10, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f"})

1.889399949s ago: executing program 2 (id=2070):
r0 = socket(0x10, 0x803, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYRES8, @ANYRES16=r0, @ANYBLOB="161b8de261cc4c3ba91564c3b5f4e6d370591a0891be51fa08dcb5727c40ec3b3ad1de42d8166ba667c786d7449c5c04d81f376f0fcf5d45a4850ea7b7a5090f2c300c48cc1cd36e06fe694b63adf0b5f3e40e2c8c463c5f8fc739bd7a69ab770d0787acc6e402719ceb60991ad0b8725fb62f852779942e9734392415b0dbf88d12de40c68a6ae40c337cedf0700e71bde7fa5767b2455211c8ec190ffed2cca6afcf4eef29a25e25546b2ff0b87539eb3e1c56467ab1418b68ed15767cb00e81e7bdaaea0b47a0516ccac210f452e690e9a5bdc4a7807a8a9a7fc1761472a50c0a951227784f75c47fe8e9f7496951a9329126aa88cc1ce0c9df03ac632af495c40f4e0e76f11b39ae8152fbf51e153f56e39c2851e3db5f18eb4502a28dda610ff6a93fe5b349cc651ffe3121689b77f4ce1b2ca1faac193a8e2d8d224292bc40a7c08a4151ea224ef2c06529c1779905f3d4e64a93f6babcfec369eb487d8d51a0e199b0b656d64e76b7264c8c11cb8fdbb47fdb5bad0135241c1ffa13e14b3ea6a7df3f7563534d67f42d3499f7f6aff62091eeb78ac2a0ebba6a1e75fefce674b7b7098a02f2e873f616a5cebb6fc3f2f2d816c1130572b132fd077193842f0031286c5b49a5c6713b9a975ecb28eeea0851bce27dcdc0d4e245945448436b0890e0f0d52cc957a058140fb77f2a7ac1f1805ed0a8e582370dc6e6327ca4384d7930a98b27ec801e13c5d3cef8dd3f74be9912c89964e6254497718f38efd7897179b323f5bc8ea9cece4cf14556bcf74fb734837445c0feb2da0a18261e7168714d8d5eb008d76c5602a3d3d67fdd6112505a4c5f94ba5f41ac3209d89326e854a032863d0c1f7fb3b850beb9d7a85a329feaaabe338bc1f3f71387c7e3aad2b3caea81c275880d68b87bfeeb0183adb6763c851ae962f51e993643c62703f7c23c655cbe882cec4e675ad469e30b1201fdf3681aca2ca6ed60c21ddbc2f670b8d7db875dff650ccb03b579d04ab4b428aabd9bf27ddeea87eb768fecde062eb093bca0eeb149adc4535305122f3dc270432543e7f5b671b057e6dc5e2efac8b01b22bcf5fc50b128c63b1f1ebbc18f93f4e2ea1790da95958f76e150df9be95fc9e1b31a052ea93539ea57202195944e18f92dae8f3b501fe241f1fd4feccf1ec807a947f42eaaf5fb445bc159b09713fa19aa3e79e8da18ba2d97689a8e2b6f894276860d160c5a37cb48482e77c211a6840de555f8648256452a1fc8ce519a1853347724528af2145faffebcb2c5fe55c4969bfd03b69b8afb0dbb2ba84437f7c826a769db225a485baeddcb1ad7de0cd05c167a87ef553ab0d762ba83ecabb1b34a3f6940e3cc3aedd4e96a9eaaf0943289899323812bc61697c50ff15b93672020ef40e5d317bb856d869bd526c09f4b46638f9c0418e3c85201f8a4f57979cd2835cf68ad885625a14b2221eca1c6dc36c268ae83ae2f37cfa34dbbf2b8004f2b8fdd0215302cee420a3ec9a43b1bab5f80dada10eeca8e329b8b2a26753eee26f7063094642f9ac01c7710de4f7c99af8ec92c3b71db2ec000faa629c8bc854196be98fba0ec882575a80f4cc58252dcda6d335aa4cbc603371fb8e83cc5c979c974fec633cf478a81dcbf1d08ce9bc87a37220565fc2c86cd702423128cb3759f726a5ab83e5ed18c988dbb95924327bb62c81dcf8c52334204b46f7710920e6935fa3ba8a5f869ae0a15b68c965c727dcb2a33dae0c2b4b7933d5274db16f5fe11a08c3aa7c4019849bca7d2cfed3b0a5236046c4eff4c958993976325fb09cf8f7beb6c72b832350c0ba5f26de2e7f36275560d4a7300644192d9c47d4e3a3627747a8664a908195801e49d759c42a96ec88901a6bbda20106c7a37f7bc9a10ca889e6442cfa162d84d9a699b81d61bae77e0eb4a0bf9ef1640c1f972398eacdf7b5401adfa4d7cc1893a1eaba69cd170542d8b16ced80510926f16a7356ce1091668948e23e625cdb4060136f3780905c41ea974c144da6dacdde60f77e2bca8e21800a958eee07d08371d2b36f2ef884d8315e6d5c76c1bc3fc45d809ca34d16e22549ad49b62b9c7c515fc1e7863619a7c91edd018327d5cafcee0cbd397d0551c483a8fc17169583ba73972b1f302c83b1735b47f2d418df49e9af694a4e574904cc7fcdd17af6071a434811283577fd1251c4a1bedb9f9b657a6b8215033454290fa1f5d6b02ec826ef606d8cd5aa9a0409cfc6f170ab3954cbe968b838e41e04587144276f5372c19823e1f29adcea0822d95d19a07cdc71436c4b7a6845bff3710ec571b1003e188d6a8fbf65a622a84387c9e9a38b4423a6ed6367ad48684597a58d817cfb5cd8ac206b547bb1a053323c1be724ff32a45f05cea7e3a99284e4435ddbceb4bfb5a7fbf06ace9e354f42f6a58e886a7d1f4a36ccdb18784ed6f9e0c4b6f7b68897e98b4e337672c13ed1a9e0cbb1ba2038adf76e8ec6228ce4bd97851f5f19a647d69a8450bb9d5bb1875c15d31958d6ac85bae11235d5d807976074117bafd2387e2c1b1f66c03441d9ffb3fe1cb1fd8823742eb487d9227771e86f925026f864db41936ec7a67202352afd7f0a854605d84ec05ea6ee7e347049e95b8d3b2866439f9a0ddb993ad2e44d3aacc0a8d9b52158c0eafa5993a133b5fcadea5adc035f61eb7191cda684aab105099adeac75ed710df226bd4e88f2e4196f69c1c52b7d7b080a4435e872b155579e98449edc5465c177fd05a7e4803c42497c0ea5cc6c6c77899f51b84735a3d24f4fcac456d930e6be5273de501ef7ce61a72c1c67c9a403e3d05b50f043d77115b01ea7e30b40596ed4dd0c0a11101c3da6f21a43a7e5780eeb181d1420d1e53bfa1cf8174f54c65eeedd2d6657063a1da3acdaa96ff4e9e9971e072674f3d735ddbb743fb90acf682658e57dff23a5ef8a99134d5a1b0a64de2fa24154737b87682b13e661887b0064296af5bb214204049e4fc9acf35e008b2a9fe19fb84ccd745c850205bcd9e865249e0752b21eb5a2c7c32cfd42710652e76bf565d564c83d85c0567ee176eeb5f5f6b6369087c53852f58be65afde39cc0b14858b9d58a1aa3168104d62340fe523a30e4058cb6e20b06370046686c54d71ddabddd45e2b6587fe938b7d6dfcf4f452945fb15835f8de341b168e05c64751c21e7d8d171ecfb4fc3453d0ba13c3890e895c168ee011cf754137694c52075303e463cf7413cd9a66959669d5ba87d9cf1677eada3e0b9d290134fcf84ed241c605d0c94c28820bc14e03ccff261d5e5010739aadefc56536dbaf74e35eaf787c717dfef5799bad1c134b8a9d0875b046fd8d992da911e72fa70f5e926adcfdaf241c0f45b6ceb3ac5849e0593e65332375203d9b86d4684f33e20cc40a8997677f716a03b77905ff6912bf6f8df855eededd577c4ef35ea9b9802403e9527f82be1340f824a8e58ddcab6a994c20b052192321552b533096a10aee40eda29351e7e1ea24d6fcbc0379fc13152c5e8884180aa7b304d825bdf5b142978ad75d3efda5b04a061fbf3d0c2bf5b1709a30e0f05f1484b33b216cd3e5d375fd714bb424dfd5ff122afe95bc9e4fe91dac869b06a8876634fd2a612d5c0f02cbd60b4d29539cdfd7ea500abc0fa0e11f8cb743b581b6e4bfe948885c8e420a04db2d628e8784f6afd94495eae04661312e6f1a8d7341d9659a3fe79a6acc784e8947f3531be058cf78925c25f4744c803cb2632088bdea8084794aaca6e77aca1fd89a72b2939a773e1764e0dfd88f2a99e07659b9cf63ac48addaa01ab80c52881d6a361695cdfe0031c5c240312b458002da34d233814108a47f5c128b724cf51fc94e9df0f89bf4a451f16fa874933782087d09cc4451522e8cd7a10c7944a31edfe26f572b8b60dd8dab0c202ef6e942c0a8052104cf35787ea2bb0a2e7d7cafb66c8db7b52fe5a332ba3619e25a211459f57caa4420c38d6e9a232414368e8a3178db07b2ccbcfcbdecabca0bf6c029a0addaacd1d7b51f6b204b156629714fd5c04398d5b373e57ddb2d4855ce8deab7bfa41664077f4f85cd542c98698532547e5de754a70001d57e0440870028585d6a3df61f636ca2949021ecc31fc203b733ead4e56d8c46c74d78a50d98296fe90d0d60835fdc74f21354c3363ea31652f358af48fe5965c0262bb7c18202ce1bf8cf433fdee52fd9d420d39b08433026f74418ea4ff5b5fcc83d6bcad87f1995ea8b3976cd0343d733fe34b3fe2a9e0179e70c84bd5651979e97109a719991fcbc39eba61eea0a960dd0100a80766b01d4e8fe46acb5c355290d55564f2ecec9da8de2e308607b453da8760685ed72fb3bdfa08040dcc6076aad395173bf13a33c208f0b8bf179f16f2f4254e353fe26465d25b2f096f22b9715fd86015a523f34d4c84c10d5e0b862afa246c619420f9695a4288e05140b231c3d4a44ef2039fc05c41c52d1612e328d060c5d0c7582b0071ccd09b4765ea430030c50d605b839eace93ceb614a2558f83a9e9c58cfe7092040f5da4725fd359b6f565aebea3c6353114e33e40002bf3a3054bc9f62137d92812b8714154cd496d54d8baa750afb42e986ec84061a3b0b836e9b0198b477e25b0b5e46823b70b8d5e4cdea0f8bb484bb8cc6b31f2b157a463228e04c7125207e9a650afccd73ffc568a8251a0d30869404f51351f67b580a24c6ff71d67ca867dd7acb16cb5e61d0a3e07f5f0050823f1d36e689ea876267df4919ef612934b1a6c697e25fe8f5d393e2514a72c6761f5e8691595e7a1447b02b111bfcceb8af731b4089aee7b91fc67da73378b41d9c4eb1c74af2e483174d8cf21991504b790d84f8f4ed9fc99fdcc86ac225c5dd8f483291f97aab9972d7d9fabc6fbd2c08207b333efd09ee55237d37d4ba287f60c8eac293fb3fff21f7a97023c01ad8ad814e413be046c7aa42da426605f2df88c7e5a06d275ba0d8c16db72db3a84999c24b5908dda48be505f58992799a801858c29d77b787a41cc01623194506a914a12322b571d69182666f0a9fd975591e6cfd52983edabda0499baa948e4ecf2b936044efe5dd38058216504e2a8a04153811b83e56ae9991b34dd096fd7118ce14824060736b9119817868d5a30fd396a0577ff8cf60e99deb0aa27e98f2bae0eababbe3fa23df894a9d17aeb4dafce9258adf94542658217eadad6af162cc21aa1b224de5d6799a433ec725dbaa41043825141fe7e1c517c51cbadf280820fc98b7554b7ada7409988d0dee09bc31fd057e76c959e72e4ab6b79e213e047af8512a3b84d5cf04a360f9bd1ff41c6c9ddaa7613454c0a78d8b0a226d7677cfb0240f5b9aa0379c65e621c94acc5081868523957e51d5ef2a716eb560ab99eb75e29fe89aad52e70a77bbf06f7ca827e74885232574ac16e64ef5c12e0d6c0684958112af7cd5affb3bf400b59fd138461827666f1af150969083bf14c60ce50f638e93e3bf0f847e6fad5d5c4b823ca594c7917b85eda1c33271c4d9fac37e7e0bab444d7cbf2642461024afaf1f96cfd5fe1cb25f522df4403a1eee1b5d32ca63f0919af2b6070c01ee0cadbb83a1e95890951cc5583e58d35d1e284f106bf7dac01773f8edc568fa26672da5ae277f732a00a3c59f123424a998fabcc25bb518460825a10306f4c86dfb16e55ba0c9ba28652e7958d6423063035e604f956a22c39c4ed42e507455f5cc5833440707e2b608c63639aa644fd0ee2907e858b1f1b"], 0x20}, 0x1, 0xf000, 0x0, 0x20000000}, 0x20014)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="180100002d000100000000000000000006"], 0x118}], 0x1}, 0x180)
r1 = syz_usb_connect$hid(0x5, 0x94, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000000000407d1e9c310000000000010902240001000030000904000001030001000921010100012205000905810310000c0000d2bf9533271e10c6933ec82d43f2fe90fcd70bb69523bcaac4ac85601cb0165aad29f60488f83e8e4ab28d4072d1b048b60cf53c72b17aeb02e4aefa92bb7d1a7aa47f36fb11863398036d33aaf5c39b1410fd0da1b4a0801060e0359aba16536137ab3cd13d3bfbedc680b8cf83b8adb9e53e33f156"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x1fd, 0x1, 0x0, 0x1000, &(0x7f0000772000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4c0b4)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x4e23, 0x0, @local}, 0x1c)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="2000000000000000020000000c0001000100000000000000fd41a5a6e035bec0a14fe49b14d6900b154d595f2cf8f26f8f0d50d82237d1ad54cc0bd6c0d229b36c2c868efb535a47d407acc18fe8f05d70d1f6c2dd90c8d35fd3700d4ea7e2da789179e07ee8cb056e8d09896d40dd14c3773313ed5daa8c3f8e46da000014059cd21a9d9d2901ecf0c85a6fec87067f9da3a3b91fc5ad2ebf9c71bed06c79faea9ce18299664b7ba2dfbccd9453dd622965ff44c51b5f7e588601d8b128111f78a2956a7c0587256fc32bcd4f1cad37938cc9df9bbc509dfa73e9a44945"], 0x20}}, 0x0)
prlimit64(r3, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000280)='net/ip_vs\x00')

802.610519ms ago: executing program 4 (id=2071):
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x4, &(0x7f00008b5000/0x1000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x4, 0x0, 0x2000, 0x1000, &(0x7f00002ce000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, &(0x7f0000000000)="66b9800000c00f326635000100000f3067f31e66b80500000066b92c0000000f01d90f01c90f015a000f08260f986c02b80a000f00d00f01d1660f388229", 0x3e}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x0)
r6 = eventfd2(0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
futex_waitv(&(0x7f0000000c80)=[{0x14000000, 0x0, 0x82}], 0x1, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r8, 0x4018aebd, &(0x7f0000000080)={0x0, r6})

668.38699ms ago: executing program 1 (id=2072):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000ec0)=ANY=[@ANYBLOB="850000006b0000006600000000000000630a0002000000009500000000000000e294707ddee16bbd0d0c9e4f60d8c4e266a59bf235da0f0fb013b0d21d6c285acaa60e70c2ff7e669a239afccc807c47be87af08ac23ddc3534332bd0eb55c612c0ad13c22ea4840b685d2e1a0c8575a73d271353237a2aaa7e6b8bd7f11d05e9a009e6aac6aadd7baf082d4ebfa4e909f3ab20314fd021ea3dc2c79571cee414fc514c26e44567fac6a297dbb10ddb5a7ec46529049f1b61170f0d358d880c1ef50286fe97d6819c2c9a21fb3accd3d1a5812530b26bab1e0a9e4d4dc1841234b849ad7b7bb256571f9f12333012c432e96739d5ee619bad7729a9c006d91ca185781c826f2779215be5cbe44917cd7f90516d79da7d9122538c16dc7e69308355e918c4597"], &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff4e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23) (async)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000ec0)=ANY=[@ANYBLOB="850000006b0000006600000000000000630a0002000000009500000000000000e294707ddee16bbd0d0c9e4f60d8c4e266a59bf235da0f0fb013b0d21d6c285acaa60e70c2ff7e669a239afccc807c47be87af08ac23ddc3534332bd0eb55c612c0ad13c22ea4840b685d2e1a0c8575a73d271353237a2aaa7e6b8bd7f11d05e9a009e6aac6aadd7baf082d4ebfa4e909f3ab20314fd021ea3dc2c79571cee414fc514c26e44567fac6a297dbb10ddb5a7ec46529049f1b61170f0d358d880c1ef50286fe97d6819c2c9a21fb3accd3d1a5812530b26bab1e0a9e4d4dc1841234b849ad7b7bb256571f9f12333012c432e96739d5ee619bad7729a9c006d91ca185781c826f2779215be5cbe44917cd7f90516d79da7d9122538c16dc7e69308355e918c4597"], &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff4e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})

321.153115ms ago: executing program 1 (id=2073):
socket$can_raw(0x1d, 0x3, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000280), 0x127440, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
pipe(0x0)
vmsplice(r0, 0x0, 0x0, 0x6)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pidfd_send_signal(r2, 0x12, 0x0, 0x4)

53.298603ms ago: executing program 4 (id=2074):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
eventfd(0xc0b)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0xde, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x28}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
listxattr(&(0x7f0000001e80)='./file0\x00', 0x0, 0x2)

0s ago: executing program 1 (id=2075):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18a70000000000001001000001"], 0x18}, 0x4048800)

kernel console output (not intermixed with test programs):

.269523][T11110] vlan2: entered promiscuous mode
[  487.815377][  T974] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[  487.952885][T11097] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1245'.
