last executing test programs:

13.807369208s ago: executing program 3 (id=2122):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYRESDEC=0x0])
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000eaffffffa00d0000"])
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f0000000280))
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x7, 0x13, r7, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000000c0)={[0x79, 0x4000000000000000, 0x0, 0x8, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x3, 0x6, 0x0, 0x8, 0x2, 0x0, 0x2, 0x6], 0x2000, 0x9830a})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

13.110007497s ago: executing program 3 (id=2125):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000040)=0x3, 0x4)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x4008, r0}, 0x18)
r1 = syz_io_uring_setup(0x60f2, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x3, r4, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
shutdown(r4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r5 = dup(0xffffffffffffffff)
shutdown(r5, 0x1)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
write(r7, &(0x7f0000000040)="cb", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_clone(0x4009000, 0x0, 0xfffffffffffffec0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r8 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
r9 = socket$tipc(0x1e, 0x2, 0x0)
close(r9)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r8, 0x0)

12.098766565s ago: executing program 1 (id=2127):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000002c00010324bd7002f9dbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}}, 0x0)
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=rdma,port=0', @ANYRESOCT=0x0])
sendmsg$NFT_BATCH(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008804}, 0x4000001)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

11.903155049s ago: executing program 3 (id=2128):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r4=>0x0], &(0x7f0000000180)=[<r5=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r4, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r4, r5], 0x2, 0x0, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b14fea7a1316b81525ccf0f8b91fd2eddb851ba62b00d87337407214ea270251"}})
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000001c0)={0x117, 0x7, 0x2, 0x0, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r6, 0xc00464b4, &(0x7f0000000240)={r12})
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0x0)

11.088582679s ago: executing program 1 (id=2131):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c, 0x0}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x0, 0x8, 0x7, '\x00', 0x331d})
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000000)=0xffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8400, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = socket$inet6(0xa, 0x3, 0xff)
r6 = dup2(r5, r5)
r7 = dup(r6)
r8 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)='pvfs2\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

10.335851671s ago: executing program 2 (id=2132):
userfaultfd(0x801)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@getnexthop={0x28, 0x6a, 0x800, 0x70bd28, 0x25dfdbff, {}, [@NHA_OIF={0x8}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x28}}, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r5 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x22282)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80, 0x4}, 'port1\x00', 0xa8, 0x100816, 0x0, 0x0, 0x0, 0xfffffffd})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f00000000c0)={0x800080, 0x0, 0x3eb, 0x4000000, 0x8, 0x5})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket(0x10, 0x3, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x5b888ec021006621, 0x1}, 0x9c)
dup(r6)

9.680191527s ago: executing program 1 (id=2133):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\n'], 0x98)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0xffff0000, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0, 0xffff0000, 0x0, 0xffff0000}, 0x48)

8.937804831s ago: executing program 1 (id=2136):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000240), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
setfsgid(0xffffffffffffffff)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100004e826d4094225a4241d10102030109022b00010400000009040000026964c200090504060000000000070556"], 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x300, 0x1200, 0x0, 0x3)
r2 = syz_io_uring_complete(0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x3, '\x00', 0x0, r2, 0x4, 0x5, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x40505330, &(0x7f0000000500)={0x800080, 0x810000, 0xdd4, 0x4, 0xfc, 0x558})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={&(0x7f0000001fc0)={0x24, 0x2, 0x3, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0xa}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0xf02}]}, 0x24}, 0x1, 0x0, 0x0, 0x81}, 0x80)

8.705103587s ago: executing program 2 (id=2137):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = add_key(&(0x7f0000000240)='cifs.spnego\x00', &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
pipe2$watch_queue(&(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0x44)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0xffffffffffffffff)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
brk(0x400000ffc020)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x468, 0xc, 0x5002004a, 0xb, 0x310, 0xea13, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}]}}, @common=@ttl={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4c8)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x5)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}, &(0x7f0000000280)=0x40)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x40101, 0x0)
r9 = socket(0x848000000015, 0x805, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r9, 0x89e1, 0x0)
fsetxattr(r9, &(0x7f0000000580)=ANY=[@ANYBLOB="736974792e26213a5e2c28272b2d2e5b4ef70590f8712d407b0000000000000000"], &(0x7f0000000040)='({\x00', 0x3, 0x0)
ioctl$TCSETS(r8, 0x8926, &(0x7f00000000c0)={0x1fffc, 0xfffffffe, 0x0, 0x0, 0xfd, "bb40ef000180000002000000e600"})
getsockopt$SO_J1939_ERRQUEUE(r9, 0x6b, 0x4, &(0x7f0000000500), &(0x7f0000000540)=0x4)

7.585880497s ago: executing program 2 (id=2139):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x18, 0x8, 0x40, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r1, &(0x7f0000000580), 0x0}, 0x20)
getpid()
r2 = syz_pidfd_open(0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000080000000000000000000fe"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r5}, 0xc)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x4, [@func={0x1, 0x0, 0x0, 0xc, 0x2}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0x7, 0x5}, {0x7, 0x3}, {0x8c, 0x1}, {0x8005, 0x4}, {0x2, 0x4}, {0x4, 0x4}, {0x7, 0x1}]}]}, {0x0, [0x0, 0x2e, 0x30]}}, 0x0, 0x6c, 0xffffff9d, 0x0, 0x0, 0x0, @void, @value}, 0x6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCDARP(r7, 0x8953, &(0x7f0000000180)={{0x2, 0x4e21, @broadcast}, {0x6}, 0x2, {0x2, 0x4e23, @loopback}, 'vcan0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4000002, 0x3032, 0xffffffffffffffff, 0x2a1cf000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r8, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0x2000a0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r8, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff43, 0xdd, 0x8, 0x0, 0x0}}, 0x10)
process_madvise(r2, 0x0, 0x0, 0x14, 0x0)

6.776572954s ago: executing program 0 (id=2141):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000002c00010324bd7002f9dbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}}, 0x0)
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=rdma,port=0', @ANYRESOCT=0x0])
sendmsg$NFT_BATCH(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008804}, 0x4000001)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

6.537845926s ago: executing program 3 (id=2143):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@struct={0x8, 0x0, 0x0, 0xf, 0x0, 0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x2d, 0x0, 0x6, 0x0, 0x0, @void, @value}, 0x28)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
socket$inet_icmp_raw(0x2, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='minix\x00', 0x1000000, 0x0)
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x80000000000000, 0x0, 0x0, 0x0, 0x10, 0x60, 0x0, 0x76})

6.118875699s ago: executing program 0 (id=2144):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

4.888731764s ago: executing program 0 (id=2145):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getrandom(0x0, 0x0, 0x600)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x74, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x34}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'Q.931\x00'}}]}, 0x74}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000000c0)={0xffffffffffffffff, 0x1, 0x1000, 0x2000})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010024bd7000fddbaa2503000000180001801400020073797a5f74756e0000000000000000000500020004000000050005"], 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x2000c000)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x33}, 0x0, @in=@loopback, 0x3504, 0x0, 0x0, 0xb7, 0xfffffffe, 0x5}}, 0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="040e040a260c"], 0x7)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)
fsopen(&(0x7f0000000240)='btrfs\x00', 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)

4.78500904s ago: executing program 4 (id=2146):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0x1}], 0x1, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00', 0x4})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x217, @time={0x65757100, 0x8000008}, 0x0, {}, 0x67, 0x2, 0x2})

4.608206635s ago: executing program 3 (id=2147):
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x33}, 0x0, @in=@loopback, 0x3504, 0x0, 0x0, 0xb7, 0xfffffffe, 0x5}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xb00)

4.078018889s ago: executing program 1 (id=2148):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x5, 0x0, 0x0, 0x1, "5a5f0020008a3fc945e8724a114177ffffef00"})
lseek(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b007f000001e000000200000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c00000000000000000000004700000044aa00210a2101"], 0x230}, 0x0)
socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='subflow_check_data_avail\x00', r5}, 0x18)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
r6 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, &(0x7f0000034000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x34)
r7 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(r7, 0x5402, &(0x7f0000002500)={0x0, 0x0, 0xfffffffd, 0x2, 0x0, "f937267f0f7ba57603a6a12e3f0a7f64c64c56"})

3.931786247s ago: executing program 2 (id=2149):
r0 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000340)='name', &(0x7f00000000c0)='ccnA\xf6gro-p\x00', 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="9500"/17], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
landlock_restrict_self(r3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap$snddsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x200000d, 0x80010, r3, 0x7000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r4, 0xffffffffffffffff, 0x24, 0x0, @val=@tracing}, 0x20)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local})

3.836516387s ago: executing program 4 (id=2150):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x9, 0x6, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000054000000060a010400000000000000000100000008000b40000000002c0004802800018007000100637400001c0002800800014000000001080002400000000805000300730000000900010073797a30"], 0xc8}, 0x1, 0x0, 0x0, 0x5090}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={0x0, 0xdc}}, 0x20040800)
syz_emit_ethernet(0x9a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600101000064110000000000000000000000ffffac1e0101fe8000000000000000000000000000aa4e200e2200649078020000000100"], 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x108)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000040)='./bus\x00')
close(0xffffffffffffffff)
syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x101042)
close(0x3)
sendmsg$nl_route_sched(r0, 0x0, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b000104000000090400004fd4695e00090532825b"], 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x9, 0x6, 0x1) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000054000000060a010400000000000000000100000008000b40000000002c0004802800018007000100637400001c0002800800014000000001080002400000000805000300730000000900010073797a30"], 0xc8}, 0x1, 0x0, 0x0, 0x5090}, 0x0) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={0x0, 0xdc}}, 0x20040800) (async)
syz_emit_ethernet(0x9a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600101000064110000000000000000000000ffffac1e0101fe8000000000000000000000000000aa4e200e2200649078020000000100"], 0x0) (async)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x108) (async)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8) (async)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000040)='./bus\x00') (async)
close(0xffffffffffffffff) (async)
syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x101042) (async)
close(0x3) (async)
sendmsg$nl_route_sched(r0, 0x0, 0x10) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b000104000000090400004fd4695e00090532825b"], 0x0) (async)