[  487.995453][  T974] usb 5-1: config 54 has an invalid interface number: 154 but max is 0
[  488.014265][  T974] usb 5-1: config 54 has no interface number 0
[  488.047339][  T974] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice= 0.ec
[  488.080824][  T974] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.096029][T11129] lo: entered allmulticast mode
[  488.109059][T11129] FAULT_INJECTION: forcing a failure.
[  488.109059][T11129] name failslab, interval 1, probability 0, space 0, times 0
[  488.121980][  T974] usb 5-1: Product: syz
[  488.128201][  T974] usb 5-1: Manufacturer: syz
[  488.132918][  T974] usb 5-1: SerialNumber: syz
[  488.144387][T11129] CPU: 1 UID: 0 PID: 11129 Comm: syz.5.1255 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  488.144414][T11129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  488.144424][T11129] Call Trace:
[  488.144430][T11129]  <TASK>
[  488.144436][T11129]  dump_stack_lvl+0x241/0x360
[  488.144460][T11129]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.144476][T11129]  ? __pfx__printk+0x10/0x10
[  488.144501][T11129]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  488.144526][T11129]  ? __pfx___might_resched+0x10/0x10
[  488.144550][T11129]  should_fail_ex+0x40a/0x550
[  488.144576][T11129]  should_failslab+0xac/0x100
[  488.144602][T11129]  kmem_cache_alloc_node_noprof+0x77/0x380
[  488.144625][T11129]  ? __alloc_skb+0x1c3/0x440
[  488.144649][T11129]  __alloc_skb+0x1c3/0x440
[  488.144672][T11129]  ? __pfx___alloc_skb+0x10/0x10
[  488.144694][T11129]  ? netlink_autobind+0xd6/0x2f0
[  488.144709][T11129]  ? netlink_autobind+0x2b0/0x2f0
[  488.144727][T11129]  netlink_sendmsg+0x634/0xcb0
[  488.144760][T11129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  488.144788][T11129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  488.144801][T11129]  __sock_sendmsg+0x221/0x270
[  488.144821][T11129]  ____sys_sendmsg+0x53a/0x860
[  488.144851][T11129]  ? __pfx_____sys_sendmsg+0x10/0x10
[  488.144872][T11129]  ? __fget_files+0x2a/0x410
[  488.144892][T11129]  ? __fget_files+0x2a/0x410
[  488.144915][T11129]  __sys_sendmsg+0x269/0x350
[  488.144941][T11129]  ? __pfx___sys_sendmsg+0x10/0x10
[  488.144973][T11129]  ? do_sys_openat2+0x17a/0x1d0
[  488.145010][T11129]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  488.145037][T11129]  ? do_syscall_64+0x100/0x230
[  488.145059][T11129]  ? do_syscall_64+0xb6/0x230
[  488.145079][T11129]  do_syscall_64+0xf3/0x230
[  488.145098][T11129]  ? clear_bhb_loop+0x35/0x90
[  488.145122][T11129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.145142][T11129] RIP: 0033:0x7f01d458d169
[  488.145157][T11129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.145170][T11129] RSP: 002b:00007f01d531b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  488.145188][T11129] RAX: ffffffffffffffda RBX: 00007f01d47a5fa0 RCX: 00007f01d458d169
[  488.145204][T11129] RDX: 0000000000000000 RSI: 00004000000006c0 RDI: 0000000000000005
[  488.145214][T11129] RBP: 00007f01d531b090 R08: 0000000000000000 R09: 0000000000000000
[  488.145224][T11129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.145233][T11129] R13: 0000000000000000 R14: 00007f01d47a5fa0 R15: 00007fff468f13b8
[  488.145256][T11129]  </TASK>
[  488.429261][T11136] FAULT_INJECTION: forcing a failure.
[  488.429261][T11136] name failslab, interval 1, probability 0, space 0, times 0
[  488.450963][T11128] lo: left allmulticast mode
[  488.495293][T11136] CPU: 0 UID: 0 PID: 11136 Comm: syz.0.1258 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  488.495321][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  488.495331][T11136] Call Trace:
[  488.495338][T11136]  <TASK>
[  488.495345][T11136]  dump_stack_lvl+0x241/0x360
[  488.495372][T11136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.495389][T11136]  ? __pfx__printk+0x10/0x10
[  488.495415][T11136]  ? kmem_cache_alloc_noprof+0x22d/0x380
[  488.495449][T11136]  should_fail_ex+0x40a/0x550
[  488.495476][T11136]  should_failslab+0xac/0x100
[  488.495501][T11136]  __kmalloc_cache_noprof+0x70/0x390
[  488.495517][T11136]  ? sctp_add_bind_addr+0x89/0x3a0
[  488.495543][T11136]  sctp_add_bind_addr+0x89/0x3a0
[  488.495569][T11136]  sctp_do_bind+0x5d2/0x950
[  488.495597][T11136]  sctp_connect_new_asoc+0x277/0x6c0
[  488.495617][T11136]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  488.495633][T11136]  ? sctp_sendmsg+0xf1a/0x35d0
[  488.495662][T11136]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  488.495686][T11136]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  488.495719][T11136]  sctp_sendmsg+0x1f64/0x35d0
[  488.495761][T11136]  ? __pfx_sctp_sendmsg+0x10/0x10
[  488.495785][T11136]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  488.495824][T11136]  ? inet_sendmsg+0x330/0x390
[  488.495849][T11136]  __sock_sendmsg+0x1a6/0x270
[  488.495873][T11136]  __sys_sendto+0x363/0x4c0
[  488.495901][T11136]  ? __pfx___sys_sendto+0x10/0x10
[  488.495936][T11136]  ? __fget_files+0x2a/0x410
[  488.495963][T11136]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  488.495989][T11136]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  488.496017][T11136]  __x64_sys_sendto+0xde/0x100
[  488.496043][T11136]  do_syscall_64+0xf3/0x230
[  488.496064][T11136]  ? clear_bhb_loop+0x35/0x90
[  488.496089][T11136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.496110][T11136] RIP: 0033:0x7f1bc398d169
[  488.496125][T11136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.496139][T11136] RSP: 002b:00007f1bc4870038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  488.496157][T11136] RAX: ffffffffffffffda RBX: 00007f1bc3ba5fa0 RCX: 00007f1bc398d169
[  488.496170][T11136] RDX: 000000000000fee4 RSI: 0000400000847fff RDI: 0000000000000003
[  488.496181][T11136] RBP: 00007f1bc4870090 R08: 000040000005ffe4 R09: 000000000000001c
[  488.496192][T11136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.496202][T11136] R13: 0000000000000000 R14: 00007f1bc3ba5fa0 R15: 00007ffc1b59a7d8
[  488.496229][T11136]  </TASK>
[  489.072210][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  489.072252][   T29] audit: type=1326 audit(1740248193.656:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  489.820667][   T29] audit: type=1326 audit(1740248193.656:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  489.861746][   T29] audit: type=1326 audit(1740248193.666:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  489.883692][   T29] audit: type=1326 audit(1740248193.666:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  489.905582][   T29] audit: type=1326 audit(1740248193.666:2645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  489.932904][   T29] audit: type=1326 audit(1740248193.666:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  490.056862][   T29] audit: type=1326 audit(1740248193.666:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  490.129486][   T29] audit: type=1326 audit(1740248193.666:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  490.202162][   T29] audit: type=1326 audit(1740248193.666:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  490.306912][   T29] audit: type=1326 audit(1740248193.666:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11137 comm="syz.1.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  490.378015][  T974] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  490.380623][ T2987] usb 5-1: Failed to submit usb control message: -71
[  490.389136][  T974] usb 5-1: USB disconnect, device number 37
[  490.437617][ T2987] usb 5-1: unable to send the bmi data to the device: -71
[  490.444795][ T2987] usb 5-1: unable to get target info from device
[  490.527421][ T2987] usb 5-1: could not get target info (-71)
[  490.540953][ T5881] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  490.561958][ T2987] usb 5-1: could not probe fw (-71)
[  490.771337][ T5881] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  490.785232][ T5881] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  490.823372][ T5881] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  490.834798][ T5881] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  490.850475][ T5881] usb 6-1: SerialNumber: syz
[  490.863876][T11180] netlink: 'syz.2.1270': attribute type 29 has an invalid length.
[  490.873427][T11180] netlink: 'syz.2.1270': attribute type 29 has an invalid length.
[  490.882440][T11180] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1270'.
[  491.067188][ T5881] usb 6-1: 0:2 : does not exist
[  491.105248][  T974] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  491.140509][ T5881] usb 6-1: USB disconnect, device number 9
[  491.271848][  T974] usb 2-1: Using ep0 maxpacket: 16
[  491.289018][  T974] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  491.315577][  T974] usb 2-1: config 0 has no interface number 0
[  491.332123][  T974] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  491.374565][  T974] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  491.393157][  T974] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  491.431099][  T974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.476055][T11192] 9pnet_fd: Insufficient options for proto=fd
[  491.499278][  T974] usb 2-1: config 0 descriptor??
[  492.114036][T11195] openvswitch: netlink: Message has 472 unknown bytes.
[  492.155774][T11199] FAULT_INJECTION: forcing a failure.
[  492.155774][T11199] name failslab, interval 1, probability 0, space 0, times 0
[  492.196147][T11199] CPU: 1 UID: 0 PID: 11199 Comm: syz.0.1275 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  492.196180][T11199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  492.196190][T11199] Call Trace:
[  492.196197][T11199]  <TASK>
[  492.196205][T11199]  dump_stack_lvl+0x241/0x360
[  492.196251][T11199]  ? __pfx_dump_stack_lvl+0x10/0x10
[  492.196269][T11199]  ? __pfx__printk+0x10/0x10
[  492.196296][T11199]  ? __kmalloc_noprof+0xb5/0x4c0
[  492.196313][T11199]  ? __pfx___might_resched+0x10/0x10
[  492.196338][T11199]  should_fail_ex+0x40a/0x550
[  492.196365][T11199]  should_failslab+0xac/0x100
[  492.196392][T11199]  __kmalloc_noprof+0xdd/0x4c0
[  492.196408][T11199]  ? ethnl_default_start+0x10a/0x570
[  492.196432][T11199]  ethnl_default_start+0x10a/0x570
[  492.196457][T11199]  genl_start+0x4dc/0x6d0
[  492.196487][T11199]  __netlink_dump_start+0x45c/0x790
[  492.196520][T11199]  genl_rcv_msg+0x894/0xec0
[  492.196549][T11199]  ? __pfx_genl_rcv_msg+0x10/0x10
[  492.196577][T11199]  ? __pfx_genl_start+0x10/0x10
[  492.196595][T11199]  ? __pfx_genl_dumpit+0x10/0x10
[  492.196612][T11199]  ? __pfx_genl_done+0x10/0x10
[  492.196649][T11199]  ? __pfx_lock_acquire+0x10/0x10
[  492.196670][T11199]  ? __pfx_ethnl_default_start+0x10/0x10
[  492.196687][T11199]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  492.196703][T11199]  ? __pfx_ethnl_default_done+0x10/0x10
[  492.196723][T11199]  ? __pfx___might_resched+0x10/0x10
[  492.196754][T11199]  netlink_rcv_skb+0x206/0x480
[  492.196779][T11199]  ? __pfx_genl_rcv_msg+0x10/0x10
[  492.196802][T11199]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  492.196841][T11199]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  492.196873][T11199]  genl_rcv+0x28/0x40
[  492.196891][T11199]  netlink_unicast+0x7f6/0x990
[  492.196923][T11199]  ? __pfx_netlink_unicast+0x10/0x10
[  492.196944][T11199]  ? __virt_addr_valid+0x45f/0x530
[  492.196968][T11199]  ? __phys_addr_symbol+0x2f/0x70
[  492.196989][T11199]  ? __check_object_size+0x47a/0x730
[  492.197019][T11199]  netlink_sendmsg+0x8de/0xcb0
[  492.197049][T11199]  ? __pfx_netlink_sendmsg+0x10/0x10
[  492.197080][T11199]  ? __pfx_netlink_sendmsg+0x10/0x10
[  492.197096][T11199]  __sock_sendmsg+0x221/0x270
[  492.197119][T11199]  ____sys_sendmsg+0x53a/0x860
[  492.197152][T11199]  ? __pfx_____sys_sendmsg+0x10/0x10
[  492.197171][T11199]  ? __fget_files+0x2a/0x410
[  492.197190][T11199]  ? __fget_files+0x2a/0x410
[  492.197214][T11199]  __sys_sendmsg+0x269/0x350
[  492.197249][T11199]  ? __pfx___sys_sendmsg+0x10/0x10
[  492.197287][T11199]  ? do_sys_openat2+0x17a/0x1d0
[  492.197331][T11199]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  492.197353][T11199]  ? do_syscall_64+0x100/0x230
[  492.197376][T11199]  ? do_syscall_64+0xb6/0x230
[  492.197398][T11199]  do_syscall_64+0xf3/0x230
[  492.197418][T11199]  ? clear_bhb_loop+0x35/0x90
[  492.197441][T11199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.197461][T11199] RIP: 0033:0x7f1bc398d169
[  492.197478][T11199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.197492][T11199] RSP: 002b:00007f1bc4870038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  492.197510][T11199] RAX: ffffffffffffffda RBX: 00007f1bc3ba5fa0 RCX: 00007f1bc398d169
[  492.197521][T11199] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000005
[  492.197529][T11199] RBP: 00007f1bc4870090 R08: 0000000000000000 R09: 0000000000000000
[  492.197538][T11199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.197547][T11199] R13: 0000000000000000 R14: 00007f1bc3ba5fa0 R15: 00007ffc1b59a7d8
[  492.197572][T11199]  </TASK>
[  492.715739][  T974] usbhid 2-1:0.1: can't add hid device: -71
[  492.725241][  T974] usbhid 2-1:0.1: probe with driver usbhid failed with error -71
[  492.767603][  T974] usb 2-1: USB disconnect, device number 21
[  493.600305][T11215] netlink: 604 bytes leftover after parsing attributes in process `syz.0.1281'.
[  493.703664][T11217] FAULT_INJECTION: forcing a failure.
[  493.703664][T11217] name failslab, interval 1, probability 0, space 0, times 0
[  493.716794][T11217] CPU: 0 UID: 0 PID: 11217 Comm: syz.4.1283 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  493.716820][T11217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  493.716831][T11217] Call Trace:
[  493.716837][T11217]  <TASK>
[  493.716844][T11217]  dump_stack_lvl+0x241/0x360
[  493.716861][T11217]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.716871][T11217]  ? __pfx__printk+0x10/0x10
[  493.716887][T11217]  ? __kmalloc_noprof+0xb5/0x4c0
[  493.716898][T11217]  ? __pfx___might_resched+0x10/0x10
[  493.716909][T11217]  ? rcu_is_watching+0x15/0xb0
[  493.716922][T11217]  should_fail_ex+0x40a/0x550
[  493.716944][T11217]  should_failslab+0xac/0x100
[  493.716959][T11217]  __kmalloc_noprof+0xdd/0x4c0
[  493.716969][T11217]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  493.716981][T11217]  ? __netlink_dump_start+0x119/0x790
[  493.716998][T11217]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  493.717014][T11217]  genl_start+0x182/0x6d0
[  493.717029][T11217]  __netlink_dump_start+0x45c/0x790
[  493.717049][T11217]  genl_rcv_msg+0x894/0xec0
[  493.717065][T11217]  ? __pfx_genl_rcv_msg+0x10/0x10
[  493.717080][T11217]  ? __pfx_genl_start+0x10/0x10
[  493.717090][T11217]  ? __pfx_genl_dumpit+0x10/0x10
[  493.717101][T11217]  ? __pfx_genl_done+0x10/0x10
[  493.717122][T11217]  ? __pfx_lock_acquire+0x10/0x10
[  493.717135][T11217]  ? __pfx_tipc_nl_node_dump_monitor_peer+0x10/0x10
[  493.717158][T11217]  ? __pfx___might_resched+0x10/0x10
[  493.717186][T11217]  netlink_rcv_skb+0x206/0x480
[  493.717212][T11217]  ? __pfx_genl_rcv_msg+0x10/0x10
[  493.717233][T11217]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  493.717262][T11217]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  493.717279][T11217]  genl_rcv+0x28/0x40
[  493.717290][T11217]  netlink_unicast+0x7f6/0x990
[  493.717308][T11217]  ? __pfx_netlink_unicast+0x10/0x10
[  493.717320][T11217]  ? __virt_addr_valid+0x45f/0x530
[  493.717335][T11217]  ? __phys_addr_symbol+0x2f/0x70
[  493.717347][T11217]  ? __check_object_size+0x47a/0x730
[  493.717365][T11217]  netlink_sendmsg+0x8de/0xcb0
[  493.717381][T11217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  493.717397][T11217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  493.717406][T11217]  __sock_sendmsg+0x221/0x270
[  493.717420][T11217]  ____sys_sendmsg+0x53a/0x860
[  493.717438][T11217]  ? __pfx_____sys_sendmsg+0x10/0x10
[  493.717451][T11217]  ? __fget_files+0x2a/0x410
[  493.717463][T11217]  ? __fget_files+0x2a/0x410
[  493.717477][T11217]  __sys_sendmsg+0x269/0x350
[  493.717494][T11217]  ? __pfx___sys_sendmsg+0x10/0x10
[  493.717522][T11217]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  493.717549][T11217]  do_syscall_64+0xf3/0x230
[  493.717562][T11217]  ? clear_bhb_loop+0x35/0x90
[  493.717578][T11217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.717590][T11217] RIP: 0033:0x7fbe2818d169
[  493.717601][T11217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.717609][T11217] RSP: 002b:00007fbe28fd4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  493.717621][T11217] RAX: ffffffffffffffda RBX: 00007fbe283a6080 RCX: 00007fbe2818d169
[  493.717627][T11217] RDX: 0000000000000000 RSI: 0000400000000500 RDI: 0000000000000006
[  493.717633][T11217] RBP: 00007fbe28fd4090 R08: 0000000000000000 R09: 0000000000000000
[  493.717639][T11217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.717645][T11217] R13: 0000000000000000 R14: 00007fbe283a6080 R15: 00007fffd16e9e78
[  493.717659][T11217]  </TASK>
[  494.643228][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  494.643281][   T29] audit: type=1326 audit(1740248199.446:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11219 comm="syz.4.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  495.120797][   T29] audit: type=1326 audit(1740248199.486:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11219 comm="syz.4.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  495.164108][   T29] audit: type=1326 audit(1740248199.826:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11219 comm="syz.4.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  495.188704][   T29] audit: type=1326 audit(1740248199.826:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11219 comm="syz.4.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  495.211028][   T29] audit: type=1326 audit(1740248199.826:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11219 comm="syz.4.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  495.233125][   T29] audit: type=1326 audit(1740248199.826:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11219 comm="syz.4.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  495.358334][T11226] overlay: Unknown parameter 'appraise_type'
[  495.426358][T11227] overlayfs: failed to clone upperpath
[  497.912097][T11242] x_tables: duplicate underflow at hook 1
[  498.026814][T11212] netlink: 'syz.0.1281': attribute type 29 has an invalid length.
[  499.288979][T11268] FAULT_INJECTION: forcing a failure.
[  499.288979][T11268] name failslab, interval 1, probability 0, space 0, times 0
[  499.305973][T11268] CPU: 1 UID: 0 PID: 11268 Comm: syz.4.1299 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  499.306000][T11268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  499.306010][T11268] Call Trace:
[  499.306017][T11268]  <TASK>
[  499.306024][T11268]  dump_stack_lvl+0x241/0x360
[  499.306051][T11268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  499.306069][T11268]  ? __pfx__printk+0x10/0x10
[  499.306093][T11268]  ? 0xffffffffa000094c
[  499.306111][T11268]  ? is_bpf_text_address+0x26/0x2a0
[  499.306136][T11268]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  499.306160][T11268]  should_fail_ex+0x40a/0x550
[  499.306188][T11268]  should_failslab+0xac/0x100
[  499.306215][T11268]  __kmalloc_cache_noprof+0x70/0x390
[  499.306231][T11268]  ? tipc_udp_enable+0x181/0x16f0
[  499.306258][T11268]  tipc_udp_enable+0x181/0x16f0
[  499.306287][T11268]  ? __pfx_tipc_udp_enable+0x10/0x10
[  499.306310][T11268]  ? stack_depot_save_flags+0x37/0x940
[  499.306341][T11268]  ? kasan_save_track+0x51/0x80
[  499.306360][T11268]  ? kasan_save_track+0x3f/0x80
[  499.306386][T11268]  ? __kasan_kmalloc+0x98/0xb0
[  499.306406][T11268]  ? __kmalloc_cache_noprof+0x243/0x390
[  499.306422][T11268]  ? __tipc_nl_bearer_enable+0xafb/0x1420
[  499.306441][T11268]  ? tipc_nl_bearer_enable+0x22/0x40
[  499.306459][T11268]  ? genl_rcv_msg+0xb1f/0xec0
[  499.306478][T11268]  ? netlink_rcv_skb+0x206/0x480
[  499.306500][T11268]  ? genl_rcv+0x28/0x40
[  499.306516][T11268]  ? netlink_unicast+0x7f6/0x990
[  499.306536][T11268]  ? netlink_sendmsg+0x8de/0xcb0
[  499.306552][T11268]  ? __sock_sendmsg+0x221/0x270
[  499.306569][T11268]  ? ____sys_sendmsg+0x53a/0x860
[  499.306590][T11268]  ? __sys_sendmsg+0x269/0x350
[  499.306611][T11268]  ? do_syscall_64+0xf3/0x230
[  499.306630][T11268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.306696][T11268]  ? __kasan_kmalloc+0x98/0xb0
[  499.306720][T11268]  ? __kmalloc_cache_noprof+0x243/0x390
[  499.306735][T11268]  ? __tipc_nl_bearer_enable+0xafb/0x1420
[  499.306761][T11268]  __tipc_nl_bearer_enable+0xbd2/0x1420
[  499.306792][T11268]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[  499.306811][T11268]  ? trace_contention_end+0x3c/0x120
[  499.306849][T11268]  ? __pfx___mutex_lock+0x10/0x10
[  499.306876][T11268]  ? __nla_parse+0x40/0x60
[  499.306895][T11268]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  499.306915][T11268]  ? genl_family_rcv_msg_attrs_parse+0x21b/0x290
[  499.306940][T11268]  tipc_nl_bearer_enable+0x22/0x40
[  499.306960][T11268]  genl_rcv_msg+0xb1f/0xec0
[  499.306990][T11268]  ? __pfx_genl_rcv_msg+0x10/0x10
[  499.307040][T11268]  ? __pfx_lock_acquire+0x10/0x10
[  499.307060][T11268]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[  499.307082][T11268]  ? __pfx___might_resched+0x10/0x10
[  499.307111][T11268]  netlink_rcv_skb+0x206/0x480
[  499.307137][T11268]  ? __pfx_genl_rcv_msg+0x10/0x10
[  499.307158][T11268]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  499.307196][T11268]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  499.307229][T11268]  genl_rcv+0x28/0x40
[  499.307247][T11268]  netlink_unicast+0x7f6/0x990
[  499.307278][T11268]  ? __pfx_netlink_unicast+0x10/0x10
[  499.307298][T11268]  ? __virt_addr_valid+0x45f/0x530
[  499.307322][T11268]  ? __phys_addr_symbol+0x2f/0x70
[  499.307343][T11268]  ? __check_object_size+0x47a/0x730
[  499.307379][T11268]  netlink_sendmsg+0x8de/0xcb0
[  499.307411][T11268]  ? __pfx_netlink_sendmsg+0x10/0x10
[  499.307442][T11268]  ? __pfx_netlink_sendmsg+0x10/0x10
[  499.307457][T11268]  __sock_sendmsg+0x221/0x270
[  499.307480][T11268]  ____sys_sendmsg+0x53a/0x860
[  499.307512][T11268]  ? __pfx_____sys_sendmsg+0x10/0x10
[  499.307533][T11268]  ? __fget_files+0x2a/0x410
[  499.307554][T11268]  ? __fget_files+0x2a/0x410
[  499.307580][T11268]  __sys_sendmsg+0x269/0x350
[  499.307606][T11268]  ? __pfx___sys_sendmsg+0x10/0x10
[  499.307640][T11268]  ? do_sys_openat2+0x17a/0x1d0
[  499.307679][T11268]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  499.307701][T11268]  ? do_syscall_64+0x100/0x230
[  499.307723][T11268]  ? do_syscall_64+0xb6/0x230
[  499.307745][T11268]  do_syscall_64+0xf3/0x230
[  499.307764][T11268]  ? clear_bhb_loop+0x35/0x90
[  499.307788][T11268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.307807][T11268] RIP: 0033:0x7fbe2818d169
[  499.307823][T11268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.307837][T11268] RSP: 002b:00007fbe28ff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  499.307856][T11268] RAX: ffffffffffffffda RBX: 00007fbe283a5fa0 RCX: 00007fbe2818d169
[  499.307868][T11268] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  499.307879][T11268] RBP: 00007fbe28ff5090 R08: 0000000000000000 R09: 0000000000000000
[  499.307890][T11268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.307900][T11268] R13: 0000000000000000 R14: 00007fbe283a5fa0 R15: 00007fffd16e9e78
[  499.307927][T11268]  </TASK>
[  499.307947][T11268] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  499.575230][    T8] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  499.912928][T11275] netlink: 'syz.2.1301': attribute type 29 has an invalid length.
[  499.923163][T11275] netlink: 'syz.2.1301': attribute type 29 has an invalid length.
[  499.932813][T11275] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1301'.
[  500.036397][T11274] tmpfs: User quota inode hardlimit too large.
[  500.055275][    T8] usb 6-1: Using ep0 maxpacket: 8
[  500.079860][    T8] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  500.097896][    T8] usb 6-1: config 179 has no interface number 0
[  500.114620][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  500.131440][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  500.144323][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  500.164975][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  500.187606][    T8] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  500.207898][    T8] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  501.030749][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.208110][T11270] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  501.439370][    T8] usb 6-1: USB disconnect, device number 10
[  501.445464][    C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  501.445511][    C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  501.945342][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.955501][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  502.460737][T11310] SET target dimension over the limit!
[  503.347635][T11316] FAULT_INJECTION: forcing a failure.
[  503.347635][T11316] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  503.385307][T11316] CPU: 1 UID: 0 PID: 11316 Comm: syz.5.1315 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  503.385336][T11316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  503.385346][T11316] Call Trace:
[  503.385352][T11316]  <TASK>
[  503.385359][T11316]  dump_stack_lvl+0x241/0x360
[  503.385387][T11316]  ? __pfx_dump_stack_lvl+0x10/0x10
[  503.385404][T11316]  ? __pfx__printk+0x10/0x10
[  503.385430][T11316]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  503.385458][T11316]  should_fail_ex+0x40a/0x550
[  503.385486][T11316]  prepare_alloc_pages+0x1da/0x5b0
[  503.385519][T11316]  __alloc_frozen_pages_noprof+0x16f/0x710
[  503.385544][T11316]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  503.385568][T11316]  ? _copy_from_iter+0x171/0x1c40
[  503.385588][T11316]  ? rep_movs_alternative+0x4a/0x70
[  503.385610][T11316]  ? __virt_addr_valid+0x183/0x530
[  503.385638][T11316]  alloc_pages_mpol+0x311/0x660
[  503.385667][T11316]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  503.385694][T11316]  ? __virt_addr_valid+0x183/0x530
[  503.385714][T11316]  ? __virt_addr_valid+0x45f/0x530
[  503.385741][T11316]  alloc_pages_noprof+0x121/0x190
[  503.385767][T11316]  af_alg_sendmsg+0x1420/0x2640
[  503.385810][T11316]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  503.385834][T11316]  ? __pfx_lock_release+0x10/0x10
[  503.385863][T11316]  ? skcipher_sendmsg+0x28/0xf0
[  503.385886][T11316]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  503.385906][T11316]  __sock_sendmsg+0x221/0x270
[  503.385929][T11316]  ____sys_sendmsg+0x53a/0x860
[  503.385961][T11316]  ? __pfx_____sys_sendmsg+0x10/0x10
[  503.385982][T11316]  ? __fget_files+0x2a/0x410
[  503.386003][T11316]  ? __fget_files+0x2a/0x410
[  503.386028][T11316]  __sys_sendmmsg+0x36a/0x720
[  503.386062][T11316]  ? __pfx___sys_sendmmsg+0x10/0x10
[  503.386098][T11316]  ? __pfx_lock_release+0x10/0x10
[  503.386116][T11316]  ? kstrtouint_from_user+0x128/0x190
[  503.386164][T11316]  ? ksys_write+0x22a/0x2b0
[  503.386184][T11316]  ? __pfx_lock_release+0x10/0x10
[  503.386212][T11316]  ? sb_end_write+0xe9/0x1c0
[  503.386230][T11316]  ? vfs_write+0x7fa/0xd10
[  503.386252][T11316]  ? __mutex_unlock_slowpath+0x227/0x800
[  503.386301][T11316]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  503.386327][T11316]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  503.386350][T11316]  ? do_syscall_64+0x100/0x230
[  503.386374][T11316]  __x64_sys_sendmmsg+0xa0/0xb0
[  503.386400][T11316]  do_syscall_64+0xf3/0x230
[  503.386420][T11316]  ? clear_bhb_loop+0x35/0x90
[  503.386445][T11316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.386465][T11316] RIP: 0033:0x7f01d458d169
[  503.386482][T11316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  503.386496][T11316] RSP: 002b:00007f01d531b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  503.386514][T11316] RAX: ffffffffffffffda RBX: 00007f01d47a5fa0 RCX: 00007f01d458d169
[  503.386526][T11316] RDX: 04924924924924b9 RSI: 0000400000000400 RDI: 0000000000000006
[  503.386537][T11316] RBP: 00007f01d531b090 R08: 0000000000000000 R09: 0000000000000000
[  503.386547][T11316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  503.386556][T11316] R13: 0000000000000000 R14: 00007f01d47a5fa0 R15: 00007fff468f13b8
[  503.386583][T11316]  </TASK>
[  503.392874][T11318] netlink: 'syz.1.1316': attribute type 29 has an invalid length.
[  503.524425][T11321] FAULT_INJECTION: forcing a failure.
[  503.524425][T11321] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  503.607124][T11318] netlink: 'syz.1.1316': attribute type 29 has an invalid length.
[  503.611827][T11318] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1316'.
[  503.687780][T11321] CPU: 1 UID: 0 PID: 11321 Comm: syz.0.1317 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  503.687804][T11321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  503.687816][T11321] Call Trace:
[  503.687825][T11321]  <TASK>
[  503.687834][T11321]  dump_stack_lvl+0x241/0x360
[  503.687859][T11321]  ? __pfx_dump_stack_lvl+0x10/0x10
[  503.687876][T11321]  ? __pfx__printk+0x10/0x10
[  503.687898][T11321]  ? rcu_is_watching+0x15/0xb0
[  503.687916][T11321]  ? __pfx_lock_release+0x10/0x10
[  503.687935][T11321]  ? __alloc_frozen_pages_noprof+0x350/0x710
[  503.687969][T11321]  should_fail_ex+0x40a/0x550
[  503.687995][T11321]  _copy_from_iter+0x1df/0x1c40
[  503.688025][T11321]  ? __pfx__copy_from_iter+0x10/0x10
[  503.688043][T11321]  ? tun_get_user+0x875/0x48a0
[  503.688063][T11321]  ? set_page_refcounted+0xa1/0x1e0
[  503.688087][T11321]  ? alloc_pages_noprof+0x136/0x190
[  503.688107][T11321]  ? page_copy_sane+0x46/0x260
[  503.688126][T11321]  copy_page_from_iter+0x7a/0x100
[  503.688147][T11321]  tun_get_user+0x2035/0x48a0
[  503.688165][T11321]  ? tun_get_user+0x875/0x48a0
[  503.688196][T11321]  ? __pfx_tun_get_user+0x10/0x10
[  503.688228][T11321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  503.688252][T11321]  ? tun_get+0x1e/0x2f0
[  503.688267][T11321]  ? __pfx_lock_release+0x10/0x10
[  503.688300][T11321]  ? tun_get+0x1e/0x2f0
[  503.688315][T11321]  ? tun_get+0x27d/0x2f0
[  503.688332][T11321]  tun_chr_write_iter+0x10d/0x1f0
[  503.688358][T11321]  vfs_write+0xacf/0xd10
[  503.688381][T11321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  503.688406][T11321]  ? __pfx_vfs_write+0x10/0x10
[  503.688423][T11321]  ? do_sys_openat2+0x17a/0x1d0
[  503.688443][T11321]  ? __fget_files+0x2a/0x410
[  503.688462][T11321]  ? __fget_files+0x2a/0x410
[  503.688486][T11321]  ksys_write+0x18f/0x2b0
[  503.688507][T11321]  ? __pfx_ksys_write+0x10/0x10
[  503.688527][T11321]  ? do_syscall_64+0x100/0x230
[  503.688550][T11321]  ? do_syscall_64+0xb6/0x230
[  503.688571][T11321]  do_syscall_64+0xf3/0x230
[  503.688592][T11321]  ? clear_bhb_loop+0x35/0x90
[  503.688615][T11321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.688636][T11321] RIP: 0033:0x7f1bc398bc1f
[  503.688652][T11321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  503.688665][T11321] RSP: 002b:00007f1bc4870000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  503.688684][T11321] RAX: ffffffffffffffda RBX: 00007f1bc3ba5fa0 RCX: 00007f1bc398bc1f
[  503.688695][T11321] RDX: 0000000000000086 RSI: 00004000000001c0 RDI: 00000000000000c8
[  503.688706][T11321] RBP: 00007f1bc4870090 R08: 0000000000000000 R09: 0000000000000000
[  503.688715][T11321] R10: 0000000000000086 R11: 0000000000000293 R12: 0000000000000001
[  503.688725][T11321] R13: 0000000000000001 R14: 00007f1bc3ba5fa0 R15: 00007ffc1b59a7d8
[  503.688750][T11321]  </TASK>
[  504.114287][T11329] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1319'.
[  504.124634][T11329] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1319'.
[  505.845552][T11348] FAULT_INJECTION: forcing a failure.