2.921944974s ago: executing program 2 (id=2151):
keyctl$clear(0x3, 0xfffffffffffffffc)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xaece, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000140)="a7361e65650fc7380f01740e2e650f350f08f20f5a0ab822010f00d03e0f71f5100fc7b5d1c4", 0x26}], 0x1, 0x4a, &(0x7f0000000340)=[@dstype0={0x6, 0x3}], 0x1)
r3 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
r4 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x20000)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@mask_fadd={0x58, 0x114, 0x8, {{0x7f, 0xfffffc01}, 0xffffffffffffffff, 0x0, 0x8, 0x7c0d08aa, 0x2b, 0xffffffffffffff5d, 0x31, 0x9d}}], 0x58}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r4, 0x810c5701, &(0x7f0000000180))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x2080}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x10}}, 0x98}}, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000e5876e4040200516940a0000000109022d00010000000009040000035883b200090509000000000000090585"], 0x0)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000040)='^U\x10\x1e8\'\xc7\xdc\xa0\n\xca\xdc\x8a\\\x14\x19!\xe0U\xb6\xd1?O\xba{x\xfa\x01q\xd8\xf2\fD\'\t(Q}\xdc\xb7\xde9\x8a\x8f\xe8\xeb\xf4\r3E\xb4\x98\xf3\tua\x87\x7f\x88&\x1e\xc7\xf7\xe2\x0f\x8a_\xb1\x0f\x18s\\_\x90\xf1\x0e\xfa\xb1\xc3\x95\xa6]I\xb3Do|=\xbe\xdcl\xfa\xaaI\x028\xc4|\xd4\xe4J\xbcK\x14]\xd6O\xec\xf6\x7f&\xc8\xebb\xbf\x8e\xa5\x9b\xed\xc1\x8bg\x88[.\x88\f\xde9\x97&\xc3\xfc\x89\x91Q\fr\x93\xc5\x80p\x04\xd94\xd5\xdd\xc4;\x0eSsy\x83\xbe\xaa\xb0DVK\xef\xc6\x19,\xcb\xd2\xca\xb2\xf51.?na\xa5\x9b\xc18\x9dQ\x9f\xf3', 0xfffffffffffffffd)

2.482521683s ago: executing program 0 (id=2152):
iopl(0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sg(0x0, 0x0, 0x8002)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
request_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='-\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="7bd200000001", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d030100000000009500000000000000bc26080000000000bf67000000000000070300000fff070067020000030000001606000080ffffffbf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
add_key(0x0, &(0x7f0000000180), &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
r3 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$search(0xa, r3, &(0x7f00000005c0)='logon\x00', &(0x7f0000000600)={'syz', 0x3}, 0xfffffffffffffffe)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg0\x00', 0x4)

2.476980162s ago: executing program 3 (id=2153):
r0 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_ep_read(r0, 0x60, 0xeb, &(0x7f0000000100)=""/235)
syz_emit_ethernet(0x145, &(0x7f0000000380)=ANY=[@ANYRES16=r0, @ANYRES32=0x41424344, @ANYRESOCT=r0, @ANYRES16=r0], 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
r2 = userfaultfd(0x801)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000005000000080000000f"], 0x50)
r4 = socket$kcm(0x15, 0x5, 0x0)
sendmsg$kcm(r4, &(0x7f0000000200)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffffd}, 0x80, 0x0}, 0x4000000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r5}, 0xc)
readv(r2, &(0x7f0000000340)=[{&(0x7f0000000000)=""/195, 0xc3}], 0x1)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/95)

1.654045341s ago: executing program 1 (id=2154):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000002c00010324bd7002f9dbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}}, 0x0)
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=rdma,port=0', @ANYRESOCT=0x0])
sendmsg$NFT_BATCH(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008804}, 0x4000001)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

1.562259955s ago: executing program 4 (id=2155):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, 0x0, 0x0)

1.51714835s ago: executing program 4 (id=2156):
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

1.099132582s ago: executing program 0 (id=2157):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = socket(0x10, 0x803, 0x9)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
r4 = openat$ubi_ctrl(0xffffff9c, &(0x7f0000000240), 0x397840, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r4, 0x40046411, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r5, 0x89eb, &(0x7f0000000000)={0x7, 0x1, 0x8, 0x1, 0xf8, 0xb, 0x25, "f9891ebd9f280e00c2e15e456d984f92537455bd", "08ca2570a3c7c7bc104aa42afa80f9cdc42a3389"})
ioctl$KVM_CAP_EXIT_HYPERCALL(r4, 0x4068aea3, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
clock_gettime(0xffffffff, 0x0)
fcntl$dupfd(r1, 0x406, r4)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r6, &(0x7f0000000180)={0xa, 0x4e23, 0x1, @local, 0x7}, 0x1c)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x21, &(0x7f0000000440), 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000400))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[], 0x48}}, 0x0)
unshare(0x20020680)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r7 = syz_open_dev$loop(&(0x7f00000000c0), 0xf, 0x800)
ioctl$LOOP_SET_DIRECT_IO(r7, 0x4c08, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
io_setup(0x3, &(0x7f0000000180))
syz_emit_ethernet(0x46, &(0x7f00000002c0)=ANY=[@ANYBLOB="0380c20000000000000000000800450000380000000000019078ac1e0001ac1414aa03049078120003282500000000000000000100007f000001ac14140f0000b50800000000fa3e5b0f517d02815d83546f229938d382c56b916cbae3c772d6c0233938e1eac137e44ce47ea0204b4af642e17a9748de170b93c9800eb92b8054a113de1f916441017e8a7b6fc001e925c06db451a10aa0ceda263b62049a30827ce193871968fd1349c4954331aeb64c723da3b00c214fff75dc72e8a2d19d573fdfab5655220230412fb7e0b6a174600d800ff097715eae9098903afb17f24667baea607ea2180a0e3b61ac4f518f8cff05c2d5c3b630dc0a8c85b83a45f1e523fccb2aeefbf7d9d4477f462900001c714b36d439a55347b763"], 0x0)
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000040)={0xd1, 0xfffffffffffffffe, 0x5})
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0xd, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)

292.928238ms ago: executing program 4 (id=2158):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0xfec}], 0x1, 0x7fec, 0x7, 0x4)
umount2(&(0x7f00000001c0)='./file0\x00', 0x6)

169.915983ms ago: executing program 2 (id=2159):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
userfaultfd(0x80801)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xec0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594012124fc60", 0x14}], 0x1}, 0x1000000)
socket$pppl2tp(0x18, 0x1, 0x1)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x8, 0x8, 0x0, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x147, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000000c0)=@nat={'nat\x00', 0x670, 0x5, 0x3c0, 0x250, 0x1a8, 0xfeffffff, 0x0, 0xa8, 0x328, 0x328, 0xffffffff, 0x328, 0x328, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1, @private=0xa010102, @rand_addr=0x640100ff, @gre_key=0x4, @icmp_id=0x68}}}}, {{@ip={@private=0xa010101, @multicast2, 0xffffff00, 0xffffffff, 'vxcan1\x00', 'veth1_to_team\x00', {0xff}, {}, 0x34, 0x2, 0x20}, 0x0, 0xc8, 0x100, 0x0, {0x0, 0x7}, [@common=@inet=@length={{0x28}, {0x7ff, 0x9}}, @common=@ah={{0x30}, {[0x0, 0x4]}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0xe, @private=0xa010100, @empty, @port=0x4e24, @port=0x4e23}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @loopback, @multicast2, @icmp_id=0x68, @icmp_id=0x66}}}}, {{@ip={@loopback, @dev={0xac, 0x14, 0x14, 0x27}, 0x0, 0x0, 'veth1_virt_wifi\x00', 'veth0_macvtap\x00', {}, {}, 0x8, 0x1, 0x10}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}, {0x200, 0x260, 0x0, 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0xe, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @port=0x9, @gre_key=0x8}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x420)