[  505.845552][T11348] name failslab, interval 1, probability 0, space 0, times 0
[  505.866050][T11348] CPU: 0 UID: 0 PID: 11348 Comm: syz.4.1327 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  505.866079][T11348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  505.866089][T11348] Call Trace:
[  505.866096][T11348]  <TASK>
[  505.866103][T11348]  dump_stack_lvl+0x241/0x360
[  505.866130][T11348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  505.866147][T11348]  ? __pfx__printk+0x10/0x10
[  505.866173][T11348]  ? __kmalloc_cache_noprof+0x48/0x390
[  505.866192][T11348]  ? __pfx___might_resched+0x10/0x10
[  505.866217][T11348]  should_fail_ex+0x40a/0x550
[  505.866244][T11348]  should_failslab+0xac/0x100
[  505.866271][T11348]  __kmalloc_cache_noprof+0x70/0x390
[  505.866286][T11348]  ? nft_delrule+0x57/0xb80
[  505.866311][T11348]  nft_delrule+0x57/0xb80
[  505.866334][T11348]  ? rcu_is_watching+0x15/0xb0
[  505.866352][T11348]  ? trace_kmalloc+0x1f/0xd0
[  505.866366][T11348]  ? __kmalloc_noprof+0x2a5/0x4c0
[  505.866382][T11348]  ? nf_tables_newrule+0x1609/0x2980
[  505.866404][T11348]  nf_tables_newrule+0x1dfe/0x2980
[  505.866435][T11348]  ? nfnl_pernet+0x23/0x240
[  505.866455][T11348]  ? __pfx_nf_tables_newrule+0x10/0x10
[  505.866472][T11348]  ? __skb_clone+0x5c/0x6c0
[  505.866510][T11348]  ? __nla_parse+0x40/0x60
[  505.866531][T11348]  nfnetlink_rcv+0x14e3/0x2ab0
[  505.866585][T11348]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  505.866653][T11348]  ? netlink_deliver_tap+0x2e/0x1b0
[  505.866669][T11348]  ? skb_clone+0x240/0x390
[  505.866685][T11348]  ? __pfx_lock_release+0x10/0x10
[  505.866728][T11348]  ? netlink_deliver_tap+0x2e/0x1b0
[  505.866749][T11348]  netlink_unicast+0x7f6/0x990
[  505.866780][T11348]  ? __pfx_netlink_unicast+0x10/0x10
[  505.866801][T11348]  ? __virt_addr_valid+0x45f/0x530
[  505.866825][T11348]  ? __phys_addr_symbol+0x2f/0x70
[  505.866847][T11348]  ? __check_object_size+0x47a/0x730
[  505.866877][T11348]  netlink_sendmsg+0x8de/0xcb0
[  505.866906][T11348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  505.866936][T11348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  505.866951][T11348]  __sock_sendmsg+0x221/0x270
[  505.866973][T11348]  ____sys_sendmsg+0x53a/0x860
[  505.867005][T11348]  ? __pfx_____sys_sendmsg+0x10/0x10
[  505.867027][T11348]  ? __fget_files+0x2a/0x410
[  505.867047][T11348]  ? __fget_files+0x2a/0x410
[  505.867073][T11348]  __sys_sendmsg+0x269/0x350
[  505.867102][T11348]  ? __pfx___sys_sendmsg+0x10/0x10
[  505.867138][T11348]  ? do_sys_openat2+0x17a/0x1d0
[  505.867183][T11348]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  505.867206][T11348]  ? do_syscall_64+0x100/0x230
[  505.867231][T11348]  ? do_syscall_64+0xb6/0x230
[  505.867255][T11348]  do_syscall_64+0xf3/0x230
[  505.867275][T11348]  ? clear_bhb_loop+0x35/0x90
[  505.867300][T11348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.867321][T11348] RIP: 0033:0x7fbe2818d169
[  505.867336][T11348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.867350][T11348] RSP: 002b:00007fbe28ff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  505.867368][T11348] RAX: ffffffffffffffda RBX: 00007fbe283a5fa0 RCX: 00007fbe2818d169
[  505.867381][T11348] RDX: 0000000000000000 RSI: 00004000000002c0 RDI: 0000000000000003
[  505.867391][T11348] RBP: 00007fbe28ff5090 R08: 0000000000000000 R09: 0000000000000000
[  505.867402][T11348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.867411][T11348] R13: 0000000000000000 R14: 00007fbe283a5fa0 R15: 00007fffd16e9e78
[  505.867439][T11348]  </TASK>
[  506.289585][   T29] audit: type=1326 audit(1740248211.096:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.316411][   T29] audit: type=1326 audit(1740248211.096:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.339464][   T29] audit: type=1326 audit(1740248211.096:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.361818][   T29] audit: type=1326 audit(1740248211.096:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.383835][   T29] audit: type=1326 audit(1740248211.096:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.405864][   T29] audit: type=1326 audit(1740248211.096:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.427781][   T29] audit: type=1326 audit(1740248211.096:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.450336][   T29] audit: type=1326 audit(1740248211.106:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe2818bad0 code=0x7ffc0000
[  506.472329][   T29] audit: type=1326 audit(1740248211.106:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.494695][   T29] audit: type=1326 audit(1740248211.106:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11351 comm="syz.4.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  506.694577][   T25] usb 5-1: new full-speed USB device number 38 using dummy_hcd
[  507.403934][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 1024, setting to 64
[  507.420787][   T25] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  507.441971][   T25] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  507.458315][   T25] usb 5-1: Product: syz
[  507.463444][   T25] usb 5-1: Manufacturer: syz
[  507.471446][   T25] usb 5-1: SerialNumber: syz
[  507.479221][   T25] usb 5-1: config 0 descriptor??
[  507.489692][T11354] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  507.501475][T11363] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1330'.
[  507.710378][   T25] usb 5-1: USB disconnect, device number 38
[  507.716188][T11367] netlink: 'syz.5.1335': attribute type 29 has an invalid length.
[  507.776210][T11367] netlink: 'syz.5.1335': attribute type 29 has an invalid length.
[  507.866478][T11367] netlink: 500 bytes leftover after parsing attributes in process `syz.5.1335'.
[  508.655348][   T25] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  508.884676][   T25] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  508.989468][   T25] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  509.737110][   T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  509.895161][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.903264][   T25] usb 2-1: Product: syz
[  509.915125][   T25] usb 2-1: Manufacturer: syz
[  509.929131][   T25] usb 2-1: SerialNumber: syz
[  510.069013][T11389] hub 6-0:1.0: USB hub found
[  510.075415][T11389] hub 6-0:1.0: 1 port detected
[  510.752265][   T25] cdc_ncm 2-1:1.0: NCM or ECM functional descriptors missing
[  510.760116][   T25] cdc_ncm 2-1:1.0: bind() failure
[  510.796083][   T25] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  510.805328][   T25] cdc_ncm 2-1:1.1: bind() failure
[  511.240927][   T25] usb 2-1: USB disconnect, device number 22
[  511.798915][T11407] hub 6-0:1.0: USB hub found
[  511.805372][T11407] hub 6-0:1.0: 1 port detected
[  512.789854][T11423] netlink: 604 bytes leftover after parsing attributes in process `syz.0.1346'.
[  513.410568][T11414] netlink: 'syz.0.1346': attribute type 29 has an invalid length.
[  513.441673][T11420] netlink: 'syz.0.1346': attribute type 29 has an invalid length.
[  513.506457][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  513.506475][   T29] audit: type=1326 audit(1740248218.306:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11424 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  513.627028][   T29] audit: type=1326 audit(1740248218.306:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11424 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8bf8d169 code=0x7ffc0000
[  514.807624][T11454] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1349'.
[  515.267710][T11459] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1361'.
[  515.278054][T11460] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  515.445146][T11460] befs: (nullb0): No write support. Marking filesystem read-only
[  515.502354][T11460] befs: (nullb0): invalid magic header
[  515.725830][T11473] netlink: 'syz.4.1364': attribute type 29 has an invalid length.
[  515.736380][T11473] netlink: 'syz.4.1364': attribute type 29 has an invalid length.
[  515.751782][T11473] netlink: 500 bytes leftover after parsing attributes in process `syz.4.1364'.
[  516.881973][   T29] audit: type=1326 audit(1740248221.686:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11482 comm="syz.5.1368" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f01d458d169 code=0x0
[  516.929008][T11485] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1368'.
[  518.143684][T11497] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1372'.
[  518.669278][   T29] audit: type=1326 audit(1740248223.476:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11508 comm="syz.4.1377" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x0
[  519.273364][T11518] netlink: 'syz.0.1380': attribute type 29 has an invalid length.
[  519.293347][T11518] netlink: 'syz.0.1380': attribute type 29 has an invalid length.
[  519.304063][T11518] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1380'.
[  520.265090][T11528] hub 6-0:1.0: USB hub found
[  520.279251][T11528] hub 6-0:1.0: 1 port detected
[  521.610286][T11540] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1386'.
[  521.781187][T11544] openvswitch: netlink: IPv4 tun info is not correct
[  522.443103][T11561] netlink: 'syz.0.1394': attribute type 29 has an invalid length.
[  522.454707][T11561] netlink: 'syz.0.1394': attribute type 29 has an invalid length.
[  522.473807][T11561] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1394'.
[  523.370790][T11565] syz.4.1395 (11565): drop_caches: 2
[  524.503955][T11580] hub 6-0:1.0: USB hub found
[  524.510003][T11580] hub 6-0:1.0: 1 port detected
[  524.616194][T11584] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1401'.
[  526.828175][T11608] netlink: 'syz.2.1409': attribute type 29 has an invalid length.
[  526.864644][T11608] netlink: 'syz.2.1409': attribute type 29 has an invalid length.
[  526.889256][T11612] syz.4.1407: attempt to access beyond end of device
[  526.889256][T11612] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[  526.925405][T11615] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1409'.
[  526.961174][T11612] SQUASHFS error: Failed to read block 0x0: -5
[  526.972886][T11612] unable to read squashfs_super_block
[  527.023553][T11618] batadv0: entered promiscuous mode
[  527.124653][T11622] hub 6-0:1.0: USB hub found
[  527.130802][T11622] hub 6-0:1.0: 1 port detected
[  527.747014][T11618] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  527.754828][T11618] team0: Device macvtap1 failed to register rx_handler
[  527.886537][T11618] batadv0: left promiscuous mode
[  530.114688][   T29] audit: type=1326 audit(1740248234.916:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  530.266577][   T29] audit: type=1326 audit(1740248234.946:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  530.297361][   T29] audit: type=1326 audit(1740248235.036:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  530.330999][   T29] audit: type=1326 audit(1740248235.036:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  530.359569][   T29] audit: type=1326 audit(1740248235.036:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  530.460855][   T29] audit: type=1326 audit(1740248235.036:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  531.164145][ T5881] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  531.222102][   T29] audit: type=1326 audit(1740248235.036:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe2818d169 code=0x7ffc0000
[  531.255444][   T29] audit: type=1326 audit(1740248235.106:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe2818bad0 code=0x7ffc0000
[  531.399086][T11653] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1422'.
[  531.409183][T11653] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1422'.
[  531.773731][ T5881] usb 5-1: Using ep0 maxpacket: 16
[  531.779050][   T29] audit: type=1326 audit(1740248235.106:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe2818cd6b code=0x7ffc0000
[  531.802152][   T29] audit: type=1326 audit(1740248235.106:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11640 comm="syz.4.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe2818cd6b code=0x7ffc0000
[  531.831756][ T5881] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  531.866980][ T5881] usb 5-1: New USB device found, idVendor=0a12, idProduct=5d10, bcdDevice=fc.5a
[  531.880073][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.932941][ T5881] usb 5-1: Product: syz
[  531.941808][ T5881] usb 5-1: Manufacturer: syz
[  531.969927][ T5881] usb 5-1: SerialNumber: syz
[  532.140743][ T5881] usb 5-1: config 0 descriptor??
[  532.971734][ T5881] IPVS: starting estimator thread 0...
[  533.028251][ T5881] usb 5-1: USB disconnect, device number 39
[  533.075243][T11660] IPVS: using max 20 ests per chain, 48000 per kthread
[  535.039203][T11676] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  535.311257][T11676] /dev/nullb0: Can't open blockdev
[  538.297571][T11701] batadv0: entered promiscuous mode
[  538.315468][T11701] macsec1: entered promiscuous mode
[  538.330726][T11701] batadv0: left promiscuous mode
[  539.786901][T11703] batadv0: entered promiscuous mode
[  539.835384][T11703] macsec1: entered promiscuous mode
[  539.846053][T11703] batadv0: left promiscuous mode
[  540.129139][   T25] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  540.936485][   T25] usb 2-1: Using ep0 maxpacket: 16
[  540.946895][   T25] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  540.998543][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  541.047583][   T25] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  541.072745][T11721] overlayfs: failed to resolve './file1': -2
[  541.086602][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.104935][   T25] usb 2-1: Product: syz
[  541.119841][   T25] usb 2-1: Manufacturer: syz
[  541.124494][   T25] usb 2-1: SerialNumber: syz
[  541.147501][   T25] usb 2-1: config 0 descriptor??
[  541.164417][T11723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1441'.
[  541.168007][   T25] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  541.201683][   T25] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  541.270424][T11727] netlink: zone id is out of range
[  541.288902][T11727] netlink: set zone limit has 8 unknown bytes
[  541.383363][T11727] 9pnet_fd: Insufficient options for proto=fd
[  542.282979][   T25] em28xx 2-1:0.0: chip ID is em2882/3
[  543.192931][T11746] netlink: 'syz.2.1448': attribute type 3 has an invalid length.
[  543.501009][   T25] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  543.509349][   T25] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  543.526646][   T25] em28xx 2-1:0.0: No AC97 audio processor
[  544.477309][T11760] FAULT_INJECTION: forcing a failure.
[  544.477309][T11760] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  544.523013][T11760] CPU: 0 UID: 0 PID: 11760 Comm: syz.4.1451 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  544.523046][T11760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  544.523053][T11760] Call Trace:
[  544.523057][T11760]  <TASK>
[  544.523063][T11760]  dump_stack_lvl+0x241/0x360
[  544.523081][T11760]  ? __pfx_dump_stack_lvl+0x10/0x10
[  544.523091][T11760]  ? __pfx__printk+0x10/0x10
[  544.523109][T11760]  ? snprintf+0xda/0x120
[  544.523121][T11760]  should_fail_ex+0x40a/0x550
[  544.523137][T11760]  _copy_to_user+0x31/0xb0
[  544.523150][T11760]  simple_read_from_buffer+0xca/0x150
[  544.523167][T11760]  proc_fail_nth_read+0x1e9/0x250
[  544.523184][T11760]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  544.523200][T11760]  ? rw_verify_area+0x243/0x630
[  544.523212][T11760]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  544.523227][T11760]  vfs_read+0x1f8/0xb40
[  544.523240][T11760]  ? fdget_pos+0x254/0x320
[  544.523250][T11760]  ? __pfx___mutex_lock+0x10/0x10
[  544.523264][T11760]  ? __pfx_vfs_read+0x10/0x10
[  544.523273][T11760]  ? mntput_no_expire+0x246/0x850
[  544.523288][T11760]  ? __fget_files+0x2a/0x410
[  544.523298][T11760]  ? __fget_files+0x395/0x410
[  544.523307][T11760]  ? __fget_files+0x2a/0x410
[  544.523322][T11760]  ksys_read+0x18f/0x2b0
[  544.523334][T11760]  ? __pfx_ksys_read+0x10/0x10
[  544.523346][T11760]  ? do_syscall_64+0x100/0x230
[  544.523360][T11760]  ? do_syscall_64+0xb6/0x230
[  544.523374][T11760]  do_syscall_64+0xf3/0x230
[  544.523386][T11760]  ? clear_bhb_loop+0x35/0x90
[  544.523400][T11760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.523412][T11760] RIP: 0033:0x7fbe2818bb7c
[  544.523422][T11760] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  544.523429][T11760] RSP: 002b:00007fbe28ff5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  544.523440][T11760] RAX: ffffffffffffffda RBX: 00007fbe283a5fa0 RCX: 00007fbe2818bb7c
[  544.523447][T11760] RDX: 000000000000000f RSI: 00007fbe28ff50a0 RDI: 0000000000000003
[  544.523453][T11760] RBP: 00007fbe28ff5090 R08: 0000000000000000 R09: 0000000000000000
[  544.523458][T11760] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  544.523464][T11760] R13: 0000000000000000 R14: 00007fbe283a5fa0 R15: 00007fffd16e9e78
[  544.523478][T11760]  </TASK>
[  544.750908][    C0] vkms_vblank_simulate: vblank timer overrun
[  546.382414][T11766] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1453'.
[  546.579588][T11766] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1453'.
[  547.247843][T11781] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1458'.
[  547.339709][   T25] usb 2-1: USB disconnect, device number 23
[  547.366191][   T25] em28xx 2-1:0.0: Disconnecting em28xx
[  547.399881][T11785] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1458'.
[  547.409479][   T25] em28xx 2-1:0.0: Freeing device
[  548.535244][ T5881] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  548.675243][ T5881] usb 1-1: device descriptor read/64, error -71
[  549.665284][ T5881] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  550.425127][ T5881] usb 1-1: device descriptor read/64, error -71
[  550.448253][T11813] sit0: entered promiscuous mode
[  550.480691][T11813] netlink: 'syz.2.1467': attribute type 1 has an invalid length.
[  550.490134][T11813] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1467'.
[  550.965160][ T5881] usb usb1-port1: attempt power cycle
[  551.955228][ T5881] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  552.007140][T11819] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1469'.
[  552.048805][T11823] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1472'.
[  552.066098][T11819] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1469'.
[  552.126964][T11823] FAULT_INJECTION: forcing a failure.
[  552.126964][T11823] name failslab, interval 1, probability 0, space 0, times 0
[  552.175139][ T5881] usb 1-1: device not accepting address 31, error -71
[  552.196210][T11823] CPU: 0 UID: 0 PID: 11823 Comm: syz.4.1472 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  552.196230][T11823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  552.196236][T11823] Call Trace:
[  552.196241][T11823]  <TASK>
[  552.196245][T11823]  dump_stack_lvl+0x241/0x360
[  552.196262][T11823]  ? __pfx_dump_stack_lvl+0x10/0x10
[  552.196272][T11823]  ? __pfx__printk+0x10/0x10
[  552.196289][T11823]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  552.196306][T11823]  ? __pfx___might_resched+0x10/0x10
[  552.196320][T11823]  should_fail_ex+0x40a/0x550
[  552.196336][T11823]  should_failslab+0xac/0x100
[  552.196352][T11823]  kmem_cache_alloc_node_noprof+0x77/0x380
[  552.196366][T11823]  ? __alloc_skb+0x1c3/0x440
[  552.196381][T11823]  __alloc_skb+0x1c3/0x440
[  552.196397][T11823]  ? __pfx___alloc_skb+0x10/0x10
[  552.196412][T11823]  ? netlink_ack_tlv_len+0x6e/0x200
[  552.196428][T11823]  netlink_ack+0x145/0xa60
[  552.196442][T11823]  ? __up_read+0x2c2/0x6b0
[  552.196454][T11823]  ? __pfx___up_read+0x10/0x10
[  552.196465][T11823]  ? __lock_acquire+0x1397/0x2100
[  552.196480][T11823]  rdma_nl_rcv+0x3f6/0x9e0
[  552.196496][T11823]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  552.196520][T11823]  ? netlink_deliver_tap+0x2e/0x1b0
[  552.196531][T11823]  netlink_unicast+0x7f6/0x990
[  552.196548][T11823]  ? __pfx_netlink_unicast+0x10/0x10
[  552.196561][T11823]  ? __virt_addr_valid+0x45f/0x530
[  552.196575][T11823]  ? __phys_addr_symbol+0x2f/0x70
[  552.196588][T11823]  ? __check_object_size+0x47a/0x730
[  552.196605][T11823]  netlink_sendmsg+0x8de/0xcb0
[  552.196621][T11823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  552.196636][T11823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  552.196645][T11823]  __sock_sendmsg+0x221/0x270
[  552.196659][T11823]  ____sys_sendmsg+0x53a/0x860
[  552.196677][T11823]  ? __pfx_____sys_sendmsg+0x10/0x10
[  552.196690][T11823]  ? __fget_files+0x2a/0x410
[  552.196701][T11823]  ? __fget_files+0x2a/0x410
[  552.196715][T11823]  __sys_sendmsg+0x269/0x350
[  552.196731][T11823]  ? __pfx___sys_sendmsg+0x10/0x10
[  552.196751][T11823]  ? do_sys_openat2+0x17a/0x1d0
[  552.196773][T11823]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  552.196787][T11823]  ? do_syscall_64+0x100/0x230
[  552.196802][T11823]  ? do_syscall_64+0xb6/0x230
[  552.196815][T11823]  do_syscall_64+0xf3/0x230
[  552.196827][T11823]  ? clear_bhb_loop+0x35/0x90
[  552.196842][T11823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.196855][T11823] RIP: 0033:0x7fbe2818d169
[  552.196864][T11823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.196873][T11823] RSP: 002b:00007fbe28ff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  552.196884][T11823] RAX: ffffffffffffffda RBX: 00007fbe283a5fa0 RCX: 00007fbe2818d169
[  552.196891][T11823] RDX: 0000000024000000 RSI: 0000400000000280 RDI: 0000000000000003
[  552.196898][T11823] RBP: 00007fbe28ff5090 R08: 0000000000000000 R09: 0000000000000000
[  552.196903][T11823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.196909][T11823] R13: 0000000000000000 R14: 00007fbe283a5fa0 R15: 00007fffd16e9e78
[  552.196923][T11823]  </TASK>
[  552.698650][T11829] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1470'.