169.30058ms ago: executing program 0 (id=2160):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c000280"], 0x40}}, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000ac1414bbffffffffe0000002ac14"], 0x28)
r6 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x4000, &(0x7f0000000000)=ANY=[@ANYRES64=r4])
syz_fuse_handle_req(r6, &(0x7f00000020c0)="5b095762e4ceba7d280612b7511913c90df9e94f4e38e6e5dd2dac0bd4683a92d758ad90f9e2842073d15a2d5baa4db0b69c47e278e3f50f394189dd7fce63890ce3ed1f24e67a79c1cbc5eae3984e9d3e8759a9229593ad412b129b68928ed908711b6d1213f9355ff80c2579fa58ced926b267a2264063dd3fdea384c58f4ac5bf66c361e8ec046ddf824495c5b6947ebab4e24257d117313fd45b6873262073e64e3da2431276466d75447ae3eb562d00423b8edb3729fa059a5f004010d551edb43813821d27006eb0eefa536590139123f218b3b0e2d994953269636885ffa849a905e62cfe5f64cd04940568809738ed7306e2430d382667d87f54013a5cee43dae2ee75111ed33350d86c757a8362a81375befca2d0f555cfcc58af87c184bf154694ebb8f0b6ef09f13370833a44cedd5b3091768bbbbfa1d0859a114ea6b4d9f25c11d9f3f45db19fa5586d36bb6a8a15f9d55210caaeb983f1d2e6688e107b6de6cca9d9c640afab7620dc440e93f9d5e920e8fe7e74bbf8754a7195110fedcd8269be84a945305ee09de4997a5a2796f5090d2f9ee3bc0b2228c389ecb6468c24d2c5699dc30e2c9ad71ab272e16a4a645516458bb1f2a92b6ff06bf697503a43205473baf112ffe468a9c727ace967ad603d335ac634db4534540ef15611f113ca28c3a3cbc7f6c96945bdf291cf39a5bae0277b51e959dcd26d1117ff63f1bf748c845b7641905f83f6a0e468c75f88fd74d36ca638e5fb055dbd55c14fe30813e2518e390dc65db7372755306779d7fb13fb9403578fe91422cdb8dc8db0cbbc986369ff7780afab5755a039b37364347d73835c96389288b3768e1d4e59cf77fd58228100d397badfdf52dd5eb453ccaad785d21418e509f734f19e8cdb5a0993ba59abcf654625000eddf387d0c291a3000e87c4fec269a9c787997e0d106fcbd9f488c75559c0664be295d8dc20d214f17c392ba0bb73df8bcde0f47e449ab40f51b02bec01fa48171e5e39777aa7fd94525e76d78e2f2e692eea0ed254b2ce1db59e5cfa91d9b30ec2d39868c32afc6797ff333b1ce9dd2c0b3034124b1c004d9dc0cbcd4432006d54528e3e28e96e911eba7681a035d4e4551c7b497cb0fde2845ba18c4b8b19efe147d90394ebed77e7c0a3702fe2b6df71ff354ea5d55a77c899975df86aab5abb2ce370f3d8f4bfcb417ecb82ea0746997a1ca1e9765251a6d33402ad0c0c151fa1930d557248f2aef24e59821f7c649f6824f3a00cbc60c78fc3478969443b03cff9bd6dd1944f79fa7b55005874a7c3b6e6e4e19c84975dbf266a572fa0653111af78e2637f9588ae0cb8283f29f55b5e03bfa9caabdb322be5a2c097b8ed1fc6b5de9e2d9833840da9a036738f5a260b2bbbe0392ba7d982bd567573c9a8c3558103dc62e16c0072a97e2355629fc50960bc3b89949a2aa52bce12379c500e767a986762628cff8f69f73d359ef604a48dd15e7d5c298330ba5be94afcfc913f8329aabae358a9b936e6c19f9a0a45f239eccebcae9143aeb66dda74a0a9714038db0986fcd6c8b2f27330657cc35a1e1da3e4805d4f360cd2de4f798bebaf60daa49e5e4abef7dfb930080bc962d66f859c2138c3d72cbbb8ab11ba47d19406e2fbefb30751631e1fad5cab36fc18907fc4790534fe4ef07b2b0058ae14e0762a4a185f1008f4f4f7b8f30aa62f83806a7ff0e0bca2178981a472071f7bd2ba12578b53a131ad4643caacb8cba98caca210e732e7f2df5373f0c637826c4daedcee4d8439392e9e817fc01f3b504142639273a73cd6f5c8c8033e8aa145359ee6808e4f7b10d35646e642f1c2693002f4bf321c72b33d2a7c6bf1864cbc543d1b07785c12ae87f908498a18b32be69f11d8db79d899f605b4c8bf74ae5cdedd5bfd17cb24469076e9d357b7a0abd9a55384f70ad49997948037a630d2d016e85d468c53127b09ac8d7314245ee0082aaa56559c41ce1a986b04bc21fbabaab0731a870eb0aa98d02ce78ec899b8d1ca5488d0492ad0eafb7c17170806f229fb01739d6ec50040cdbcfe16089e478ffc1713c06bb0b7db29f6a5c5ff20c5d1168ec0f138d36a9465e304c3ef6bbee4f6adb26348b469c0718ecd34f0f4ce7886690fe17c8160ec5ba873483ade45233392be8ad11c97f95509d8ae60846c62f0ba45f5f23cc4840280f043677ffda3385d8f4a3a2bad3bb8f9077dfadfe230e6e093eccb4ff6c0e7cab3df81e073c880f9fc41a404ec3144507ebc53c0778068a3ed3abce5d90ba084d71d221373663e9a9686ab654eecbc45fb0bf308ae22543ebbe65996d329018bbd6d4426d774a4babcc3e97c95acc40877bd1120f0208b54541138f4eb88517e2ca4562b409de39c41d636a0f3594f3d065c2e710af90aa55d0ecd20f383dd6fac7c93cc6011469fe5f4fabefc0c12ac0b77a1f44da769a1b6720a29a7969459feb18f61f73457b2aff8b410ff264d10f4be0ac000c4c6f29d656b9a1887df1eeb786bed0c5ff84be315167ad0506786a9cbf64fbebb4d7eab1d9bd9108bf10dfce2559007edcd6fab26b195534e06a6f3f862e351b7b68fe9e3eb6bd9f47f83a6bf49a36c8ed2f6c8c5d3bd2f4a33d791ea61ee2e21a46e46807add328bb3c3109ef7a402b9e3fa16957693dba1d4a4c361bf6848114cbe29e601bb38a532a387edcd5c39b1171471d8590dd4fda56c7d43b9007b1490ab3219d598048fb50d9290713c079031642fcee9d2ebf03c193ea152b30a1ef9e1b30cfb7c3069432295befdd94bb04c8e9d67e367b787031515dc4f64e3496e8c2c390676c7a89a85c02fd681fc7851c0f652b3d9444002991620ac3a0ba7a77139bea95fa8d053359fbc58c392cb194ec3e6903b841404f735f37e5d1608606be851db16bb9d0d659cb16a3edebbd3613f16cd52b5398196d3fc031a611e7b8d61e4f91c2ab9310a6ae26321c7486568f23298552b4a824cb797b3171bf2f7e2d8444734aa8af3a720cbc8a61161b462f9189c11d687948b7271226406f37429ef09d13b17dd21c4e72be1bc0b816fdc096312aff7f19f3a2181ccb08d1f92aa003c284fcebcc8584cfe242dc8fb0e8cedd71dc2ca48df33c9e650e8bc6f331f9eecb4c2de8b75133760b4c51948b990675e724a68ecae3f2d88c7abfc9bee0875f7feb691b813c1825a0326d887032b5016b69c228cb01243d150c6a188cca6d22f469e6195bf2f3d6d4cedd8ef43e9486f5e9cb9f70e5a92cd2e62bd9c70775d900784bf6283b074c9c0df6e5da7465fe30fd723cd4918dd3da6b7e5475c89d34a4075e94a938047625efa4fb8d02b8616f4f84378ca26c875a364e68e3a02ce5dccb0dc0b686ec52384c076133ddbf7eebf178411109c72171a87625ee0607f94f1ad9dc795906ec7012a51d3621f4fa19f25891d8415bc4a0e3273c21159bff5ceeba3767445fa6a24383e5f165a6fd4fa579a02935943aded524f6d6a540d67b44f4d7d0cefd1c08a53a1a06a4ab5157f8f64b22f3875f6c9fdd76507e277691aaaef9a90352cfbe5005d13b35fe0ce04d3b3362590053c5a7e3b6932364426aeba2bd79943a2b50d5856d3ecfc74bc02318f9eaffdd08f20560bd1d0f7f643ec8e05fc19a3188fa77913092b0ddf40f8be0cc278998dc32da328ddead37f6659d780bd530a48b4bfa230370853db872385b5ece3a9a1f39c69a2f7290ae92f769cc996ad69e22038352fffddfde95f9951c4e0029e6244809bc8d77f262cd3057ab49277ad4edc55f94235c01f774de6a7e61f5e688d71e26348cd61c30348bdc9debb28eff7206bd67bd92b038b584afa3526c32cdcad81402b3642ee9fb608a4e18da9b4250c54feb404cf636caa798bd7e1087f60f424904616c959548650976d8577176356b2d47f46417f00000000000000b1b7f9ac7220efbdb49c081dd38f7c8f718f2969237a49f6200d62e879030b0b6229f39dcac78af38be9287fe0bd04b2e65e8555399ec5613856688d547bb43b472ce03ba3190112a004def789771f83faf390ea062a2b093aea35027c6331d097db997a612bfddeda832226851a751b2116ede07459e6e1717a47cb2f93d7f140361183f5d2a0773b8ef0e458b3489176672223eff9701ddf0a3caa2848feaa54ebf4943b409fbe9369b8c2d0f27a9fa6caeb6c321b19f9e7daf7410142a8e1f1649a855165b6dbfa61570926069d94894f616ef85469113add5fce8db6f22a1bcc3f93b75d94644ff75e5716536c727747621e7664a93519faf3acdab5f29b346172892697909f01051474bb8811d4cf1bdb32ead2364a2d89965fb7d523d5d31f7c7bb891e49d0387c2b235f610fadc23b4463f6a31d4a8a068b8e392ed3d27dd27832c9fa6a7d9a170137cef0bea684311e098b6cc60f36e09b1abc09cb089364e0e256f5d624e6098f02e53fc74724ce9f1d13517fa53968554b523c973ecb03643ec452addd7b566d6d12cad7a0acfdd8a97fffeae567c87aff01b2be11e3a95c54bcce3449c4564132be69c08f309ab97c57349f29a1b8d3d78bcd623409966550e294523e21750930b97f012c4129dd0b55142b4c559fba8cd07083cf6cdd0fd36cfd38f3e0de2da821f2d9f79f82239d6ec1db4dc9dde063e35b1d5ffe929c56744c56c3862b8bd8b95dee19254cd480500c2942b594f0eaae14c3eb07d9d1c5d201425e9e3923b41457fd7fbdf747b2fbc61480aad014d8917ff8f5bd048458c55348b292ff00026690a04a07e90fc0373e1b6ed62ba81af0bc4bda161ef8400887481fcfb8cdc4127500e3fb2a071896f657d6fb04912f3395e5f9e66eab3b85c28a2e37b156511bad5b0d2720670e2b1a762333f42ba528668fda6ea0a80a398129eb3347310260f9f26d5ae249bef77d51d2ed248e0775cb634e48c830cc2c2512376bc411258edd8f73a2d7adbaef40ab79d2ae37f27e2893048d59693a355c87e43b53d545c16997fa318f1bff6a7edb29a7ab80a2381ca828b6d8c5d7976abb11d955faef8b8d5589fea555be1803eac4730a4b9ff3477cf462dda1fadbbdbbcf6826276144875d58e12eb9670c6324f0249b220f1336f9ba43b732bd8c421b040680417a1f68977d6beefbfa9358a4d861cdbcab618043e661208b6939313e2bb01d77509c1df93d87d94da5737d2a10a935b44b264fd232dbc2e59036e0d690431627e0903343b8352ac291eea31d1424c34f9f8fff7fd8df9f6330f88598004a353bfaa5e71d039b8caa33770f9050dbce61ed1c2c0285d23bd4a0b4cd9237ec7c2773474d02881cd7d5541dabca4bafb11f7362160c4a871716720d8d2e26c0400b4abd45c93ff25602d93a1031ffaca642d6f88f8b7ba38de3d8cdaeb89f8fe8de3f0c089bd8b360552d1c26845ccabd2d86acedb16f20640648527a420c497c4af51ef463ce1e3fd8f70f06fa016f12b307e1d846ca35e0f22654456705ce42334401fd2e993c6744918f578fe4d1e6e434d53cb8960008357036ea2c3b03ed9676094fa9693345b0db656273e350b10815755ff9010769af2fb6c5cbc859cce9c8a313cf802a2375d1664b61716067fec9609928f0ccb97397f52765a00334c5a620203977c1df6f9a6f13e46e3be2503ca6e1b1332293dcb2babf2f6019a99274621d0ffdafd9447ba70c948d4c8d9b5b093d36f8e6b8136b16a7da020cf6022b10cd13237aee15319c83b0522aebf523b13ca037d0aa604c5a53fb6536edb8a3d0fafcd66dfd4cdb461f8195c41df043fa6f46e490f43c71422e6de020dbe2ac543c516446ce1ee5890df424ba716eb91da1f8e127777a0e4396fb35654468747179d2884951e06c952f7f1ea15ee46b60aa15e562023eebfc3a79693adcd67fb23ab6b74b55b65d8421be9f454f8d89bd76340c46d5309c892121dc19f8124cacd2b8da3fc0c0ab92dbb5e0537bdbfcffacce03376cd10223815f7801b1e20e32080694dfc8a416e0aa0fc76dcfd037366406aaa84d48a8cbad3fa48ba342ec4aa02f391c6039403fd4dfd8a5cdf4b8c4345febc085798b5c7dace7a3646e2b9e4cf57c13b959f21e33bbfec54c85922a8095f2c2de1f1db72493fa9756d69b0ace403bc48adde75bfaa4d723a8dac4dfd370cf02329df1a8e8576e11fb8137910cf753cc76585a2d1c7a0da1304f44c26076d87b5d402c72a724b464b5cc2c0ee6d1fb472a40a41e858697dbb82b6103fce576063d2aae0b4dcefef78f8de0640c82d955c72f5b1280973410100000000000000b419e18c7c62e080b8034ac7e1134524c1fcc4f93833280fecd0ff424e39cfecb21e714e0f9e1843296cfddea2e35fa6a7bfe6069b366316ef5e6b73aea9e069d1538eaf11cd503b50435e976dfdd39e05918be1b4f91005583c8b84c33b13692bb8ff005fb9d29958f9697cc83c48a0f3666dfc6cdff0d5f923ddeb4c74db22597414f1973d3cf339af2b5b2640857c232788e21ab92cfecf7938d7ccc0162cf913d88967b5abe80c61d3ce1efd120a856ae450e4d7593ebad568a74c7f5ee1bdfd17ef1f72e7703b36b5001e593f1c6908edcb023095fa059e97d68af2ea295b766aaf819eacd85946bfc5bf0c35363530870cd8ce3931ce7c3885fbae123dd924871797070b80ff914b7bfaed7d0a54a372716bbead8797a49524e77025bd9b62e1fd69ec8a7d55741716df76be640ab8e7c44600882d316f220780013a80ca957fa9ad31c910e3565a8e1e1a1e96c5362bd0cbfac2a53328df35fbadc141f10e5a1ef3d1bbaf877d0659b051de0f7636712cbbbebf095718c96349a96fbe6e0389a511635f0cf31906fd6bb6c2d7ad9be31e9293b418f13c22929c90eb0950aeb343b61401e632fe3de3dabf51dd308d17d6d6643f08c757ee17131cb91b611d20ab2ab35190859d8e4d76a44199765c1efa2bdf5e3c3994585e0a7d866dfe5be4601442da0b686f4f44ba8dae33d639ec2a5acf11e6650593bdfdcbfc5860144a15734eaf58e9e2f5495471ead9a25ec659df37e11e84f4dd7283687533de576a9de4b705f9e35964849206259862a5a4c956d26945ff0b8456e536d72136b4989ca135f00026107662cfae9696f2bf46a8b3207330961c8b31c8bb8dd2b0a6c3a833ab7b7aa97df0c14941d1833db60892511ce0a77f87bf54927f3d912de88581cbd301e87554f76b46a850177e550924db74794f6b5f8db5a74c1f932b3b4bf4ece2cf045c4fd490906f2ff09bdc8f683cc61a5923be82011fed297c962f8d7690a9fe980130d4b6545cbdad82ce198c8a1b884bb36288dac252c69b0d8a4eb53767d297eb64ef7e9f90faa994863efe194040a984a1461b04d1baa746afc353e006b71d4839d4b2ba10d681c344642fedeb8d6a2d518a42c9b252a7d6ba4ee5cbc7a81d543af5fccbc284df3ccc226dcd79b20b987b30ef767d2f810fcc55266802abc38cbed144621a6c0c52bec0706bda66bf7d5e957210e2eb6fba79d7deafbea073c1e298861f46c6e17523182f67e133121f3ea2d8316ffe6de51fb3717edc99361c979e9ecb51e3474a15accb8254003358975b786d81281bacfdffb655a5855da5c5edabcfc5e3e5ca570c16efae87032d3b85cf3d52b020fef5fa8339f776a2d629173252fefc9fb2085b49354fb255b0ca941d60c41a2cb10c742af0ea277b65b960f49184297336f1a8e049eb80c3d40ef78b0e8a9a4b5848caf5131b2773a7c18421db56afea355d869ab81f0f7e753651e8ce742c379ee4f08fe23e7c1307bb9f00e60a4cc804f4b47ac42903e1b1ad99ff795130833a202c36afa8851a7ae7c0eb7d25b006bafbf6b0f579e910c9207bce105f73cd219dd352af1b3250a273a7eae3fbbb8ece80d2b61591dd25679e541bef9579a538e0c0fde66ddb176c84c235de570860128ae90a44e8219841a1ed84d5a3721afce3b24e0173542644cffa2b2603171bdbf3a5b2d7c9d51b7a31f7b6675d98938c8e003fc26a2931811dfcce100fd5eed707884c9f1a9ff629967eaab2908f2988378a271c373828a9a836dbc6b1db9881bb30509f693a92daf26f0741b01855af81e594c318f0dd13a89e87fb3d7b3527e7b007bb2e744a322ac3a40e05d24619c3d41643b6b811af49eda5448c21af06b8707baa6b8a2f7690966152ada65a5253aaece296c1ef46a12b399074fbc40a791f4677f05109bbc103c5bd37ccf7b67e4fd6b6ad97314a9dd236dee6e1371186ccc03d4d8560a22cb6709c35a391481d659d7ebeae325f5c9a20de7374b6715b4d8e77997873929d7339b20ed8172d68b0510defabae5712e5509e41afc5d8bc531e296832d285d9410a0d1173d194b3d15571773c97fd12b817fc2d3e0eb6a4bd6720f57d487023f52e3e0f7dbb0e8a7807283951bc8dc7344afb95d8d93f34020d7b1d6b90bf0520a35cefcc8895807286f624c7df58c89d3fcc2495e3acbb98d4424b1c1d199878dcd9ac5e7a2b216aeaff32d04b74495d16a20aa5854e750c0a66f60c69db44674d695eb8d3bb7ae36065d1e6efe9d68527e57c21dc4bfb33f4d8625a95fe3d2d3ac42abf540dd46e32619e63f9cb40e2de1b6c2102553c1907f6c62c0c689c85a1aa0b1e801b0115aeffb9618d1b412d9d7be9fda786fc9729c6819f60dff95c14720ef7afd69e92fd36fcb3f25b5388f15e621593132418a5caf60074ced3e1f6b0120fd162ac0e13395cb8d4462dc32406c9a04252666ae7e74e9da335522da7ac76d377ee77a1a4d4fb0ceacc3259d486466f8f45f795bcf04ad2935d7a4b0aed6eafd4bcf1830480d044af5fba3146a7730aa87b3b33494fcc3f4111507f059c65b82171acfb5a3f6c7c9d3b156788ecaf9b3581b36d0a059e28fae2f3f40fa631342dbdd89c28429e1eb511121f2dff45f73a8eebca82caa064c1e158dec6d8fed2d05e3090f70cc8406d3d9cc429783f60e63bbddb2a61d6e995238ee4f0e3eeb23bc529535dbdafd7db565541ca2dccba24388c7cbf1989e9d71eb2a3804b224350fa30e979c08871e5010a32ec886ed30128f6e509ed87056fb45e1845282b5acb1262fbcf5361284a12a009c0dc914a20572e6c4c61bfbc5a01fd9e605aa95ae85fb704e8a59580fc00d0720c1b212c44d33c05193d4c6f9f87406c0be25e5d9cf7f548a2ab9cf829a543cbea4c9d338790100fac6cb3a3c989a1c53f581b459e5b4d90a4c08b633d54c9687b33da736ec62f141b50bcb4ecc13044a598696ba9c0f9bb9644565ab5c2163df0a47f0b7362c0e51746ad2fdebb31b57c1ccbcd8dbb0071c0a69280bd8a7e97abeb6ee17e8cf704d24229e55905b5799ed5d7b98b08a6a7da5c31225edf80a487fb897301b0d134b953c918b320bda3ab29e69f759f1bece2910079d3aea3da89fd6cff8e4c2e24c1dc1a1d6f222f45f61747c2e0d5962846a85180d0b0963d33b24a2daf082b69f2957f6e90e69841b4cbfa1166226cdd6c06c24dd89c2e9b1a495851e1e5f7e1cb6944f660f65ce5e41b12d003e365393b15f13fcaf21031ca6ef8f270c0109b1298ac11c6fc87397bfd5b6e96339f2449082488e9f74cc5cb08f85d9705c53477f25d2f988f817014f2065261e568d3e8175da7811f1a05cbeb07f9b0a156b6abe016e9b8300e212b5e5453c765e5c466e88a5d8f98ec785df0267349c8ee49c18de6d3910d09843310a390522b8751433ebfc6206f6c3e654e710d3a3f76b1ac79842c0451d4904bb82fb631d94dfa7658727f2ac53feaa2f120202d616a9db782f5c25a2b8c6ab387cf3c5dbfdc2631891d875a0ce758bd35772efd9eb1c18a1d92e7a45f958721216585f2d85b8826a16c5bc4e528626e80851f49f29e2cf7f6ef9a6b8b3faee63c8da84b12ce71a153db2af86b29496e52ef13f9f9c86f05001b61f3290b565af6c8c404d2bbdfee74c1f623660647150d487bc5c4a0ec8509c47e89e795ad207463e1bd4f0aadda0d735a2f69028e8b361e4b259eeb81113587fc2fc28c26e82949a3f0a6e9f86247d8408ffbfbf96dc892dce4d8759130198b54e6305d2cd07835c5cf9659920a4cf024285b7584b70e831256813fa3a200f3ab8851b411d6cfb91bce34fb0cf503d439ee1b8fc434cac3a318f1bf65402487503b5c7bbb076ebeaddb2ed22b444902b24cd9c3375621684dc854c4af685b6f768c1085862e94ef0337a4458b1dbb3ff0c724041c82aa956636c40d15dbf0ba1f7b8188d48b5520fbbe65df81bdf86fc2480f65c8ac523b1cf57a37904ebb704b4c27b01f60b514cfe990220f187943ec138a673e08a52477cc2f3cad746ee251ddbba7ba13101eae9d32a20df248569d1ab882aff778c544c7b530d5171f04d3518b4ee6a99e07212f8bd72697037551ef3ff35794e01cba640041fc910e599e3d163577f6c837280f84fdbf9a54a1744b32f62834c9d5cdcb94cbd184687b89b3a9cb8a76be61e5f8bf5528baffa774cba2577ffddec869bc24eaa6ec0cec8c6afc3cba22891e8b09fdb5254dca8117e927d4d8ac2ee20775ca7793b82a1d94c0555df748fab1ba794fa608ed282190e5f84eebd49fa12943ad56f205a2e843429bb550d5b160c74083be846d4d70e4e5bb6c2bc5ac764e5c29029604b2bac9eed579184f7b8f98dbd1a168196b42cb57347f6e55d8e4126e9a51ac2daa61e74ba71188606e2a175028b8634fe1c9a636061e163b993068a13c5e9904e1e2c128596768eb842111569526d128f249fc3f7ad4bc3999b1001af8faffe9b264697bfa964e4d5ca4218d1fe0307052057c04435e4a853f44fdedb07083c85fd32a5ce0e0179d97ab921cd541a5def8c3aaf2b63857c195098783e340675e41fbd73657c83fa94781b910a61d4ceec44d7b8865f5a983b56503647f8fe63fd81f67484753a550e1f3b19ecf5c82e0a84e45ef36da1506cb0c083cb8f24808e1d4a9e2990a25ba8dbb6f5d3eb94bf5d9dcd65ed15fea1a995578b8ffe8ffa8f59eab41607774998459527c2f5447e0076506a3b10dd03ab7c858ed9f800ac489e1cedbddbaae0245dc1bb7b3256e686c9b280c50c49333f6d461db5d3e945309014528bfdbaa6b5c94efce80be1b9174a42bd08d2113bb26a0168c8d25758c993e9623ef9a35724e689a903c0712792d9e76f3e2399ff371d47151c9cd559f53a3e338acfe715ba3ede12f8fbe62cb1ffceee3de90d78f63db72474caa58c4e2cc1436419de2f6c8b738125b0ad76ad393eb162aae5d1fc501e6ba51a2ae5a47628a92bdddec71bbde7587613e293be04d6a9a3e6f886f25aebf4569a0e1ea5b3102efbbc051d368b005c791e0ad48b0569f4c3918080383f7789447e5a658e26646d39a8c827339255e766e2535ca2a0c87d3153823a27b8ccf1cf4c30c71fd9b265b00a955caeb7241a894a86e32e51ac7c729c98f4ea46e1fc90da62b1150afdec4c1a0994594bd14e59ae2abe2c4eee60194eba156e1aaf118d017c2ce4b3e92004aa6718e4abf7ce72df63fe0ce6496cba35df00d5760d634e1e934bd", 0x2000, 0x0)
removexattr(0x0, &(0x7f0000000280)=@known='system.posix_acl_default\x00')
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0xc, &(0x7f0000000480)=@assoc_value, &(0x7f0000000040)=0x8)
socket(0x2, 0x80805, 0x0)
r8 = io_uring_setup(0x5323, &(0x7f00000000c0)={0x0, 0x6852, 0x10, 0x3, 0x2002})
r9 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r9, 0x40045532, &(0x7f0000000240)=0x9)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x3280)
close_range(r8, 0xffffffffffffffff, 0x0)