[  552.812067][T11835] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1470'.
[  553.070574][ T5881] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  553.196184][T11844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1476'.
[  553.214066][T11844] dummy0: entered promiscuous mode
[  553.219564][T11844] macsec1: entered allmulticast mode
[  553.225075][T11844] dummy0: entered allmulticast mode
[  553.605961][ T5881] usb 1-1: Using ep0 maxpacket: 32
[  553.617242][ T5881] usb 1-1: config 72 has an invalid interface number: 11 but max is 0
[  553.957434][ T5881] usb 1-1: config 72 has no interface number 0
[  553.963684][ T5881] usb 1-1: config 72 interface 11 altsetting 250 endpoint 0x7 has an invalid bInterval 249, changing to 11
[  553.975156][ T5881] usb 1-1: config 72 interface 11 has no altsetting 0
[  554.278169][ T5881] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=62.e4
[  554.294334][ T5881] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.305629][ T5881] usb 1-1: Product: syz
[  554.310445][ T5881] usb 1-1: Manufacturer: syz
[  554.352123][ T5881] usb 1-1: SerialNumber: syz
[  554.899546][ T5881] usbtest 1-1:72.11: couldn't get endpoints, -71
[  554.910026][ T5881] usbtest 1-1:72.11: probe with driver usbtest failed with error -71
[  554.921294][ T5881] usb 1-1: USB disconnect, device number 32
[  555.245130][T11854] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1480'.
[  555.686570][T11866] netlink: 'syz.1.1482': attribute type 21 has an invalid length.
[  555.695131][T11866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1482'.
[  555.788912][ T5836] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  556.077598][T11864] /dev/nullb0: Can't lookup blockdev
[  556.180476][T11872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1485'.
[  556.190178][ T5836] usb 6-1: device descriptor read/64, error -71
[  557.095224][ T5836] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  557.235361][ T5836] usb 6-1: device descriptor read/64, error -71
[  558.275320][ T5836] usb usb6-port1: attempt power cycle
[  558.802103][T11898] Bluetooth: hci0: Opcode 0x0401 failed: -112
[  559.399288][T11906] /dev/nullb0: Can't lookup blockdev
[  559.930827][T11913] random: crng reseeded on system resumption
[  560.195341][T11914] netlink: 'syz.2.1498': attribute type 6 has an invalid length.
[  560.691882][T11914] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1498'.
[  560.790611][ T5137] Bluetooth: hci0: command 0x0406 tx timeout
[  560.799084][ T5847] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  561.045887][T11928] futex_wake_op: syz.2.1501 tries to shift op by -1; fix this program
[  561.926747][T11947] /dev/nullb0: Can't lookup blockdev
[  562.483484][T11952] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  563.045763][T11921] Bluetooth: hci0: command 0x0406 tx timeout
[  563.366796][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  563.373265][T11957] misc userio: Invalid payload size
[  563.373801][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  565.055363][ T5836] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  565.089085][T11977] /dev/nullb0: Can't lookup blockdev
[  565.215736][ T5836] usb 6-1: Using ep0 maxpacket: 8
[  565.234291][ T5836] usb 6-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 240, changing to 11
[  565.267514][ T5836] usb 6-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  565.285420][ T5836] usb 6-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  565.308837][ T5836] usb 6-1: config 0 interface 0 has no altsetting 0
[  565.329008][ T5836] usb 6-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  565.345763][ T5836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.801769][ T5836] usb 6-1: config 0 descriptor??
[  567.253160][ T5836] usbhid 6-1:0.0: can't add hid device: -71
[  567.259377][ T5836] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  567.277359][ T5836] usb 6-1: USB disconnect, device number 14
[  568.680909][T12009] hub 6-0:1.0: USB hub found
[  568.713886][T12009] hub 6-0:1.0: 1 port detected
[  568.743017][T12011] netlink: 'syz.0.1529': attribute type 29 has an invalid length.
[  568.767782][T12011] netlink: 'syz.0.1529': attribute type 29 has an invalid length.
[  568.789476][T12011] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1529'.
[  569.184755][T12020] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  569.221164][T12020] /dev/nullb0: Can't open blockdev
[  570.737072][T12039] input: syz0 as /devices/virtual/input/input9
[  571.084651][T12040] hub 6-0:1.0: USB hub found
[  571.170144][T12040] hub 6-0:1.0: 1 port detected
[  572.713982][T12049] delete_channel: no stack
[  572.719572][T12049] delete_channel: no stack
[  573.441664][T12048] overlayfs: missing 'lowerdir'
[  574.471297][T12057] netlink: 'syz.0.1542': attribute type 29 has an invalid length.
[  574.596652][T12057] netlink: 'syz.0.1542': attribute type 29 has an invalid length.
[  578.583827][T12104] netlink: 'syz.0.1554': attribute type 29 has an invalid length.
[  578.613991][T12104] netlink: 'syz.0.1554': attribute type 29 has an invalid length.
[  578.636195][T12104] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1554'.
[  578.755576][   T47] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  579.397950][   T47] usb 2-1: device descriptor read/64, error -71
[  579.665442][   T47] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  579.986482][   T47] usb 2-1: device descriptor read/64, error -71
[  580.106455][   T47] usb usb2-port1: attempt power cycle
[  580.766839][   T47] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  581.419505][   T47] usb 2-1: device descriptor read/8, error -71
[  581.588618][T12134] netlink: 'syz.0.1567': attribute type 29 has an invalid length.
[  581.622480][T12134] netlink: 'syz.0.1567': attribute type 29 has an invalid length.
[  581.654146][T12134] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1567'.
[  581.947139][   T47] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  582.288954][   T47] usb 2-1: Using ep0 maxpacket: 16
[  582.298550][   T47] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  582.316406][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  582.334375][   T47] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  582.444826][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.498048][   T47] usb 2-1: Product: syz
[  582.502281][   T47] usb 2-1: Manufacturer: syz
[  582.507469][   T47] usb 2-1: SerialNumber: syz
[  582.543732][   T47] usb 2-1: config 0 descriptor??
[  582.553799][   T47] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  582.597782][   T47] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  582.836228][   T47] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  582.844998][T12150] netlink: 'syz.5.1570': attribute type 1 has an invalid length.
[  582.855304][   T47] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  582.877507][   T47] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  582.896807][T12150] 8021q: adding VLAN 0 to HW filter on device bond1
[  582.903770][   T47] em28xx 2-1:0.0: No AC97 audio processor
[  583.686793][ T5881] usb 2-1: USB disconnect, device number 27
[  583.693628][ T5881] em28xx 2-1:0.0: Disconnecting em28xx
[  583.736981][ T5881] em28xx 2-1:0.0: Freeing device
[  583.776978][T12161] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1573'.
[  583.892536][T12166] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1575'.
[  583.961370][T12166] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1575'.
[  584.057180][T12161] lo speed is unknown, defaulting to 1000
[  585.550485][T12161] lo speed is unknown, defaulting to 1000
[  589.912282][ T5836] lo speed is unknown, defaulting to 1000
[  590.395667][T12218] hub 6-0:1.0: USB hub found
[  590.401750][T12218] hub 6-0:1.0: 1 port detected
[  591.667943][T12233] hub 6-0:1.0: USB hub found
[  591.679256][T12233] hub 6-0:1.0: 1 port detected
[  592.579670][ T5883] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  592.750569][ T5883] usb 1-1: Using ep0 maxpacket: 32
[  592.778353][ T5883] usb 1-1: unable to get BOS descriptor or descriptor too short
[  592.794588][ T5883] usb 1-1: config 127 has an invalid interface number: 25 but max is 0
[  592.836102][ T5883] usb 1-1: config 127 has no interface number 0
[  592.866484][ T5883] usb 1-1: config 127 interface 25 has no altsetting 0
[  593.050682][T12254] overlayfs: failed to clone upperpath
[  593.691823][ T5883] usb 1-1: string descriptor 0 read error: -22
[  593.698148][ T5883] usb 1-1: New USB device found, idVendor=1110, idProduct=9000, bcdDevice=f4.11
[  593.710178][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.728289][T12252] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1598'.
[  594.080907][ T5883] usb 1-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9000) Rev (0XF411): ADI930
[  594.362029][T12250] syz.5.1600: vmalloc error: size 69206016, failed to allocated page array size 135168, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  594.407424][T12250] CPU: 0 UID: 0 PID: 12250 Comm: syz.5.1600 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  594.407452][T12250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  594.407463][T12250] Call Trace:
[  594.407469][T12250]  <TASK>
[  594.407477][T12250]  dump_stack_lvl+0x241/0x360
[  594.407505][T12250]  ? __pfx_dump_stack_lvl+0x10/0x10
[  594.407524][T12250]  ? __pfx__printk+0x10/0x10
[  594.407552][T12250]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  594.407572][T12250]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  594.407594][T12250]  warn_alloc+0x278/0x410
[  594.407619][T12250]  ? __pfx_warn_alloc+0x10/0x10
[  594.407645][T12250]  ? nf_tables_newset+0x18ed/0x3170
[  594.407664][T12250]  ? __get_vm_area_node+0x1c8/0x2d0
[  594.407682][T12250]  ? __get_vm_area_node+0x25c/0x2d0
[  594.407706][T12250]  __vmalloc_node_range_noprof+0x62f/0x1380
[  594.407751][T12250]  ? rcu_is_watching+0x15/0xb0
[  594.407768][T12250]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  594.407790][T12250]  ? rcu_is_watching+0x15/0xb0
[  594.407807][T12250]  ? trace_kmalloc+0x1f/0xd0
[  594.407822][T12250]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  594.407838][T12250]  ? __kvmalloc_node_noprof+0x72/0x190
[  594.407867][T12250]  __kvmalloc_node_noprof+0x142/0x190
[  594.407887][T12250]  ? nf_tables_newset+0x18ed/0x3170
[  594.407907][T12250]  nf_tables_newset+0x18ed/0x3170
[  594.407946][T12250]  ? __pfx_nf_tables_newset+0x10/0x10
[  594.407971][T12250]  ? __pfx_lock_release+0x10/0x10
[  594.407993][T12250]  ? __skb_clone+0x5c/0x6c0
[  594.408030][T12250]  ? __nla_parse+0x40/0x60
[  594.408051][T12250]  nfnetlink_rcv+0x14e3/0x2ab0
[  594.408102][T12250]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  594.408167][T12250]  ? netlink_deliver_tap+0x2e/0x1b0
[  594.408182][T12250]  ? skb_clone+0x240/0x390
[  594.408198][T12250]  ? __pfx_lock_release+0x10/0x10
[  594.408234][T12250]  ? netlink_deliver_tap+0x2e/0x1b0
[  594.408254][T12250]  netlink_unicast+0x7f6/0x990
[  594.408285][T12250]  ? __pfx_netlink_unicast+0x10/0x10
[  594.408306][T12250]  ? __virt_addr_valid+0x45f/0x530
[  594.408330][T12250]  ? __phys_addr_symbol+0x2f/0x70
[  594.408351][T12250]  ? __check_object_size+0x47a/0x730
[  594.408380][T12250]  netlink_sendmsg+0x8de/0xcb0
[  594.408409][T12250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  594.408438][T12250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  594.408453][T12250]  __sock_sendmsg+0x221/0x270
[  594.408475][T12250]  ____sys_sendmsg+0x53a/0x860
[  594.408506][T12250]  ? __pfx_____sys_sendmsg+0x10/0x10
[  594.408527][T12250]  ? __fget_files+0x2a/0x410
[  594.408548][T12250]  ? __fget_files+0x2a/0x410
[  594.408573][T12250]  __sys_sendmsg+0x269/0x350
[  594.408595][T12250]  ? __pfx_futex_wake+0x10/0x10
[  594.408620][T12250]  ? __pfx___sys_sendmsg+0x10/0x10
[  594.408682][T12250]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  594.408706][T12250]  ? do_syscall_64+0x100/0x230
[  594.408730][T12250]  ? do_syscall_64+0xb6/0x230
[  594.408753][T12250]  do_syscall_64+0xf3/0x230
[  594.408773][T12250]  ? clear_bhb_loop+0x35/0x90
[  594.408799][T12250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.408821][T12250] RIP: 0033:0x7f01d458d169
[  594.408836][T12250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  594.408849][T12250] RSP: 002b:00007f01d531b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  594.408873][T12250] RAX: ffffffffffffffda RBX: 00007f01d47a5fa0 RCX: 00007f01d458d169
[  594.408886][T12250] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 000000000000000a
[  594.408896][T12250] RBP: 00007f01d460e2a0 R08: 0000000000000000 R09: 0000000000000000
[  594.408907][T12250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  594.408917][T12250] R13: 0000000000000000 R14: 00007f01d47a5fa0 R15: 00007fff468f13b8
[  594.408943][T12250]  </TASK>
[  594.408951][T12250] Mem-Info:
[  594.792336][T12250] active_anon:3207 inactive_anon:4486 isolated_anon:0
[  594.792336][T12250]  active_file:24715 inactive_file:34911 isolated_file:0
[  594.792336][T12250]  unevictable:771 dirty:110 writeback:0
[  594.792336][T12250]  slab_reclaimable:6595 slab_unreclaimable:103970
[  594.792336][T12250]  mapped:29371 shmem:4309 pagetables:1245
[  594.792336][T12250]  sec_pagetables:0 bounce:0
[  594.792336][T12250]  kernel_misc_reclaimable:0
[  594.792336][T12250]  free:1308656 free_pcp:4665 free_cma:0
[  594.839742][T12250] Node 0 active_anon:12828kB inactive_anon:17944kB active_file:98392kB inactive_file:139644kB unevictable:1548kB isolated(anon):0kB isolated(file):0kB mapped:117440kB dirty:440kB writeback:0kB shmem:15700kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11272kB pagetables:4980kB sec_pagetables:0kB all_unreclaimable? no
[  594.872980][T12250] Node 1 active_anon:0kB inactive_anon:0kB active_file:468kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  594.903786][T12250] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  594.930994][T12250] lowmem_reserve[]: 0 2490 2490 0 0
[  594.936420][T12250] Node 0 DMA32 free:1323860kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:12824kB inactive_anon:17968kB active_file:98120kB inactive_file:139592kB unevictable:1548kB writepending:488kB present:3129332kB managed:2550360kB mlocked:12kB bounce:0kB free_pcp:4448kB local_pcp:3284kB free_cma:0kB
[  594.967693][T12250] lowmem_reserve[]: 0 0 0 0 0
[  594.972549][T12250] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:280kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:368kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  595.004017][T12250] lowmem_reserve[]: 0 0 0 0 0
[  595.009116][T12250] Node 1 Normal free:3895308kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:468kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:14348kB local_pcp:14348kB free_cma:0kB
[  595.046666][T12250] lowmem_reserve[]: 0 0 0 0 0
[  595.052565][T12250] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  595.065879][T12250] Node 0 DMA32: 132*4kB (ME) 771*8kB (UME) 449*16kB (UME) 340*32kB (UME) 892*64kB (UME) 452*128kB (UME) 186*256kB (UME) 80*512kB (UME) 27*1024kB (UME) 17*2048kB (UME) 253*4096kB (UM) = 1327032kB
[  595.082703][ T5883] usb 1-1: reset high-speed USB device number 33 using dummy_hcd
[  595.086802][T12250] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  595.108571][T12250] Node 1 Normal: 191*4kB (UME) 50*8kB (UME) 50*16kB (UME) 217*32kB (UME) 87*64kB (UME) 29*128kB (UE) 13*256kB (UM) 8*512kB (UM) 5*1024kB (UME) 3*2048kB (UME) 942*4096kB (M) = 3895308kB
[  595.127769][T12250] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  595.137934][T12250] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  595.147425][   T47] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  595.156236][T12250] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  595.166294][T12250] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  595.175890][T12250] 63940 total pagecache pages
[  595.180972][T12250] 3 pages in swap cache
[  595.185151][T12250] Free swap  = 124892kB
[  595.191580][T12250] Total swap = 124996kB
[  595.195909][T12250] 2097051 pages RAM
[  595.199889][T12250] 0 pages HighMem/MovableOnly
[  595.205092][T12250] 427737 pages reserved
[  595.209692][T12250] 0 pages cma reserved
[  595.256268][T12272] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  595.292349][ T5883] usb 1-1: device firmware changed
[  595.308081][ T5883] ueagle-atm 1-1:127.25: usbatm_usb_probe: bind failed: -19!
[  595.317376][T12272] program syz.4.1607 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  595.329009][ T5883] usb 1-1: USB disconnect, device number 33
[  595.337642][   T47] usb 2-1: Using ep0 maxpacket: 8
[  595.344551][   T47] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  595.378231][   T47] usb 2-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[  595.401581][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.412394][   T47] usb 2-1: config 0 descriptor??
[  595.464183][T12277] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  595.480987][ T5883] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  595.652133][T12283] tmpfs: Unknown parameter 'quoza'
[  595.657946][T12282] tmpfs: Unknown parameter 'quoza'
[  595.663521][T12284] netlink: 'syz.5.1610': attribute type 4 has an invalid length.
[  595.672054][ T5883] usb 1-1: Using ep0 maxpacket: 32
[  595.677444][T12283] netlink: 'syz.5.1610': attribute type 4 has an invalid length.