0s ago: executing program 4 (id=2161):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r2, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r2, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0xf5, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0x0)

kernel console output (not intermixed with test programs):

gth.
[  649.064265][T11405] netlink: 'syz.2.1480': attribute type 8 has an invalid length.
[  649.148038][T11411] xt_hashlimit: size too large, truncated to 1048576
[  651.847566][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  652.465976][T11448] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1496'.
[  652.904327][T11448] hsr_slave_1 (unregistering): left promiscuous mode
[  654.473865][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  654.487114][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  654.715216][T11475] syz.0.1501: attempt to access beyond end of device
[  654.715216][T11475] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  654.729453][T11475] MINIX-fs: unable to read superblock
[  655.467024][T11481] FAULT_INJECTION: forcing a failure.
[  655.467024][T11481] name failslab, interval 1, probability 0, space 0, times 0
[  655.501659][T11481] CPU: 0 UID: 0 PID: 11481 Comm: syz.0.1504 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  655.501693][T11481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  655.501706][T11481] Call Trace:
[  655.501714][T11481]  <TASK>
[  655.501723][T11481]  dump_stack_lvl+0x241/0x360
[  655.501760][T11481]  ? __pfx_dump_stack_lvl+0x10/0x10
[  655.501787][T11481]  ? __pfx__printk+0x10/0x10
[  655.501819][T11481]  ? __pfx___might_resched+0x10/0x10
[  655.501848][T11481]  should_fail_ex+0x424/0x570
[  655.501877][T11481]  should_failslab+0xac/0x100
[  655.501900][T11481]  kmem_cache_alloc_noprof+0x78/0x390
[  655.501919][T11481]  ? security_inode_alloc+0x37/0x310
[  655.501948][T11481]  security_inode_alloc+0x37/0x310
[  655.501978][T11481]  inode_init_always_gfp+0xa0f/0xd90
[  655.502002][T11481]  ? __pfx_sock_alloc_inode+0x10/0x10
[  655.502031][T11481]  alloc_inode+0xa3/0x1b0
[  655.502052][T11481]  __sock_create+0x127/0xa30
[  655.502091][T11481]  mptcp_subflow_create_socket+0x12d/0xd10
[  655.502120][T11481]  ? __lock_acquire+0xad5/0xd80
[  655.502144][T11481]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  655.502183][T11481]  __mptcp_subflow_connect+0x2d0/0x1e20
[  655.502214][T11481]  ? is_bpf_text_address+0x288/0x2a0
[  655.502233][T11481]  ? is_bpf_text_address+0x26/0x2a0
[  655.502254][T11481]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  655.502285][T11481]  ? __pfx___mptcp_subflow_connect+0x10/0x10
[  655.502327][T11481]  ? mptcp_pm_create_subflow_or_signal_addr+0xefb/0x1f20
[  655.502368][T11481]  mptcp_pm_create_subflow_or_signal_addr+0xf49/0x1f20
[  655.502417][T11481]  ? __pfx_mptcp_pm_create_subflow_or_signal_addr+0x10/0x10
[  655.502448][T11481]  ? __lock_acquire+0xad5/0xd80
[  655.502507][T11481]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  655.502537][T11481]  ? mptcp_pm_nl_add_addr_doit+0xe66/0x1540
[  655.502556][T11481]  ? mptcp_addresses_equal+0x38f/0x4d0
[  655.502592][T11481]  mptcp_pm_nl_add_addr_doit+0xf06/0x1540
[  655.502611][T11481]  ? genl_rcv+0x28/0x40
[  655.502628][T11481]  ? netlink_unicast+0x7f8/0x9a0
[  655.502648][T11481]  ? netlink_sendmsg+0x8c3/0xcd0
[  655.502687][T11481]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  655.502713][T11481]  ? __pfx___nla_validate_parse+0x10/0x10
[  655.502787][T11481]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  655.502820][T11481]  genl_rcv_msg+0xb38/0xf00
[  655.502851][T11481]  ? __pfx_genl_rcv_msg+0x10/0x10
[  655.502883][T11481]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  655.502903][T11481]  ? lockdep_hardirqs_on+0x9d/0x150
[  655.502944][T11481]  ? __lock_acquire+0xad5/0xd80
[  655.502964][T11481]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  655.503003][T11481]  netlink_rcv_skb+0x208/0x480
[  655.503032][T11481]  ? __pfx_genl_rcv_msg+0x10/0x10
[  655.503055][T11481]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  655.503108][T11481]  ? netlink_deliver_tap+0x2e/0x1b0
[  655.503143][T11481]  genl_rcv+0x28/0x40
[  655.503162][T11481]  netlink_unicast+0x7f8/0x9a0
[  655.503198][T11481]  ? __pfx_netlink_unicast+0x10/0x10
[  655.503225][T11481]  ? skb_put+0x114/0x1f0
[  655.503251][T11481]  netlink_sendmsg+0x8c3/0xcd0
[  655.503293][T11481]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.503338][T11481]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.503361][T11481]  __sock_sendmsg+0x221/0x270
[  655.503392][T11481]  ____sys_sendmsg+0x523/0x860
[  655.503420][T11481]  ? __pfx_____sys_sendmsg+0x10/0x10
[  655.503438][T11481]  ? __fget_files+0x2a/0x420
[  655.503463][T11481]  ? __fget_files+0x2a/0x420
[  655.503496][T11481]  __sys_sendmsg+0x271/0x360
[  655.503515][T11481]  ? preempt_schedule_irq+0xfe/0x1c0
[  655.503543][T11481]  ? __pfx___sys_sendmsg+0x10/0x10
[  655.503635][T11481]  ? trace_irq_enable+0x2c/0x120
[  655.503668][T11481]  do_syscall_64+0xf3/0x230
[  655.503691][T11481]  ? clear_bhb_loop+0x45/0xa0
[  655.503713][T11481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.503732][T11481] RIP: 0033:0x7f5b7d58e169
[  655.503751][T11481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.503767][T11481] RSP: 002b:00007f5b7e378038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  655.503789][T11481] RAX: ffffffffffffffda RBX: 00007f5b7d7b5fa0 RCX: 00007f5b7d58e169
[  655.503803][T11481] RDX: 0000000000000010 RSI: 0000200000000400 RDI: 0000000000000006
[  655.503815][T11481] RBP: 00007f5b7e378090 R08: 0000000000000000 R09: 0000000000000000
[  655.503827][T11481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.503838][T11481] R13: 0000000000000000 R14: 00007f5b7d7b5fa0 R15: 00007fffb3409db8
[  655.503872][T11481]  </TASK>
[  655.972985][T11481] socket: no more sockets
[  656.342563][ T5881] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  656.502648][ T5881] usb 3-1: Using ep0 maxpacket: 16
[  656.525371][ T5881] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  656.578766][ T5881] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  656.597076][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.611345][ T5881] usb 3-1: Product: syz
[  656.619907][ T5881] usb 3-1: Manufacturer: syz
[  656.628858][   T30] audit: type=1800 audit(1744799730.166:136): pid=11498 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1505" name="bus" dev="tmpfs" ino=1633 res=0 errno=0
[  656.667460][ T5881] usb 3-1: SerialNumber: syz
[  656.720789][ T5881] usb 3-1: config 0 descriptor??
[  656.789570][ T5881] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  657.485753][ T5880] usb 3-1: USB disconnect, device number 17
[  657.512328][ T1034] usb 3-1: Failed to submit usb control message: -71
[  657.553632][ T1034] usb 3-1: unable to send the bmi data to the device: -71
[  657.561104][ T1034] usb 3-1: unable to get target info from device
[  657.571397][ T1034] usb 3-1: could not get target info (-71)
[  657.580836][ T1034] usb 3-1: could not probe fw (-71)
[  657.613931][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  659.294445][   T30] audit: type=1800 audit(1744799732.826:137): pid=11544 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1514" name="bus" dev="tmpfs" ino=1774 res=0 errno=0
[  660.671207][T11560] netlink: 'syz.1.1523': attribute type 4 has an invalid length.
[  660.880457][T11563] syz.2.1522: attempt to access beyond end of device
[  660.880457][T11563] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  660.894324][T11563] MINIX-fs: unable to read superblock
[  661.453138][ T5954] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  661.456548][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  662.094160][T11578] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1524'.
[  663.363279][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  663.480191][T11588] 9pnet_fd: p9_fd_create_unix (11588): problem connecting socket: ./file0/file0: -2
[  663.848416][T11600] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1531'.
[  663.918857][   T30] audit: type=1800 audit(1744799737.456:138): pid=11604 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1532" name="bus" dev="tmpfs" ino=1791 res=0 errno=0
[  664.530616][T11618] libceph: resolve '0' (ret=-3): failed
[  664.750401][T11625] overlayfs: missing 'lowerdir'
[  664.822737][T11625] overlay: ./bus is not a directory
[  664.908667][ T5880] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  665.033962][T11629] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1541'.
[  665.045068][ T5880] usb 4-1: device descriptor read/64, error -71
[  665.765157][ T5880] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  665.907133][T11638] blktrace: Concurrent blktraces are not allowed on sg0
[  665.944922][ T5880] usb 4-1: device descriptor read/64, error -71
[  666.052685][ T5880] usb usb4-port1: attempt power cycle
[  666.371021][T11644] input: syz0 as /devices/virtual/input/input17
[  666.425142][ T5880] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  666.692639][ T5880] usb 4-1: device descriptor read/8, error -71
[  667.207184][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  667.207184][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  667.312785][ T5880] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  667.332083][   T10] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  667.390780][ T5880] usb 4-1: device descriptor read/8, error -71
[  667.507171][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  667.522301][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  667.528143][ T5880] usb usb4-port1: unable to enumerate USB device
[  667.715822][   T10] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  667.752108][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  667.789528][   T10] usb 3-1: SerialNumber: syz
[  667.874644][T11662] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1554'.
[  668.237911][T11665] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1553'.
[  669.304109][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  669.586523][T11674] overlayfs: missing 'workdir'
[  669.823560][T11676] FAULT_INJECTION: forcing a failure.
[  669.823560][T11676] name failslab, interval 1, probability 0, space 0, times 0
[  669.837379][T11676] CPU: 1 UID: 0 PID: 11676 Comm: syz.1.1556 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  669.837406][T11676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  669.837461][T11676] Call Trace:
[  669.837468][T11676]  <TASK>
[  669.837474][T11676]  dump_stack_lvl+0x241/0x360
[  669.837518][T11676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  669.837544][T11676]  ? __pfx__printk+0x10/0x10
[  669.837574][T11676]  ? __pfx___might_resched+0x10/0x10
[  669.837593][T11676]  should_fail_ex+0x424/0x570
[  669.837609][T11676]  should_failslab+0xac/0x100
[  669.837623][T11676]  __kmalloc_noprof+0xdf/0x4d0
[  669.837636][T11676]  ? iter_file_splice_write+0x2f5/0x1530
[  669.837654][T11676]  ? ovl_other_xattr_get+0x142/0x180