[  595.685982][T12284] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1610'.
[  595.695721][T12283] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1610'.
[  595.719400][ T5883] usb 1-1: device descriptor read/all, error -71
[  595.736866][T12284] : renamed from bond0 (while UP)
[  595.852489][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.865283][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.875489][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.885672][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.892928][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.903515][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.916527][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.924145][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.934922][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.944417][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.955619][   T47] glorious 0003:258A:0033.0008: unknown main item tag 0x0
[  595.970790][   T47] glorious 0003:258A:0033.0008: hidraw0: USB HID v0.0b Device [Glorious Model D] on usb-dummy_hcd.1-1/input0
[  596.174035][ T5883] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  596.667275][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  596.695477][ T5883] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  596.706916][ T5883] usb 1-1: config 0 interface 0 has no altsetting 0
[  596.713550][ T5883] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  597.022962][T12304] Bluetooth: MGMT ver 1.23
[  597.341785][ T5883] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.350340][   T25] usb 2-1: USB disconnect, device number 28
[  597.370179][ T5883] usb 1-1: config 0 descriptor??
[  597.836654][ T5883] nzxt-smart2 0003:1E71:2009.0009: unknown main item tag 0x0
[  597.845851][ T5883] nzxt-smart2 0003:1E71:2009.0009: unknown main item tag 0x0
[  597.853369][ T5883] nzxt-smart2 0003:1E71:2009.0009: unknown main item tag 0x0
[  597.861141][ T5883] nzxt-smart2 0003:1E71:2009.0009: unknown main item tag 0x0
[  597.868601][ T5883] nzxt-smart2 0003:1E71:2009.0009: unknown main item tag 0x0
[  597.879801][ T5883] nzxt-smart2 0003:1E71:2009.0009: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  598.532604][   T25] usb 1-1: USB disconnect, device number 35
[  599.196944][ T5836] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  600.009290][ T5836] usb 6-1: Using ep0 maxpacket: 16
[  600.617809][ T5836] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  600.653164][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  600.678754][ T5836] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  600.711627][ T5836] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  600.727459][ T5836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.752003][ T5836] usb 6-1: Product: syz
[  600.756222][ T5836] usb 6-1: Manufacturer: syz
[  600.787722][ T5836] usb 6-1: SerialNumber: syz
[  600.802698][ T5836] usb 6-1: config 0 descriptor??
[  600.827867][T12353] sctp: [Deprecated]: syz.4.1632 (pid 12353) Use of int in max_burst socket option.
[  600.827867][T12353] Use struct sctp_assoc_value instead
[  600.868460][T12350] sctp: [Deprecated]: syz.1.1631 (pid 12350) Use of int in max_burst socket option.
[  600.868460][T12350] Use struct sctp_assoc_value instead
[  601.078624][   T47] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  601.129651][ T5836] appledisplay 6-1:0.0: Error while getting initial brightness: -110
[  601.152242][T12331] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1625'.
[  601.154474][ T5836] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -110
[  601.431369][   T47] usb 5-1: device descriptor read/64, error -71
[  601.795131][   T47] usb 5-1: new full-speed USB device number 41 using dummy_hcd
[  601.933190][ T5836] usb 6-1: USB disconnect, device number 15
[  602.104784][   T47] usb 5-1: device descriptor read/64, error -71
[  602.251929][T12366] hub 6-0:1.0: USB hub found
[  602.257152][T12366] hub 6-0:1.0: 1 port detected
[  602.268249][   T47] usb usb5-port1: attempt power cycle
[  602.910708][   T47] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  602.958389][   T47] usb 5-1: device descriptor read/8, error -71
[  603.242231][   T47] usb 5-1: new full-speed USB device number 43 using dummy_hcd
[  603.403042][   T47] usb 5-1: device descriptor read/8, error -71
[  603.676857][   T47] usb usb5-port1: unable to enumerate USB device
[  604.743313][T12387] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1640'.
[  605.616047][T12395] netlink: 'syz.0.1643': attribute type 29 has an invalid length.
[  605.640086][T12395] netlink: 'syz.0.1643': attribute type 29 has an invalid length.
[  605.788159][T12399] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1643'.
[  608.802261][T12426] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  612.022052][T12451] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1659'.
[  612.840254][T12462] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  613.509957][T12469] FAULT_INJECTION: forcing a failure.
[  613.509957][T12469] name failslab, interval 1, probability 0, space 0, times 0
[  613.575736][T12471] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  614.298310][T12469] CPU: 1 UID: 0 PID: 12469 Comm: syz.0.1665 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  614.298339][T12469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  614.298349][T12469] Call Trace:
[  614.298355][T12469]  <TASK>
[  614.298362][T12469]  dump_stack_lvl+0x241/0x360
[  614.298386][T12469]  ? __pfx_dump_stack_lvl+0x10/0x10
[  614.298467][T12469]  ? __pfx__printk+0x10/0x10
[  614.298496][T12469]  ? kmem_cache_alloc_noprof+0x48/0x380
[  614.298522][T12469]  ? __pfx___might_resched+0x10/0x10
[  614.298545][T12469]  should_fail_ex+0x40a/0x550
[  614.298570][T12469]  should_failslab+0xac/0x100
[  614.298593][T12469]  ? alloc_empty_file+0x9e/0x1d0
[  614.298608][T12469]  kmem_cache_alloc_noprof+0x70/0x380
[  614.298636][T12469]  alloc_empty_file+0x9e/0x1d0
[  614.298653][T12469]  alloc_file_pseudo+0x204/0x320
[  614.298668][T12469]  ? rcu_is_watching+0x15/0xb0
[  614.298688][T12469]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  614.298706][T12469]  ? security_inode_alloc+0xd2/0x310
[  614.298732][T12469]  sock_alloc_file+0xb7/0x2e0
[  614.298754][T12469]  do_accept+0x36f/0x6d0
[  614.298777][T12469]  ? __pfx_do_accept+0x10/0x10
[  614.298814][T12469]  __sys_accept4+0x11f/0x1d0
[  614.298837][T12469]  ? __pfx___sys_accept4+0x10/0x10
[  614.298857][T12469]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  614.298879][T12469]  ? do_syscall_64+0x100/0x230
[  614.298901][T12469]  __x64_sys_accept4+0x9a/0xb0
[  614.298922][T12469]  do_syscall_64+0xf3/0x230
[  614.298940][T12469]  ? clear_bhb_loop+0x35/0x90
[  614.298962][T12469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.298984][T12469] RIP: 0033:0x7f1bc398d169
[  614.299000][T12469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  614.299013][T12469] RSP: 002b:00007f1bc4870038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  614.299031][T12469] RAX: ffffffffffffffda RBX: 00007f1bc3ba5fa0 RCX: 00007f1bc398d169
[  614.299042][T12469] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  614.299051][T12469] RBP: 00007f1bc4870090 R08: 0000000000000000 R09: 0000000000000000
[  614.299061][T12469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  614.299070][T12469] R13: 0000000000000000 R14: 00007f1bc3ba5fa0 R15: 00007ffc1b59a7d8
[  614.299095][T12469]  </TASK>
[  615.657562][T12484] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1668'.
[  615.757260][T12484] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1668'.
[  616.046574][T12493] vlan3: entered promiscuous mode
[  616.052685][T12493] nlmon0: entered promiscuous mode
[  616.063673][T12493] bond0: (slave vlan3): Enslaving as an active interface with an up link
[  617.557979][T12510] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  618.568283][ T5836] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  619.279216][T12502] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1674'.
[  619.947403][ T5836] usb 2-1: Using ep0 maxpacket: 8
[  619.969535][ T5836] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=a8.17
[  619.978649][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  620.061535][ T5836] usb 2-1: Product: syz
[  620.081691][ T5836] usb 2-1: Manufacturer: syz
[  620.092505][ T5836] usb 2-1: SerialNumber: syz
[  620.105441][ T5836] usb 2-1: config 0 descriptor??
[  620.304009][ T5836] usb 2-1: can't set config #0, error -71
[  620.352859][ T5836] usb 2-1: USB disconnect, device number 29
[  620.915022][T12546] hub 6-0:1.0: USB hub found
[  620.920553][T12546] hub 6-0:1.0: 1 port detected
[  623.066207][T12561] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1691'.
[  623.514656][T12559] delete_channel: no stack
[  623.587402][T12565] netlink: 'syz.2.1692': attribute type 3 has an invalid length.
[  623.596782][T12565] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1692'.
[  624.016228][T12570] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1694'.
[  624.418513][T12570] FAULT_INJECTION: forcing a failure.
[  624.418513][T12570] name failslab, interval 1, probability 0, space 0, times 0
[  624.582095][T12570] CPU: 0 UID: 0 PID: 12570 Comm: syz.5.1694 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  624.582124][T12570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  624.582134][T12570] Call Trace:
[  624.582140][T12570]  <TASK>
[  624.582147][T12570]  dump_stack_lvl+0x241/0x360
[  624.582174][T12570]  ? __pfx_dump_stack_lvl+0x10/0x10
[  624.582192][T12570]  ? __pfx__printk+0x10/0x10
[  624.582229][T12570]  should_fail_ex+0x40a/0x550
[  624.582256][T12570]  should_failslab+0xac/0x100
[  624.582282][T12570]  kmem_cache_alloc_node_noprof+0x77/0x380
[  624.582306][T12570]  ? __alloc_skb+0x1c3/0x440
[  624.582332][T12570]  __alloc_skb+0x1c3/0x440
[  624.582359][T12570]  ? __pfx___alloc_skb+0x10/0x10
[  624.582381][T12570]  ? km_report+0x190/0x240
[  624.582402][T12570]  ? __pfx_lock_release+0x10/0x10
[  624.582429][T12570]  xfrm_alloc_compat+0x1b6/0x1710
[  624.582461][T12570]  ? xfrm_get_translator+0x19/0x240
[  624.582486][T12570]  dump_one_policy+0x718/0xa20
[  624.582516][T12570]  ? __pfx_dump_one_policy+0x10/0x10
[  624.582552][T12570]  xfrm_get_policy+0x6de/0x1060
[  624.582590][T12570]  ? __pfx_xfrm_get_policy+0x10/0x10
[  624.582627][T12570]  ? safesetid_security_capable+0xb2/0x1d0
[  624.582655][T12570]  ? __nla_parse+0x40/0x60
[  624.582676][T12570]  xfrm_user_rcv_msg+0x975/0xc20
[  624.582704][T12570]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  624.582757][T12570]  ? preempt_schedule+0xe1/0xf0
[  624.582776][T12570]  ? __pfx_preempt_schedule+0x10/0x10
[  624.582793][T12570]  ? __mutex_trylock_common+0x183/0x2e0
[  624.582811][T12570]  ? __pfx___might_resched+0x10/0x10
[  624.582834][T12570]  ? __pfx___mutex_trylock_common+0x10/0x10
[  624.582863][T12570]  netlink_rcv_skb+0x206/0x480
[  624.582889][T12570]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  624.582919][T12570]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  624.582970][T12570]  xfrm_netlink_rcv+0x79/0x90
[  624.582993][T12570]  netlink_unicast+0x7f6/0x990
[  624.583024][T12570]  ? __pfx_netlink_unicast+0x10/0x10
[  624.583046][T12570]  ? __check_object_size+0x3d9/0x730
[  624.583069][T12570]  ? __phys_addr_symbol+0x2f/0x70
[  624.583095][T12570]  ? __check_object_size+0x47a/0x730
[  624.583123][T12570]  netlink_sendmsg+0x8de/0xcb0
[  624.583151][T12570]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.583182][T12570]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.583197][T12570]  __sock_sendmsg+0x221/0x270
[  624.583220][T12570]  ____sys_sendmsg+0x53a/0x860
[  624.583252][T12570]  ? __pfx_____sys_sendmsg+0x10/0x10
[  624.583274][T12570]  ? __fget_files+0x2a/0x410
[  624.583295][T12570]  ? __fget_files+0x2a/0x410
[  624.583321][T12570]  __sys_sendmsg+0x269/0x350
[  624.583350][T12570]  ? __pfx___sys_sendmsg+0x10/0x10
[  624.583400][T12570]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  624.583449][T12570]  do_syscall_64+0xf3/0x230
[  624.583470][T12570]  ? clear_bhb_loop+0x35/0x90
[  624.583495][T12570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.583515][T12570] RIP: 0033:0x7f01d458d169
[  624.583531][T12570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.583544][T12570] RSP: 002b:00007f01d531b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  624.583563][T12570] RAX: ffffffffffffffda RBX: 00007f01d47a5fa0 RCX: 00007f01d458d169
[  624.583575][T12570] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000004
[  624.583586][T12570] RBP: 00007f01d531b090 R08: 0000000000000000 R09: 0000000000000000
[  624.583596][T12570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.583607][T12570] R13: 0000000000000000 R14: 00007f01d47a5fa0 R15: 00007fff468f13b8
[  624.583634][T12570]  </TASK>
[  625.158242][T12580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1695'.
[  625.398258][T12589] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1700'.
[  626.207183][ T1337] wlan1: Trigger new scan to find an IBSS to join
[  626.317578][T12591] ubi31: attaching mtd0
[  626.368549][T12591] ubi31: scanning is finished
[  626.373730][T12591] ubi31: empty MTD device detected
[  626.888752][T12594] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1701'.
[  627.449693][T12591] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  628.165406][T12613] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1708'.
[  628.179263][T12614] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1708'.
[  628.222392][T12616] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1708'.
[  628.565603][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  628.579593][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  628.769766][T12623] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  628.991055][T12627] befs: (nullb0): No write support. Marking filesystem read-only
[  629.017394][T12627] befs: (nullb0): invalid magic header
[  629.526052][T12641] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1712'.
[  630.189719][ T7247] wlan1: Trigger new scan to find an IBSS to join
[  630.235911][T12645] No such timeout policy "syz0"
[  630.900725][ T5137] Bluetooth: hci0: command 0x0406 tx timeout
[  631.810600][T12658] syz.4.1720(12658): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  631.955855][ T7240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.061222][  T974] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  632.407355][T12664] netlink: 'syz.4.1720': attribute type 29 has an invalid length.
[  632.415500][T12664] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1720'.
[  632.466311][T12664] netlink: 'syz.4.1720': attribute type 29 has an invalid length.
[  632.498552][T12664] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1720'.
[  632.607324][  T974] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  632.615880][  T974] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  632.626003][  T974] usb 1-1: config 0 has no interface number 0
[  632.656597][  T974] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  632.666479][  T974] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.696022][  T974] usb 1-1: Product: syz
[  632.711202][  T974] usb 1-1: Manufacturer: syz
[  632.716054][  T974] usb 1-1: SerialNumber: syz
[  632.744827][  T974] usb 1-1: config 0 descriptor??
[  632.797600][ T5836] usb 5-1: new full-speed USB device number 44 using dummy_hcd
[  632.962265][ T5836] usb 5-1: device descriptor read/64, error -71
[  633.058810][  T974] usb 1-1: Found UVC 0.08 device syz (046d:0823)
[  633.075977][  T974] usb 1-1: No valid video chain found.
[  633.103226][  T974] usb 1-1: USB disconnect, device number 36
[  633.237980][ T5836] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  633.284533][T12676] /dev/nullb0: Can't lookup blockdev
[  633.386534][T12679] hub 6-0:1.0: USB hub found
[  633.391668][T12679] hub 6-0:1.0: 1 port detected
[  633.620826][ T5836] usb 5-1: device descriptor read/64, error -71
[  634.230442][ T5836] usb usb5-port1: attempt power cycle
[  634.604096][ T5836] usb 5-1: new full-speed USB device number 46 using dummy_hcd
[  635.123038][ T5836] usb 5-1: device descriptor read/8, error -71
[  635.287189][T12711] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  635.346589][T12711] befs: (nullb0): No write support. Marking filesystem read-only
[  635.354758][T12711] befs: (nullb0): invalid magic header
[  636.068750][  T974] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  636.175827][ T5836] usb 5-1: new full-speed USB device number 47 using dummy_hcd
[  636.238401][ T5836] usb 5-1: device descriptor read/8, error -71
[  636.244668][  T974] usb 6-1: Using ep0 maxpacket: 16
[  636.246408][  T974] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  636.309898][  T974] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  636.319604][  T974] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.357396][  T974] usb 6-1: Product: syz
[  636.361633][  T974] usb 6-1: Manufacturer: syz
[  636.366715][  T974] usb 6-1: SerialNumber: syz
[  636.379559][ T5836] usb usb5-port1: unable to enumerate USB device
[  636.404915][  T974] usb 6-1: config 0 descriptor??
[  636.435575][  T974] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  636.469276][  T974] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  636.704483][T12744] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1746'.
[  636.775243][T12744] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1746'.
[  636.820718][  T974] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  637.184210][  T974] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  637.472329][  T974] em28xx 6-1:0.0: board has no eeprom
[  637.576119][  T974] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  637.584137][  T974] em28xx 6-1:0.0: dvb set to bulk mode.
[  637.630690][   T47] em28xx 6-1:0.0: Binding DVB extension
[  637.655605][  T974] usb 6-1: USB disconnect, device number 16
[  637.688519][  T974] em28xx 6-1:0.0: Disconnecting em28xx
[  637.800450][   T47] em28xx 6-1:0.0: Registering input extension
[  637.818039][  T974] em28xx 6-1:0.0: Closing input extension
[  637.899407][T12756] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1749'.
[  637.937174][  T974] em28xx 6-1:0.0: Freeing device
[  638.114215][T12765] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  638.659961][T12769] befs: (nullb0): No write support. Marking filesystem read-only
[  638.720430][T12769] befs: (nullb0): invalid magic header
[  639.077844][T12781] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1757'.
[  639.087292][T12781] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1757'.
[  639.899821][T12788] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1761'.