[  669.837681][T11676]  iter_file_splice_write+0x2f5/0x1530
[  669.837703][T11676]  ? rcu_is_watching+0x15/0xb0
[  669.837742][T11676]  ? __vfs_getxattr+0x433/0x470
[  669.837764][T11676]  ? __pfx_iter_file_splice_write+0x10/0x10
[  669.837788][T11676]  ? rcu_read_lock_any_held+0xbb/0x160
[  669.837811][T11676]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  669.837850][T11676]  backing_file_splice_write+0x35f/0x580
[  669.837889][T11676]  ovl_splice_write+0x495/0x610
[  669.837908][T11676]  ? __pfx_ovl_splice_write+0x10/0x10
[  669.837928][T11676]  ? __pfx_ovl_file_end_write+0x10/0x10
[  669.837943][T11676]  ? rcu_read_lock_any_held+0xbb/0x160
[  669.837982][T11676]  ? __pfx_ovl_splice_write+0x10/0x10
[  669.838004][T11676]  direct_splice_actor+0x11b/0x220
[  669.838089][T11676]  splice_direct_to_actor+0x595/0xc90
[  669.838107][T11676]  ? __lock_acquire+0xad5/0xd80
[  669.838146][T11676]  ? __pfx_direct_splice_actor+0x10/0x10
[  669.838169][T11676]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  669.838202][T11676]  do_splice_direct+0x281/0x3d0
[  669.838229][T11676]  ? __pfx_do_splice_direct+0x10/0x10
[  669.838248][T11676]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  669.838266][T11676]  ? rw_verify_area+0x246/0x630
[  669.838285][T11676]  do_sendfile+0x582/0x8c0
[  669.838313][T11676]  ? __pfx_do_sendfile+0x10/0x10
[  669.838352][T11676]  __se_sys_sendfile64+0x102/0x1e0
[  669.838377][T11676]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  669.838401][T11676]  ? do_syscall_64+0xb6/0x230
[  669.838419][T11676]  do_syscall_64+0xf3/0x230
[  669.838434][T11676]  ? clear_bhb_loop+0x45/0xa0
[  669.838492][T11676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  669.838511][T11676] RIP: 0033:0x7f7f8cb8e169
[  669.838530][T11676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  669.838546][T11676] RSP: 002b:00007f7f8da4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  669.838563][T11676] RAX: ffffffffffffffda RBX: 00007f7f8cdb5fa0 RCX: 00007f7f8cb8e169
[  669.838572][T11676] RDX: 0000200000000080 RSI: 0000000000000005 RDI: 0000000000000005
[  669.838580][T11676] RBP: 00007f7f8da4f090 R08: 0000000000000000 R09: 0000000000000000
[  669.838587][T11676] R10: 0000000000007f03 R11: 0000000000000246 R12: 0000000000000001
[  669.838594][T11676] R13: 0000000000000000 R14: 00007f7f8cdb5fa0 R15: 00007ffd762c64c8
[  669.838621][T11676]  </TASK>
[  670.224478][T11674] overlay: ./bus is not a directory
[  670.372087][   T10] usb 3-1: 0:2 : does not exist
[  670.504853][   T10] usb 3-1: USB disconnect, device number 18
[  670.613258][T11679] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  670.892350][T11466] udevd[11466]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  671.045108][   T49] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  671.256401][   T49] usb 5-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  671.326541][   T49] usb 5-1: config 0 interface 0 has no altsetting 0
[  671.490190][   T49] usb 5-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  671.638346][   T49] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.678821][   T49] usb 5-1: config 0 descriptor??
[  671.792183][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  671.854917][T11717] overlayfs: missing 'lowerdir'
[  672.498646][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  672.506951][    T9] usb 2-1: config 0 has no interface number 0
[  672.531249][    T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  672.553883][    T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  672.570532][    T9] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  672.588629][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  672.598459][T11717] overlay: ./bus is not a directory
[  672.609902][    T9] usb 2-1: config 0 descriptor??
[  672.754635][   T49] magicmouse 0003:05AC:0269.0008: item fetching failed at offset 0/7
[  672.791861][   T49] magicmouse 0003:05AC:0269.0008: magicmouse hid parse failed
[  672.800694][   T49] magicmouse 0003:05AC:0269.0008: probe with driver magicmouse failed with error -22
[  672.842720][    T9] usbhid 2-1:0.1: can't add hid device: -71
[  672.866364][    T9] usbhid 2-1:0.1: probe with driver usbhid failed with error -71
[  673.003136][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  673.019555][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  673.063897][    T9] usb 2-1: USB disconnect, device number 21
[  673.141014][T11694] loop4: detected capacity change from 0 to 7
[  673.174904][T11694] Dev loop4: unable to read RDB block 7
[  673.204426][T11694]  loop4: unable to read partition table
[  673.220371][T11694] loop4: partition table beyond EOD, truncated
[  673.236750][T11694] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[  673.406587][    T9] usb 5-1: USB disconnect, device number 33
[  674.560421][T11740] blktrace: Concurrent blktraces are not allowed on sg0
[  674.572931][T11739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1574'.
[  674.883207][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  677.016597][T11753] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1577'.
[  678.330509][T11765] xt_CT: You must specify a L4 protocol and not use inversions on it
[  678.871979][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  678.883942][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  679.427643][T11784] blktrace: Concurrent blktraces are not allowed on sg0
[  680.027406][T11780] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  681.583645][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  683.967611][   T30] audit: type=1800 audit(1744799757.486:139): pid=11824 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1596" name="bus" dev="tmpfs" ino=1682 res=0 errno=0
[  684.179965][T11832] blktrace: Concurrent blktraces are not allowed on sg0
[  684.482952][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  684.495043][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  685.642722][T11855] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1605'.
[  686.476274][T11865] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1606'.
[  686.961889][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  686.974409][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  687.067525][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  690.252701][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  690.253176][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  690.386879][T11907] tmpfs: Bad value for 'mpol'
[  692.789440][T11942] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  692.904271][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  693.841895][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  694.550166][T11957] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1631'.
[  694.647929][T11956] autofs: Bad value for 'fd'
[  695.540956][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  696.012728][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  696.876446][T11988] blktrace: Concurrent blktraces are not allowed on sg0
[  696.948838][T11990] ERROR: device name not specified.
[  697.514128][T12001] FAULT_INJECTION: forcing a failure.
[  697.514128][T12001] name failslab, interval 1, probability 0, space 0, times 0
[  697.657133][T12001] CPU: 0 UID: 0 PID: 12001 Comm: syz.1.1650 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  697.657166][T12001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  697.657179][T12001] Call Trace:
[  697.657188][T12001]  <TASK>
[  697.657197][T12001]  dump_stack_lvl+0x241/0x360
[  697.657233][T12001]  ? __pfx_dump_stack_lvl+0x10/0x10
[  697.657260][T12001]  ? __pfx__printk+0x10/0x10
[  697.657291][T12001]  ? __pfx___might_resched+0x10/0x10
[  697.657323][T12001]  should_fail_ex+0x424/0x570
[  697.657351][T12001]  should_failslab+0xac/0x100
[  697.657383][T12001]  __kmalloc_cache_noprof+0x73/0x370
[  697.657404][T12001]  ? tcp_sendmsg_fastopen+0x1d8/0x5d0
[  697.657427][T12001]  ? stack_trace_save+0x11a/0x1d0
[  697.657458][T12001]  tcp_sendmsg_fastopen+0x1d8/0x5d0
[  697.657491][T12001]  tcp_sendmsg_locked+0x4946/0x5030
[  697.657519][T12001]  ? lockdep_unlock+0x8d/0x120
[  697.657547][T12001]  ? validate_chain+0x8a7/0x24e0
[  697.657603][T12001]  ? __lock_acquire+0xad5/0xd80
[  697.657638][T12001]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  697.657667][T12001]  ? tcp_sendmsg+0x22/0x50
[  697.657689][T12001]  ? do_raw_spin_unlock+0x13c/0x8b0
[  697.657726][T12001]  tcp_sendmsg+0x30/0x50
[  697.657749][T12001]  __sock_sendmsg+0x1a6/0x270
[  697.657781][T12001]  sock_write_iter+0x2d9/0x3f0
[  697.657810][T12001]  ? __pfx_sock_write_iter+0x10/0x10
[  697.657847][T12001]  ? io_rw_init_file+0x7ab/0xae0
[  697.657869][T12001]  ? bpf_lsm_file_permission+0x9/0x10
[  697.657892][T12001]  ? rw_verify_area+0x246/0x630
[  697.657918][T12001]  ? __pfx_sock_write_iter+0x10/0x10
[  697.657944][T12001]  io_write+0xb19/0x1720
[  697.657980][T12001]  ? __pfx_io_write+0x10/0x10
[  697.658014][T12001]  __io_issue_sqe+0x1c9/0x3a0
[  697.658039][T12001]  io_issue_sqe+0x1cb/0xe90
[  697.658063][T12001]  ? __pfx_io_prep_rwv+0x10/0x10
[  697.658084][T12001]  ? __pfx_io_issue_sqe+0x10/0x10
[  697.658107][T12001]  ? __asan_memset+0x23/0x50
[  697.658138][T12001]  io_submit_sqes+0xa85/0x1ce0
[  697.658203][T12001]  __se_sys_io_uring_enter+0x2cd/0x3560
[  697.658234][T12001]  ? rcu_read_lock_any_held+0xbb/0x160
[  697.658259][T12001]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  697.658288][T12001]  ? vfs_write+0xb29/0xd10
[  697.658327][T12001]  ? ksys_write+0x24e/0x2d0
[  697.658383][T12001]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  697.658414][T12001]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  697.658439][T12001]  ? __fget_files+0x2a/0x420
[  697.658467][T12001]  ? __fget_files+0x2a/0x420
[  697.658497][T12001]  ? fput+0x9b/0xd0
[  697.658519][T12001]  ? ksys_write+0x275/0x2d0
[  697.658560][T12001]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  697.658585][T12001]  do_syscall_64+0xf3/0x230
[  697.658611][T12001]  ? clear_bhb_loop+0x45/0xa0
[  697.658635][T12001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.658654][T12001] RIP: 0033:0x7f7f8cb8e169
[  697.658673][T12001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  697.658690][T12001] RSP: 002b:00007f7f8da4f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  697.658715][T12001] RAX: ffffffffffffffda RBX: 00007f7f8cdb5fa0 RCX: 00007f7f8cb8e169
[  697.658730][T12001] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000004
[  697.658743][T12001] RBP: 00007f7f8da4f090 R08: 0000000000000000 R09: 0000000000000000
[  697.658756][T12001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  697.658768][T12001] R13: 0000000000000000 R14: 00007f7f8cdb5fa0 R15: 00007ffd762c64c8
[  697.658802][T12001]  </TASK>
[  698.007230][    C0] vkms_vblank_simulate: vblank timer overrun
[  699.084038][T12009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1653'.
[  699.098380][T12009] netlink: 'syz.0.1653': attribute type 1 has an invalid length.
[  699.203065][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  699.691634][T12018] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1654'.
[  699.914051][T12024] blktrace: Concurrent blktraces are not allowed on sg0
[  700.045573][T12026] vlan2: entered allmulticast mode
[  700.050802][T12026] bond0: entered allmulticast mode
[  700.061924][T12026] bond_slave_1: entered allmulticast mode
[  700.070536][T12026] bridge0: port 1(vlan2) entered blocking state
[  700.080986][T12026] bridge0: port 1(vlan2) entered disabled state
[  700.096963][T12027] netlink: 'syz.3.1659': attribute type 4 has an invalid length.
[  700.099953][T12026] vlan2: entered promiscuous mode
[  700.113539][T12026] bond0: entered promiscuous mode
[  700.118676][T12026] bond_slave_1: entered promiscuous mode
[  700.809504][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  701.663668][T12048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1664'.
[  701.674204][T12048] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1664'.
[  701.763759][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  702.139684][T12056] FAULT_INJECTION: forcing a failure.
[  702.139684][T12056] name failslab, interval 1, probability 0, space 0, times 0
[  702.192806][T12056] CPU: 0 UID: 0 PID: 12056 Comm: syz.1.1666 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  702.192839][T12056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  702.192851][T12056] Call Trace:
[  702.192858][T12056]  <TASK>
[  702.192866][T12056]  dump_stack_lvl+0x241/0x360
[  702.192899][T12056]  ? __pfx_dump_stack_lvl+0x10/0x10
[  702.192925][T12056]  ? __pfx__printk+0x10/0x10
[  702.192956][T12056]  ? __pfx___might_resched+0x10/0x10
[  702.192984][T12056]  should_fail_ex+0x424/0x570
[  702.193012][T12056]  should_failslab+0xac/0x100
[  702.193037][T12056]  __kmalloc_noprof+0xdf/0x4d0
[  702.193056][T12056]  ? tomoyo_encode+0x26f/0x540
[  702.193081][T12056]  tomoyo_encode+0x26f/0x540
[  702.193108][T12056]  tomoyo_realpath_from_path+0x59e/0x5e0
[  702.193142][T12056]  tomoyo_path_number_perm+0x245/0x790
[  702.193174][T12056]  ? tomoyo_path_number_perm+0x215/0x790
[  702.193203][T12056]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  702.193230][T12056]  ? sb_end_write+0xe9/0x1c0
[  702.193251][T12056]  ? vfs_write+0xb29/0xd10
[  702.193325][T12056]  ? ksys_write+0x266/0x2d0
[  702.193359][T12056]  security_file_ioctl+0xc6/0x2a0
[  702.193387][T12056]  __se_sys_ioctl+0x46/0x160
[  702.193417][T12056]  do_syscall_64+0xf3/0x230
[  702.193441][T12056]  ? clear_bhb_loop+0x45/0xa0
[  702.193463][T12056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.193481][T12056] RIP: 0033:0x7f7f8cb8e169
[  702.193499][T12056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.193516][T12056] RSP: 002b:00007f7f8da4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  702.193539][T12056] RAX: ffffffffffffffda RBX: 00007f7f8cdb5fa0 RCX: 00007f7f8cb8e169
[  702.193553][T12056] RDX: 0000200000001340 RSI: 0000000000003b85 RDI: 0000000000000003
[  702.193566][T12056] RBP: 00007f7f8da4f090 R08: 0000000000000000 R09: 0000000000000000
[  702.193577][T12056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  702.193589][T12056] R13: 0000000000000000 R14: 00007f7f8cdb5fa0 R15: 00007ffd762c64c8
[  702.193621][T12056]  </TASK>
[  702.193641][T12056] ERROR: Out of memory at tomoyo_realpath_from_path.
[  702.588883][T12061] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1667'.
[  704.806859][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  706.247971][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  706.603769][T12083] loop2: detected capacity change from 0 to 7
[  706.631196][T12083] Dev loop2: unable to read RDB block 7
[  706.646410][T12083]  loop2: unable to read partition table
[  706.660920][T12083] loop2: partition table beyond EOD, truncated
[  706.681396][T12083] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  706.802728][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  708.092122][ T5200] Dev loop2: unable to read RDB block 7
[  708.097831][ T5200]  loop2: unable to read partition table
[  708.123007][ T5200] loop2: partition table beyond EOD, truncated
[  708.430019][ T5200] Dev loop2: unable to read RDB block 7
[  708.449308][ T5200]  loop2: unable to read partition table
[  708.482585][ T5200] loop2: partition table beyond EOD, truncated
[  709.366046][T12110] blktrace: Concurrent blktraces are not allowed on sg0
[  709.599577][ T5200] Dev loop2: unable to read RDB block 7
[  709.609645][ T5200]  loop2: unable to read partition table
[  709.632076][ T5200] loop2: partition table beyond EOD, truncated
[  710.014041][T12123] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1686'.
[  710.103813][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  711.310382][T12129] loop2: detected capacity change from 0 to 7
[  711.323674][T12129] Dev loop2: unable to read RDB block 7
[  711.329588][T12129]  loop2: AHDI p1 p2 p3
[  711.350376][T12129] loop2: partition table partially beyond EOD, truncated
[  711.362339][T12129] loop2: p1 start 1601398130 is beyond EOD, truncated
[  711.369462][T12129] loop2: p2 start 1702059890 is beyond EOD, truncated
[  711.392205][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  711.642215][   T49] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  711.656972][T12134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1689'.
[  711.885716][   T49] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  711.910509][   T49] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  711.940078][   T49] usb 4-1: Product: syz
[  711.965109][   T49] usb 4-1: Manufacturer: syz
[  711.969899][   T49] usb 4-1: SerialNumber: syz
[  711.985843][T12141] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1693'.
[  711.995610][   T49] usb 4-1: config 0 descriptor??
[  712.007890][    T9] kernel write not supported for file /input/mouse0 (pid: 9 comm: kworker/0:0)
[  712.020213][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  712.162055][    T9] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[  712.343995][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  712.382622][    T9] usb 5-1: New USB device found, idVendor=0c70, idProduct=f00b, bcdDevice= 0.00
[  712.424792][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.476728][    T9] usb 5-1: config 0 descriptor??
[  712.898656][T12139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  712.922540][T12139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  712.975762][    T9] aquacomputer_d5next 0003:0C70:F00B.0009: hidraw0: USB HID v1.01 Device [HID 0c70:f00b] on usb-dummy_hcd.4-1/input0
[  713.125028][   T49] usb 4-1: Firmware version (0.0) predates our first public release.
[  713.139907][   T49] usb 4-1: Please update to version 0.2 or newer
[  713.197161][T12150] netlink: 368 bytes leftover after parsing attributes in process `syz.1.1695'.
[  713.207180][T12150] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1695'.
[  713.266204][    T9] usb 5-1: USB disconnect, device number 34
[  713.268715][   T49] usb 4-1: USB disconnect, device number 25
[  715.554957][T12172] x_tables: ip_tables: ah match: only valid for protocol 51
[  717.123837][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  719.227897][T12212] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1713'.
[  719.690817][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  722.744294][T12250] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1726'.
[  722.929213][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  723.074941][T12249] No buffer was provided with the request
[  723.704148][T12258] ip6erspan0: entered promiscuous mode
[  725.442809][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  725.652077][T12286] netlink: 'syz.2.1736': attribute type 3 has an invalid length.
[  725.668297][T12286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1736'.
[  725.680742][T12288] FAULT_INJECTION: forcing a failure.
[  725.680742][T12288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  725.696269][T12286] netlink: 'syz.2.1736': attribute type 3 has an invalid length.
[  725.706540][T12288] CPU: 0 UID: 0 PID: 12288 Comm: syz.0.1737 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  725.706569][T12288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  725.706581][T12288] Call Trace:
[  725.706590][T12288]  <TASK>
[  725.706598][T12288]  dump_stack_lvl+0x241/0x360
[  725.706634][T12288]  ? __pfx_dump_stack_lvl+0x10/0x10
[  725.706660][T12288]  ? __pfx__printk+0x10/0x10
[  725.706698][T12288]  should_fail_ex+0x424/0x570
[  725.706726][T12288]  _copy_to_user+0x31/0xb0
[  725.706757][T12288]  simple_read_from_buffer+0xc4/0x170
[  725.706784][T12288]  proc_fail_nth_read+0x1ef/0x260
[  725.706825][T12288]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  725.706854][T12288]  ? rw_verify_area+0x246/0x630
[  725.706878][T12288]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  725.706904][T12288]  vfs_read+0x21f/0xb90
[  725.706935][T12288]  ? __pfx___mutex_lock+0x10/0x10
[  725.706961][T12288]  ? __pfx_vfs_read+0x10/0x10
[  725.706991][T12288]  ? __fget_files+0x2a/0x420
[  725.707015][T12288]  ? __fget_files+0x39d/0x420
[  725.707036][T12288]  ? __fget_files+0x2a/0x420
[  725.707068][T12288]  ksys_read+0x19d/0x2d0
[  725.707096][T12288]  ? __pfx_ksys_read+0x10/0x10
[  725.707130][T12288]  ? do_syscall_64+0xb6/0x230
[  725.707157][T12288]  do_syscall_64+0xf3/0x230
[  725.707181][T12288]  ? clear_bhb_loop+0x45/0xa0
[  725.707204][T12288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.707222][T12288] RIP: 0033:0x7f5b7d58cb7c
[  725.707241][T12288] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  725.707257][T12288] RSP: 002b:00007f5b7e378030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  725.707279][T12288] RAX: ffffffffffffffda RBX: 00007f5b7d7b5fa0 RCX: 00007f5b7d58cb7c
[  725.707294][T12288] RDX: 000000000000000f RSI: 00007f5b7e3780a0 RDI: 0000000000000004
[  725.707306][T12288] RBP: 00007f5b7e378090 R08: 0000000000000000 R09: 0000000000000000
[  725.707318][T12288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  725.707329][T12288] R13: 0000000000000000 R14: 00007f5b7d7b5fa0 R15: 00007fffb3409db8
[  725.707363][T12288]  </TASK>
[  725.926368][T12286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1736'.
[  726.303489][T12291] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1738'.
[  727.422087][T12305] FAULT_INJECTION: forcing a failure.
[  727.422087][T12305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  727.435600][T12305] CPU: 0 UID: 0 PID: 12305 Comm: syz.0.1742 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  727.435629][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  727.435641][T12305] Call Trace:
[  727.435650][T12305]  <TASK>
[  727.435659][T12305]  dump_stack_lvl+0x241/0x360
[  727.435692][T12305]  ? __pfx_dump_stack_lvl+0x10/0x10
[  727.435719][T12305]  ? __pfx__printk+0x10/0x10
[  727.435760][T12305]  should_fail_ex+0x424/0x570
[  727.435799][T12305]  _copy_from_user+0x2d/0xb0
[  727.435827][T12305]  __sys_bpf+0x1c5/0x8b0
[  727.435850][T12305]  ? __pfx___sys_bpf+0x10/0x10