[  640.071746][T12796] Bluetooth: (null): Out-of-order packet arrived (4 != 0)
[  640.356987][ T5881] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  640.369983][ T7240] Bluetooth: (null): Invalid header checksum
[  640.818640][ T7240] Bluetooth: (null): Invalid header checksum
[  640.835771][ T7240] Bluetooth: (null): Invalid header checksum
[  640.852398][ T7240] Bluetooth: (null): Invalid header checksum
[  640.866997][ T7240] Bluetooth: (null): Invalid header checksum
[  640.921619][ T7240] Bluetooth: (null): Invalid header checksum
[  640.928172][ T7240] Bluetooth: (null): Invalid header checksum
[  640.955221][ T7240] Bluetooth: (null): Invalid header checksum
[  640.984562][ T5881] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  641.014974][ T5881] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.040117][ T5881] usb 6-1: Product: syz
[  641.044340][ T5881] usb 6-1: Manufacturer: syz
[  641.051364][T12802] lo: entered allmulticast mode
[  641.051454][ T7240] Bluetooth: (null): Invalid header checksum
[  641.058260][T12801] lo: left allmulticast mode
[  641.081631][ T5881] usb 6-1: SerialNumber: syz
[  641.099379][ T5881] usb 6-1: config 0 descriptor??
[  641.104024][  T974] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  641.316806][ T6918] Bluetooth: (null): Invalid header checksum
[  641.327455][ T6918] Bluetooth: (null): Invalid header checksum
[  641.336637][ T5881] gspca_main: sunplus-2.14.0 probing 055f:c230
[  641.361094][  T974] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  641.395657][ T6918] Bluetooth: (null): Invalid header checksum
[  641.402584][  T974] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  641.484182][T12811] netlink: 'syz.0.1767': attribute type 4 has an invalid length.
[  641.522368][ T6918] Bluetooth: (null): Invalid header checksum
[  641.829562][ T6918] Bluetooth: (null): Invalid header checksum
[  642.126432][  T974] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[  642.159462][ T6918] Bluetooth: (null): Invalid header checksum
[  642.166041][ T6918] Bluetooth: (null): Invalid header checksum
[  642.172197][ T6918] Bluetooth: (null): Invalid header checksum
[  642.179290][ T6918] Bluetooth: (null): Invalid header checksum
[  642.243183][ T6918] Bluetooth: (null): Invalid header checksum
[  642.250797][  T974] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  642.250828][  T974] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  642.252787][  T974] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  642.407428][   T12] Bluetooth: (null): Invalid header checksum
[  642.618613][  T974] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  642.672364][   T12] Bluetooth: (null): Invalid header checksum
[  642.695011][  T974] usb 5-1: Product: syz
[  642.715952][   T12] Bluetooth: (null): Invalid header checksum
[  642.750527][   T12] Bluetooth: (null): Invalid header checksum
[  642.871500][  T974] usb 5-1: Manufacturer: syz
[  642.876454][  T974] usb 5-1: SerialNumber: syz
[  642.963372][ T1150] Bluetooth: (null): Invalid header checksum
[  643.350144][ T1150] Bluetooth: (null): Invalid header checksum
[  643.363183][ T1150] Bluetooth: (null): Invalid header checksum
[  643.369436][ T1150] Bluetooth: (null): Invalid header checksum
[  643.375705][ T1150] Bluetooth: (null): Invalid header checksum
[  643.436224][ T5883] usb 6-1: USB disconnect, device number 17
[  643.756295][  T974] usb 5-1: can't set config #1, error -71
[  643.764237][  T974] usb 5-1: USB disconnect, device number 48
[  644.392895][T12833] xfrm0: entered promiscuous mode
[  644.424007][T12833] xfrm0: entered allmulticast mode
[  645.190732][T12849] bridge0: port 2(bridge_slave_1) entered disabled state
[  645.199557][T12849] bridge0: port 1(bridge_slave_0) entered disabled state
[  645.576206][T12853] IPVS: set_ctl: invalid protocol: 41 172.20.20.28:20001
[  645.702365][T12862] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  646.372173][T12861] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1781'.
[  646.713215][T12868] Cannot find set identified by id 0 to match
[  649.690262][T12900] hub 6-0:1.0: USB hub found
[  649.729361][T12894] Invalid ELF header magic: != ELF
[  649.790059][T12900] hub 6-0:1.0: 1 port detected
[  651.033289][T12915] nfs: Unknown parameter '
/rØÿØÂY~£<ä¶õdoac'
[  652.017564][T12922] Illegal XDP return value 4294967274 on prog  (id 483) dev N/A, expect packet loss!
[  652.056766][T12921] pim6reg1: entered promiscuous mode
[  652.077242][T12921] pim6reg1: entered allmulticast mode
[  652.975890][T12929] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1801'.
[  652.985246][T12929] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1801'.
[  653.003011][T12929] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1801'.
[  653.878210][T12937] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  655.128869][T12945] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  657.397057][T12953] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1807'.
[  658.092734][T12953] batadv1: entered promiscuous mode
[  658.113385][T12953] batadv1: entered allmulticast mode
[  658.441588][T12969] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  660.610098][T12984] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1816'.
[  660.619198][T12984] 0ªX¹¦À: renamed from caif0
[  660.715155][T12984] 0ªX¹¦À: entered allmulticast mode
[  660.720430][T12984] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  661.693275][   T29] kauditd_printk_skb: 253 callbacks suppressed
[  661.693291][   T29] audit: type=1326 audit(1740248360.563:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12977 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc398d169 code=0x7fc00000
[  665.221212][T13029] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  666.890233][ T1337] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  669.974201][T13072] bridge0: port 3(batadv1) entered blocking state
[  669.981188][T13072] bridge0: port 3(batadv1) entered disabled state
[  669.991294][T13072] batadv1: entered allmulticast mode
[  670.018744][T13072] batadv1: entered promiscuous mode
[  670.573778][ T1150] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  670.583795][ T1150] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  671.653577][T13091] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1846'.
[  672.626596][T13091] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  672.772336][T13091] lo speed is unknown, defaulting to 1000
[  672.830096][T13091] lo speed is unknown, defaulting to 1000
[  673.072076][T13099] hub 6-0:1.0: USB hub found
[  673.384026][T13099] hub 6-0:1.0: 1 port detected
[  674.269539][T13115] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  675.431526][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  676.319417][   T29] audit: type=1326 audit(1740248374.238:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13110 comm="syz.4.1850" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fbe28184127 code=0x0
[  677.435167][T13133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  678.287252][T13132] 9pnet_fd: Insufficient options for proto=fd
[  680.107558][T13162] overlay: ./file1 is not a directory
[  680.249236][T13165] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  682.143501][T13184] netlink: 'syz.0.1869': attribute type 29 has an invalid length.
[  682.637412][T13187] netlink: 'syz.0.1869': attribute type 29 has an invalid length.
[  682.648955][T13184] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1869'.
[  683.855587][   T29] audit: type=1326 audit(1740248381.282:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13203 comm="syz.5.1875" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f01d458d169 code=0x0
[  685.191790][T13220] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  685.212860][T13222] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1879'.
[  685.251648][T13222] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1879'.
[  685.688441][T13229] dvmrp0: entered allmulticast mode
[  686.236887][T13223] dvmrp0: left allmulticast mode
[  687.682413][T13246] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1885'.
[  688.309564][T13257] hub 6-0:1.0: USB hub found
[  688.315864][T13257] hub 6-0:1.0: 1 port detected
[  690.739413][T13276] xfrm0: left promiscuous mode
[  690.748192][T13276] xfrm0: left allmulticast mode
[  690.832993][T13276] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1894'.
[  692.211491][T13294] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  694.019247][ T5881] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  694.301681][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  694.308145][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  694.375359][ T5881] usb 2-1: Using ep0 maxpacket: 16
[  695.706515][ T5881] usb 2-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66
[  695.716204][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  695.731977][ T5881] usb 2-1: config 0 descriptor??
[  695.754920][ T5881] usb 2-1: invalid MIDI EP
[  695.773459][ T5881] usb 2-1: snd-bcd2000: error during probing
[  695.790438][ T5881] snd-bcd2000 2-1:0.0: probe with driver snd-bcd2000 failed with error -22
[  696.635453][ T5883] usb 2-1: USB disconnect, device number 30
[  696.685232][T13333] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  696.751935][T13336] 9p: Unknown access argument : -22
[  697.018868][T13342] netlink: 'syz.2.1917': attribute type 1 has an invalid length.
[  697.039075][T13342] netlink: 'syz.2.1917': attribute type 2 has an invalid length.
[  697.454249][ T5875] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  697.732603][ T5875] usb 1-1: Using ep0 maxpacket: 8
[  698.022185][ T5875] usb 1-1: unable to read config index 0 descriptor/start: -61
[  698.031468][ T5875] usb 1-1: can't read configurations, error -61
[  698.277848][ T5875] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  699.171601][ T5875] usb 1-1: Using ep0 maxpacket: 8
[  699.230304][ T5875] usb 1-1: unable to read config index 0 descriptor/start: -61
[  699.237962][ T5875] usb 1-1: can't read configurations, error -61
[  699.272251][ T5875] usb usb1-port1: attempt power cycle
[  699.520180][T13376] netlink: 308 bytes leftover after parsing attributes in process `syz.5.1929'.
[  699.656596][ T5875] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  699.788083][ T5875] usb 1-1: Using ep0 maxpacket: 8
[  699.804695][ T5875] usb 1-1: unable to read config index 0 descriptor/start: -61
[  700.513769][ T5875] usb 1-1: can't read configurations, error -61
[  700.676878][ T5875] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  700.981033][ T5875] usb 1-1: device not accepting address 40, error -71
[  700.989906][ T5875] usb usb1-port1: unable to enumerate USB device
[  701.099230][ T7247] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  703.526758][   T47] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  703.856370][   T47] usb 2-1: device descriptor read/64, error -71
[  704.189297][   T47] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  704.328581][   T47] usb 2-1: device descriptor read/64, error -71
[  704.863115][   T47] usb usb2-port1: attempt power cycle
[  705.290578][   T47] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  705.310290][   T29] audit: type=1326 audit(1740248401.355:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13428 comm="syz.0.1947" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1bc398d169 code=0x0
[  705.675944][   T47] usb 2-1: device descriptor read/8, error -71
[  705.944098][   T47] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  705.980643][   T47] usb 2-1: device descriptor read/8, error -71
[  706.118146][   T47] usb usb2-port1: unable to enumerate USB device
[  707.418604][T13453] netlink: 'syz.4.1953': attribute type 29 has an invalid length.
[  707.717208][T13453] netlink: 'syz.4.1953': attribute type 29 has an invalid length.
[  707.792427][T13453] netlink: 500 bytes leftover after parsing attributes in process `syz.4.1953'.
[  707.856329][ T5883] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[  708.021369][ T5883] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  708.032169][ T5883] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  708.361364][ T5883] usb 2-1: config 0 descriptor??
[  708.386893][ T5883] ums-realtek 2-1:0.0: USB Mass Storage device detected
[  709.571558][T13461] input: syz0 as /devices/virtual/input/input11
[  709.620971][  T974] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  710.066733][  T974] usb 1-1: Using ep0 maxpacket: 32
[  710.131375][  T974] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  710.150980][  T974] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  710.177470][  T974] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  710.186521][  T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  710.274594][  T974] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  710.283089][T13482] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1961'.
[  710.305896][  T974] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  710.327042][  T974] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  710.336650][  T974] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  710.346636][  T974] usb 1-1: config 0 descriptor??
[  710.385076][T13485] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  710.406385][T13482] vlan2: entered promiscuous mode
[  710.412855][T13482] bond1: (slave vlan2): Opening slave failed
[  710.452491][T13489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1962'.
[  710.572368][  T974] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 41 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  710.616035][  T974] usb 1-1: USB disconnect, device number 41
[  710.646224][T13488] netlink: 'syz.5.1963': attribute type 6 has an invalid length.
[  710.677474][  T974] usblp0: removed
[  710.677535][ T5883] usb 2-1: USB disconnect, device number 35
[  710.951394][T13493] netlink: 'syz.5.1963': attribute type 10 has an invalid length.
[  710.980465][T13493] 8021q: adding VLAN 0 to HW filter on device batadv0
[  710.992031][T13493] : (slave batadv0): Enslaving as an active interface with an up link
[  712.214346][T13505] netlink: 'syz.5.1967': attribute type 29 has an invalid length.
[  712.311496][T13505] netlink: 'syz.5.1967': attribute type 29 has an invalid length.
[  712.766521][T13505] netlink: 500 bytes leftover after parsing attributes in process `syz.5.1967'.
[  715.340043][T13532] No control pipe specified
[  717.328639][T13558] bond0: (slave batadv0): Releasing backup interface
[  717.449271][T13558] bond0: (slave bond_slave_0): Releasing backup interface
[  717.552719][T13568] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1988'.
[  717.715965][T13558] bond0: (slave bond_slave_1): Releasing backup interface
[  717.836681][T13558] team0: Port device team_slave_0 removed
[  717.959530][ T5883] usb 2-1: new full-speed USB device number 36 using dummy_hcd
[  717.974952][T13558] team0: Port device team_slave_1 removed
[  717.999922][T13558] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  718.045819][T13558] batman_adv: batadv0: Removing interface: batadv_slave_0
[  718.072485][T13558] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  718.101595][T13558] batman_adv: batadv0: Removing interface: batadv_slave_1
[  718.184695][ T5883] usb 2-1: not running at top speed; connect to a high speed hub
[  718.195392][ T5883] usb 2-1: config 1 has an invalid interface number: 91 but max is 0
[  718.203808][ T5883] usb 2-1: config 1 has no interface number 0
[  718.224469][ T5883] usb 2-1: config 1 interface 91 has no altsetting 0
[  718.251101][ T5883] usb 2-1: New USB device found, idVendor=115e, idProduct=f100, bcdDevice=e0.08
[  718.262586][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  718.276999][ T5883] usb 2-1: Product: syz
[  718.293799][T13558] bond0: (slave vlan3): Releasing backup interface
[  718.328373][T13558] nlmon0: left promiscuous mode
[  718.349103][ T5883] usb 2-1: Manufacturer: syz
[  718.412789][ T5883] usb 2-1: SerialNumber: syz
[  718.814615][T13558] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1983'.
[  718.853802][T13558] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1983'.
[  719.791479][T13603] FAULT_INJECTION: forcing a failure.
[  719.791479][T13603] name failslab, interval 1, probability 0, space 0, times 0
[  719.805807][T13603] CPU: 0 UID: 0 PID: 13603 Comm: syz.0.1998 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  719.805833][T13603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  719.805843][T13603] Call Trace:
[  719.805850][T13603]  <TASK>
[  719.805857][T13603]  dump_stack_lvl+0x241/0x360
[  719.805885][T13603]  ? __pfx_dump_stack_lvl+0x10/0x10
[  719.805903][T13603]  ? __pfx__printk+0x10/0x10
[  719.805932][T13603]  ? fs_reclaim_acquire+0x93/0x130
[  719.805953][T13603]  ? __pfx___might_resched+0x10/0x10
[  719.805976][T13603]  should_fail_ex+0x40a/0x550
[  719.806002][T13603]  should_failslab+0xac/0x100
[  719.806029][T13603]  __kmalloc_noprof+0xdd/0x4c0
[  719.806044][T13603]  ? kstrtouint_from_user+0x128/0x190
[  719.806059][T13603]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  719.806082][T13603]  tomoyo_realpath_from_path+0xcf/0x5e0
[  719.806111][T13603]  tomoyo_path_number_perm+0x239/0x770
[  719.806133][T13603]  ? __lock_acquire+0x1397/0x2100
[  719.806158][T13603]  ? tomoyo_path_number_perm+0x209/0x770
[  719.806182][T13603]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  719.806246][T13603]  ? __fget_files+0x2a/0x410
[  719.806266][T13603]  ? __fget_files+0x2a/0x410
[  719.806289][T13603]  security_file_ioctl+0xc6/0x2a0
[  719.806313][T13603]  __se_sys_ioctl+0x46/0x170
[  719.806336][T13603]  do_syscall_64+0xf3/0x230
[  719.806357][T13603]  ? clear_bhb_loop+0x35/0x90
[  719.806382][T13603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.806403][T13603] RIP: 0033:0x7f1bc398d169
[  719.806418][T13603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  719.806432][T13603] RSP: 002b:00007f1bc4870038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  719.806451][T13603] RAX: ffffffffffffffda RBX: 00007f1bc3ba5fa0 RCX: 00007f1bc398d169
[  719.806463][T13603] RDX: 0000400000000a80 RSI: 00000000c0d05640 RDI: 0000000000000003
[  719.806474][T13603] RBP: 00007f1bc4870090 R08: 0000000000000000 R09: 0000000000000000
[  719.806485][T13603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.806495][T13603] R13: 0000000000000000 R14: 00007f1bc3ba5fa0 R15: 00007ffc1b59a7d8
[  719.806522][T13603]  </TASK>
[  719.806553][T13603] ERROR: Out of memory at tomoyo_realpath_from_path.
[  720.167908][ T5883] usb 2-1: palm_os_4_probe - error -71 getting connection info
[  720.189199][ T5883] visor 2-1:1.91: Handspring Visor / Palm OS converter detected
[  720.213357][ T5883] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  720.247720][ T5883] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  720.291035][ T5883] usb 2-1: USB disconnect, device number 36
[  720.315382][ T5883] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  720.333053][T13611] netlink: 312 bytes leftover after parsing attributes in process `syz.1.2000'.
[  720.344445][ T5883] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  720.368116][ T5883] visor 2-1:1.91: device disconnected
[  720.585783][T13612] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2001'.
[  722.118670][T13623] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2005'.
[  722.921680][T13633] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2006'.
[  723.289681][T13637] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2009'.
[  723.722172][ T5875] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[  723.827258][T13653] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2015'.
[  723.889449][T13655] lo speed is unknown, defaulting to 1000
[  723.925707][ T5875] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  723.965885][ T5875] usb 6-1: New USB device found, idVendor=06cd, idProduct=0108, bcdDevice=bb.20
[  723.979400][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.987821][ T5875] usb 6-1: Product: syz
[  723.998956][ T5875] usb 6-1: Manufacturer: syz
[  724.051987][T13655] lo speed is unknown, defaulting to 1000
[  724.109090][ T5875] usb 6-1: SerialNumber: syz
[  724.164770][ T5875] usb 6-1: config 0 descriptor??
[  724.194805][ T5875] keyspan 6-1:0.0: Keyspan 1 port adapter converter detected
[  724.224191][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 87
[  724.254334][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 7
[  724.283745][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 81
[  724.308202][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 1
[  724.332321][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 2
[  724.344378][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 85
[  724.353441][ T5875] keyspan 6-1:0.0: found no endpoint descriptor for endpoint 5
[  724.436870][ T5875] usb 6-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  724.455377][ T5875] usb 6-1: USB disconnect, device number 18
[  724.481611][ T5875] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  724.493927][T13661] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2017'.
[  724.507006][ T5875] keyspan 6-1:0.0: device disconnected
[  727.741474][T13687] xt_cgroup: path and classid specified
[  728.642698][T13701] overlayfs: missing 'lowerdir'
[  730.841147][   T47] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  731.243467][   T47] usb 1-1: Using ep0 maxpacket: 16
[  731.259220][   T47] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  731.267682][   T47] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  731.279815][   T47] usb 1-1: config 0 has no interface number 0
[  731.288162][   T47] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  731.297589][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.306219][   T47] usb 1-1: Product: syz
[  731.310506][   T47] usb 1-1: Manufacturer: syz
[  731.315401][   T47] usb 1-1: SerialNumber: syz
[  731.337264][   T47] usb 1-1: config 0 descriptor??
[  731.622848][  T974] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  731.662333][   T47] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  731.674289][   T47] usb 1-1: No valid video chain found.
[  731.691329][   T47] usb 1-1: USB disconnect, device number 42
[  731.875629][  T974] usb 6-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  731.885446][  T974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.907908][  T974] usb 6-1: config 0 descriptor??
[  731.936990][  T974] gspca_main: sunplus-2.14.0 probing 055f:c420
[  732.522928][T13746] netlink: 'syz.4.2045': attribute type 1 has an invalid length.
[  733.387002][  T974] gspca_sunplus: reg_w_riv err -110
[  733.392825][  T974] sunplus 6-1:0.0: probe with driver sunplus failed with error -110
[  733.655934][ T5836] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  733.889221][ T5836] usb 5-1: device descriptor read/64, error -71
[  733.913062][T13746] 8021q: adding VLAN 0 to HW filter on device bond2
[  733.927762][ T5881] usb 6-1: USB disconnect, device number 19
[  734.263924][T13763] : (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  734.278652][T13763] : (slave ipvlan1): The slave device specified does not support setting the MAC address
[  734.289081][T13763] : (slave ipvlan1): Error -95 calling set_mac_address
[  735.310948][ T5836] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  735.467327][ T5836] usb 5-1: device descriptor read/64, error -71
[  735.692051][ T5836] usb usb5-port1: attempt power cycle
[  736.670794][ T6918] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  737.192664][T13797] x_tables: ip6_tables: mh match: only valid for protocol 135
[  739.734693][T13824] netlink: 'syz.1.2065': attribute type 32 has an invalid length.
[  740.420836][T13832] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2070'.
[  740.572231][   T47] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  740.803717][   T47] usb 1-1: Using ep0 maxpacket: 8
[  741.361645][   T47] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  741.397313][   T47] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  741.418813][   T47] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  741.445627][   T47] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  741.484055][   T47] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  741.523557][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.996880][   T47] usb 1-1: GET_CAPABILITIES returned 0
[  742.105850][   T47] usbtmc 1-1:16.0: can't read capabilities
[  854.648786][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  854.655823][    C1] rcu: 	0-...!: (1 GPs behind) idle=d18c/1/0x4000000000000000 softirq=56939/56943 fqs=0
[  854.667395][    C1] rcu: 	(detected by 1, t=10505 jiffies, g=57605, q=104 ncpus=2)
[  854.675139][    C1] Sending NMI from CPU 1 to CPUs 0:
[  854.675181][    C0] NMI backtrace for cpu 0
[  854.675197][    C0] CPU: 0 UID: 0 PID: 13850 Comm: syz.4.2074 Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  854.675213][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  854.675223][    C0] RIP: 0010:lock_is_held_type+0x20/0x190
[  854.675253][    C0] Code: 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 <bb> ff ff ff ff 83 3d d4 73 3b 04 00 0f 84 00 01 00 00 65 8b 05 37
[  854.675265][    C0] RSP: 0018:ffffc90000007c28 EFLAGS: 00000086
[  854.675279][    C0] RAX: 826d7353acb11c00 RBX: 0000000000000001 RCX: ffff888030fa3c00
[  854.675289][    C0] RDX: ffff888030fa3c00 RSI: 00000000ffffffff RDI: ffff88802a380300
[  854.675299][    C0] RBP: dffffc0000000000 R08: ffffffff89fc8811 R09: fffff52000000f7c
[  854.675310][    C0] R10: dffffc0000000000 R11: fffff52000000f7c R12: 0000000000000002
[  854.675319][    C0] R13: ffffffff89fc86e0 R14: ffff88802a380340 R15: ffff888035b23800
[  854.675329][    C0] FS:  00007fbe28ff56c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  854.675341][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  854.675351][    C0] CR2: ffffffffffffffe8 CR3: 0000000024be8000 CR4: 00000000003526f0
[  854.675363][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  854.675372][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  854.675380][    C0] Call Trace:
[  854.675388][    C0]  <NMI>
[  854.675396][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  854.675413][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  854.675433][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  854.675446][    C0]  ? nmi_handle+0x2a/0x5a0
[  854.675472][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  854.675488][    C0]  ? nmi_handle+0x14f/0x5a0
[  854.675505][    C0]  ? nmi_handle+0x2a/0x5a0
[  854.675523][    C0]  ? lock_is_held_type+0x20/0x190
[  854.675538][    C0]  ? default_do_nmi+0x63/0x160
[  854.675552][    C0]  ? exc_nmi+0x123/0x1f0
[  854.675564][    C0]  ? end_repeat_nmi+0xf/0x53
[  854.675583][    C0]  ? __pfx_advance_sched+0x10/0x10
[  854.675599][    C0]  ? advance_sched+0x131/0xca0
[  854.675615][    C0]  ? lock_is_held_type+0x20/0x190
[  854.675631][    C0]  ? lock_is_held_type+0x20/0x190
[  854.675647][    C0]  ? lock_is_held_type+0x20/0x190
[  854.675663][    C0]  </NMI>
[  854.675667][    C0]  <IRQ>
[  854.675673][    C0]  ? __pfx_advance_sched+0x10/0x10
[  854.675688][    C0]  advance_sched+0x148/0xca0
[  854.675704][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  854.675720][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  854.675739][    C0]  ? __pfx_advance_sched+0x10/0x10
[  854.675753][    C0]  __hrtimer_run_queues+0x59b/0xd30
[  854.675776][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  854.675789][    C0]  ? sched_clock+0x4a/0x70
[  854.675804][    C0]  ? read_tsc+0x9/0x20
[  854.675817][    C0]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  854.675838][    C0]  hrtimer_interrupt+0x403/0xa40
[  854.675862][    C0]  __sysvec_apic_timer_interrupt+0x110/0x420
[  854.675882][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  854.675899][    C0]  </IRQ>
[  854.675903][    C0]  <TASK>
[  854.675909][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  854.675927][    C0] RIP: 0010:lock_acquire+0x264/0x550
[  854.675944][    C0] Code: 2b 00 74 08 4c 89 f7 e8 2a be 89 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  854.675954][    C0] RSP: 0018:ffffc90013d46ee0 EFLAGS: 00000206
[  854.675966][    C0] RAX: 0000000000000001 RBX: 1ffff920027a8de8 RCX: ffff888030fa46e8
[  854.675975][    C0] RDX: dffffc0000000000 RSI: ffffffff8c2ab6a0 RDI: ffffffff8c801a80
[  854.675985][    C0] RBP: ffffc90013d47030 R08: ffffffff94511847 R09: 1ffffffff28a2308
[  854.675996][    C0] R10: dffffc0000000000 R11: fffffbfff28a2309 R12: 1ffff920027a8de4
[  854.676005][    C0] R13: dffffc0000000000 R14: ffffc90013d46f40 R15: 0000000000000246
[  854.676027][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  854.676046][    C0]  ? alloc_pages_mpol+0x4bd/0x660
[  854.676068][    C0]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  854.676086][    C0]  ? filemap_get_entry+0x123/0x3b0
[  854.676105][    C0]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[  854.676119][    C0]  get_mem_cgroup_from_mm+0x55/0x2a0
[  854.676132][    C0]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[  854.676147][    C0]  __mem_cgroup_charge+0x16/0x80
[  854.676164][    C0]  shmem_alloc_and_add_folio+0x8a2/0x1090
[  854.676189][    C0]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  854.676208][    C0]  ? shmem_allowable_huge_orders+0x40b/0x420
[  854.676228][    C0]  shmem_get_folio_gfp+0x621/0x1840
[  854.676258][    C0]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  854.676279][    C0]  shmem_fault+0x220/0x5b0
[  854.676302][    C0]  ? __pfx_shmem_fault+0x10/0x10
[  854.676320][    C0]  ? __pfx_lock_release+0x10/0x10
[  854.676343][    C0]  __do_fault+0x135/0x390
[  854.676361][    C0]  __handle_mm_fault+0x4c44/0x70f0
[  854.676376][    C0]  ? mark_lock+0x9a/0x360
[  854.676405][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[  854.676423][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  854.676442][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  854.676465][    C0]  ? follow_page_pte+0x25a/0x1460
[  854.676482][    C0]  ? follow_page_pte+0x86a/0x1460
[  854.676498][    C0]  ? __pfx_lock_release+0x10/0x10
[  854.676518][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  854.676541][    C0]  ? __pfx___might_resched+0x10/0x10
[  854.676559][    C0]  handle_mm_fault+0x2c1/0x7e0
[  854.676579][    C0]  __get_user_pages+0x1a92/0x4140
[  854.676612][    C0]  ? __pfx___get_user_pages+0x10/0x10
[  854.676628][    C0]  ? __pfx_mt_find+0x10/0x10
[  854.676654][    C0]  populate_vma_page_range+0x264/0x330
[  854.676671][    C0]  ? __pfx_populate_vma_page_range+0x10/0x10
[  854.676686][    C0]  ? userfaultfd_unmap_complete+0x30c/0x360
[  854.676707][    C0]  __mm_populate+0x27a/0x460
[  854.676725][    C0]  ? __pfx___mm_populate+0x10/0x10
[  854.676745][    C0]  vm_mmap_pgoff+0x303/0x430
[  854.676764][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  854.676780][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  854.676798][    C0]  ? do_syscall_64+0x100/0x230
[  854.676815][    C0]  ? ksys_mmap_pgoff+0xdf/0x720
[  854.676829][    C0]  ? __x64_sys_mmap+0x7f/0x140
[  854.676848][    C0]  do_syscall_64+0xf3/0x230
[  854.676865][    C0]  ? clear_bhb_loop+0x35/0x90
[  854.676883][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.676900][    C0] RIP: 0033:0x7fbe2818d169
[  854.676914][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.676925][    C0] RSP: 002b:00007fbe28ff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  854.676939][    C0] RAX: ffffffffffffffda RBX: 00007fbe283a5fa0 RCX: 00007fbe2818d169
[  854.676949][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000400000000000
[  854.676959][    C0] RBP: 00007fbe2820e2a0 R08: ffffffffffffffff R09: 0000000000000000
[  854.676969][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  854.676977][    C0] R13: 0000000000000000 R14: 00007fbe283a5fa0 R15: 00007fffd16e9e78
[  854.676993][    C0]  </TASK>
[  854.677172][    C1] rcu: rcu_preempt kthread starved for 10505 jiffies! g57605 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  855.378985][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  855.388999][    C1] rcu: RCU grace-period kthread stack dump:
[  855.394910][    C1] task:rcu_preempt     state:R  running task     stack:25784 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[  855.409048][    C1] Call Trace:
[  855.412336][    C1]  <TASK>
[  855.415280][    C1]  __schedule+0x18bc/0x4c40
[  855.419811][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  855.425834][    C1]  ? __pfx___schedule+0x10/0x10
[  855.430838][    C1]  ? __pfx_lock_release+0x10/0x10
[  855.435890][    C1]  ? __pfx___mod_timer+0x10/0x10
[  855.440944][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  855.447312][    C1]  ? schedule+0x90/0x320
[  855.451573][    C1]  schedule+0x14b/0x320
[  855.455745][    C1]  schedule_timeout+0x15a/0x290
[  855.460601][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  855.465980][    C1]  ? __pfx_process_timeout+0x10/0x10
[  855.471289][    C1]  ? prepare_to_swait_event+0x330/0x350
[  855.476854][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  855.482064][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[  855.486934][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  855.492148][    C1]  ? rcu_gp_init+0x1256/0x1630
[  855.496934][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  855.501885][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  855.507183][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  855.513118][    C1]  ? finish_swait+0xd4/0x1e0
[  855.517734][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  855.523025][    C1]  rcu_gp_kthread+0xa7/0x3b0
[  855.527664][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  855.532908][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  855.538821][    C1]  ? __kthread_parkme+0x169/0x1d0
[  855.543951][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  855.549191][    C1]  kthread+0x7a9/0x920
[  855.553272][    C1]  ? __pfx_kthread+0x10/0x10
[  855.557875][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  855.563085][    C1]  ? __pfx_kthread+0x10/0x10
[  855.567696][    C1]  ? __pfx_kthread+0x10/0x10
[  855.572301][    C1]  ? __pfx_kthread+0x10/0x10
[  855.576895][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  855.582097][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  855.587311][    C1]  ? __pfx_kthread+0x10/0x10
[  855.591913][    C1]  ret_from_fork+0x4b/0x80
[  855.596341][    C1]  ? __pfx_kthread+0x10/0x10
[  855.600944][    C1]  ret_from_fork_asm+0x1a/0x30
[  855.605727][    C1]  </TASK>
[  855.608752][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  855.615074][    C1] CPU: 1 UID: 0 PID: 9250 Comm: syz-executor Not tainted 6.14.0-rc3-syzkaller-00267-gff202c5028a1 #0
[  855.625924][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  855.636094][    C1] RIP: 0010:smp_call_function_many_cond+0x1ba4/0x2d30
[  855.642888][    C1] Code: 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 30 f5 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 e0 f0 0b 00 eb 41 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7 45 00
[  855.662513][    C1] RSP: 0018:ffffc9001ccdf500 EFLAGS: 00000293
[  855.668594][    C1] RAX: ffffffff81b5c975 RBX: 1ffff110170c8c75 RCX: ffff888068649e00
[  855.676580][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  855.684553][    C1] RBP: ffffc9001ccdf700 R08: ffffffff81b5c940 R09: 1ffffffff28a230e
[  855.692528][    C1] R10: dffffc0000000000 R11: fffffbfff28a230f R12: ffff8880b873f9c8
[  855.700510][    C1] R13: ffff8880b86463a8 R14: ffff8880b873f9c0 R15: 0000000000000000
[  855.708485][    C1] FS:  000055556f4c8500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  855.717425][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  855.724032][    C1] CR2: ffffffffffffffe8 CR3: 0000000032ece000 CR4: 00000000003526f0
[  855.732028][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  855.740007][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  855.748008][    C1] Call Trace:
[  855.751334][    C1]  <IRQ>
[  855.754200][    C1]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  855.760573][    C1]  ? print_other_cpu_stall+0x1481/0x15c0
[  855.766252][    C1]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  855.772081][    C1]  ? cgroup_rstat_updated+0x13b/0xc30
[  855.777478][    C1]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  855.783731][    C1]  ? rcu_sched_clock_irq+0xa26/0x10e0
[  855.789120][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  855.794778][    C1]  ? update_process_times+0x242/0x2f0
[  855.800164][    C1]  ? tick_nohz_handler+0x37c/0x500
[  855.805292][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  855.810794][    C1]  ? __hrtimer_run_queues+0x551/0xd30
[  855.816191][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  855.821913][    C1]  ? sched_clock+0x4a/0x70
[  855.826340][    C1]  ? read_tsc+0x9/0x20
[  855.830421][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  855.836510][    C1]  ? hrtimer_interrupt+0x403/0xa40
[  855.841650][    C1]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[  855.847822][    C1]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  855.853680][    C1]  </IRQ>
[  855.856629][    C1]  <TASK>
[  855.859589][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  855.865793][    C1]  ? smp_call_function_many_cond+0x1b90/0x2d30
[  855.871954][    C1]  ? smp_call_function_many_cond+0x1bc5/0x2d30
[  855.878213][    C1]  ? smp_call_function_many_cond+0x1ba4/0x2d30
[  855.884390][    C1]  ? __mutex_unlock_slowpath+0x227/0x800
[  855.890054][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  855.896489][    C1]  ? __pfx_lock_release+0x10/0x10
[  855.901704][    C1]  ? rcu_is_watching+0x15/0xb0
[  855.906476][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  855.911688][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[  855.916810][    C1]  flush_tlb_mm_range+0x42d/0x710
[  855.921896][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  855.927466][    C1]  copy_mm+0x18af/0x2160
[  855.931763][    C1]  ? __pfx_copy_mm+0x10/0x10
[  855.936423][    C1]  ? __init_rwsem+0x122/0x160
[  855.941153][    C1]  ? copy_signal+0x51c/0x640
[  855.945761][    C1]  copy_process+0x17d1/0x3cf0
[  855.950474][    C1]  ? copy_process+0x9fa/0x3cf0
[  855.955255][    C1]  ? __pfx_copy_process+0x10/0x10
[  855.960304][    C1]  kernel_clone+0x223/0x870
[  855.964841][    C1]  ? reacquire_held_locks+0x3eb/0x690
[  855.970222][    C1]  ? vma_end_read+0x18/0x170
[  855.974827][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  855.979955][    C1]  ? __pfx_reacquire_held_locks+0x10/0x10
[  855.985686][    C1]  __x64_sys_clone+0x267/0x2e0
[  855.990467][    C1]  ? __pfx___x64_sys_clone+0x10/0x10
[  855.995780][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  856.002125][    C1]  ? exc_page_fault+0x590/0x8b0
[  856.006984][    C1]  ? do_syscall_64+0xb6/0x230
[  856.011671][    C1]  do_syscall_64+0xf3/0x230
[  856.016205][    C1]  ? clear_bhb_loop+0x35/0x90
[  856.020897][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.026807][    C1] RIP: 0033:0x7f0a8bf839d3
[  856.031230][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  856.050843][    C1] RSP: 002b:00007ffd53707378 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  856.059289][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0a8bf839d3
[  856.067295][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  856.075828][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  856.083914][    C1] R10: 000055556f4c87d0 R11: 0000000000000246 R12: 0000000000000000
[  856.092182][    C1] R13: 00000000000927c0 R14: 00000000000b276c R15: 00007ffd53707510
[  856.100193][    C1]  </TASK>