[  727.435883][T12305]  ? ksys_write+0x275/0x2d0
[  727.435926][T12305]  __x64_sys_bpf+0x7c/0x90
[  727.435953][T12305]  do_syscall_64+0xf3/0x230
[  727.435978][T12305]  ? clear_bhb_loop+0x45/0xa0
[  727.436002][T12305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.436021][T12305] RIP: 0033:0x7f5b7d58e169
[  727.436039][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.436055][T12305] RSP: 002b:00007f5b7e336038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  727.436081][T12305] RAX: ffffffffffffffda RBX: 00007f5b7d7b6160 RCX: 00007f5b7d58e169
[  727.436105][T12305] RDX: 0000000000000038 RSI: 0000200000000180 RDI: 0000000000000019
[  727.436119][T12305] RBP: 00007f5b7e336090 R08: 0000000000000000 R09: 0000000000000000
[  727.436132][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  727.436144][T12305] R13: 0000000000000001 R14: 00007f5b7d7b6160 R15: 00007fffb3409db8
[  727.436176][T12305]  </TASK>
[  728.274574][   T30] audit: type=1800 audit(1744802361.813:140): pid=12315 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1745" name="bus" dev="tmpfs" ino=1872 res=0 errno=0
[  728.423388][   T30] audit: type=1800 audit(1744802361.963:141): pid=12317 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1744" name="bus" dev="tmpfs" ino=1998 res=0 errno=0
[  728.644251][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  729.195728][T12330] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1748'.
[  729.498949][T12332] Cannot find del_set index 4 as target
[  731.205023][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  731.222117][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  731.577464][T12335] delete_channel: no stack
[  732.912200][   T30] audit: type=1800 audit(1744802366.443:142): pid=12355 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1756" name="bus" dev="tmpfs" ino=1890 res=0 errno=0
[  733.063522][T12362] netlink: 'syz.4.1758': attribute type 4 has an invalid length.
[  733.141865][    T9] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  733.251395][T12363] netlink: 'syz.4.1758': attribute type 4 has an invalid length.
[  733.294821][T12363] netlink: 'syz.4.1758': attribute type 4 has an invalid length.
[  733.325039][T12368] netlink: 'syz.0.1760': attribute type 3 has an invalid length.
[  733.343010][    T9] usb 4-1: Using ep0 maxpacket: 8
[  733.355779][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  733.369010][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  733.371160][T12371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1761'.
[  733.400697][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  733.417681][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  733.436258][T12371] batadv0: entered promiscuous mode
[  733.443540][T12373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1761'.
[  733.461926][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  733.462377][T12371] macvtap1: entered promiscuous mode
[  733.477718][T12371] macvtap1: entered allmulticast mode
[  733.483884][T12371] batadv0: entered allmulticast mode
[  733.491002][T12371] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  733.491061][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.532571][T12373] batadv0: left allmulticast mode
[  733.559818][T12373] batadv0: left promiscuous mode
[  733.843577][T12360] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1757'.
[  734.141786][    T9] usb 4-1: usb_control_msg returned -32
[  734.248785][    T9] usbtmc 4-1:16.0: can't read capabilities
[  734.337019][    T9] usb 4-1: USB disconnect, device number 26
[  734.402591][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  735.568667][T12409] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1770'.
[  735.780670][ T5842] Bluetooth: hci2: unexpected event for opcode 0x6504
[  735.864879][   T10] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  736.311794][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  736.331448][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  736.357709][   T10] usb 3-1: New USB device found, idVendor=054c, idProduct=1000, bcdDevice= 0.00
[  736.393343][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.573712][   T10] usb 3-1: config 0 descriptor??
[  736.814842][T12408] 8021q: VLANs not supported on caif0
[  737.105001][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  737.126742][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  737.190066][T12432] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1774'.
[  738.443108][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  738.463875][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  738.524156][   T10] usb 3-1: USB disconnect, device number 19
[  739.806238][T12452] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1781'.
[  739.853820][ T5842] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  739.863969][ T5842] Bluetooth: hci2: Injecting HCI hardware error event
[  739.875289][T10399] Bluetooth: hci2: hardware error 0x00
[  740.262914][   T30] audit: type=1800 audit(1744802373.793:143): pid=12461 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1783" name="bus" dev="tmpfs" ino=1933 res=0 errno=0
[  740.335842][T12458] syz.3.1777: attempt to access beyond end of device
[  740.335842][T12458] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[  740.400239][T12458] MINIX-fs: unable to read superblock
[  741.992556][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  742.002214][T10399] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  742.573908][    T9] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  742.587962][    T9] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  742.608700][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  742.627543][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  742.660823][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  742.700936][    T9] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  742.716412][    T9] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  742.729851][    T9] usb 2-1: Product: syz
[  742.740879][    T9] usb 2-1: Manufacturer: syz
[  742.773223][    T9] cdc_wdm 2-1:1.0: skipping garbage
[  742.779265][    T9] cdc_wdm 2-1:1.0: skipping garbage
[  742.826233][    T9] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  742.837791][    T9] cdc_wdm 2-1:1.0: Unknown control protocol
[  743.071989][   T10] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  743.360896][    T9] usb 2-1: USB disconnect, device number 22
[  743.409362][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  743.409471][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  743.541898][   T10] usb 3-1: Using ep0 maxpacket: 16
[  743.579082][   T10] usb 3-1: config 0 has an invalid interface number: 15 but max is 0
[  743.599875][   T10] usb 3-1: config 0 has no interface number 0
[  743.625184][   T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=e7da, bcdDevice=4b.a9
[  743.635729][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.644111][   T10] usb 3-1: Product: syz
[  743.648479][   T10] usb 3-1: Manufacturer: syz
[  743.653282][   T10] usb 3-1: SerialNumber: syz
[  743.667330][   T10] usb 3-1: config 0 descriptor??
[  743.722588][T12489] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1792'.
[  744.271940][ T5881] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  744.279512][   T30] audit: type=1800 audit(1744802377.813:144): pid=12501 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1795" name="bus" dev="tmpfs" ino=1954 res=0 errno=0
[  744.426052][ T5881] usb 5-1: Using ep0 maxpacket: 16
[  744.447035][ T5881] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  744.468740][ T5881] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  744.478795][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.494347][ T5881] usb 5-1: Product: syz
[  744.498741][ T5881] usb 5-1: Manufacturer: syz
[  744.507630][ T5881] usb 5-1: SerialNumber: syz
[  744.562633][   T49] usb 4-1: new full-speed USB device number 27 using dummy_hcd
[  744.615659][   T10] ipheth 3-1:0.15: Unable to find alternate settings interface
[  744.727217][   T10] usb 3-1: USB disconnect, device number 20
[  744.733827][ T5881] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  744.742077][   T49] usb 4-1: device descriptor read/64, error -71
[  744.760461][ T5881] cdc_ncm 5-1:1.0: bind() failure
[  744.790880][ T5881] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  744.808227][ T5881] cdc_ncm 5-1:1.1: bind() failure
[  744.824596][ T5881] usb 5-1: USB disconnect, device number 35
[  744.982244][   T49] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  745.122400][   T49] usb 4-1: device descriptor read/64, error -71
[  745.238977][   T49] usb usb4-port1: attempt power cycle
[  746.312648][   T49] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  746.976998][   T49] usb 4-1: device descriptor read/8, error -71
[  746.997727][T12523] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1802'.
[  747.850821][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  747.860966][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  748.441792][   T30] audit: type=1800 audit(1744802381.923:145): pid=12542 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1807" name="bus" dev="tmpfs" ino=1976 res=0 errno=0
[  748.694553][T12546] syz.4.1803: attempt to access beyond end of device
[  748.694553][T12546] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[  748.732335][T12546] MINIX-fs: unable to read superblock
[  748.927948][T12554] syz.2.1810 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  749.021888][ T5882] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  749.125168][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  749.139818][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  749.189041][ T5882] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  749.193880][T12557] delete_channel: no stack
[  749.229855][ T5882] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  749.265399][ T5882] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  749.276211][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  749.291384][ T5882] usb 4-1: SerialNumber: syz
[  749.904627][ T5882] usb 4-1: 0:2 : does not exist
[  749.946292][ T5882] usb 4-1: USB disconnect, device number 31
[  750.183399][T11466] udevd[11466]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  751.066543][T12574] FAULT_INJECTION: forcing a failure.
[  751.066543][T12574] name failslab, interval 1, probability 0, space 0, times 0
[  751.085909][T12574] CPU: 0 UID: 0 PID: 12574 Comm: syz.4.1818 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  751.085945][T12574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  751.085957][T12574] Call Trace:
[  751.085965][T12574]  <TASK>
[  751.085983][T12574]  dump_stack_lvl+0x241/0x360
[  751.086020][T12574]  ? __pfx_dump_stack_lvl+0x10/0x10
[  751.086044][T12574]  ? __pfx__printk+0x10/0x10
[  751.086074][T12574]  ? __pfx___might_resched+0x10/0x10
[  751.086100][T12574]  should_fail_ex+0x424/0x570
[  751.086126][T12574]  should_failslab+0xac/0x100
[  751.086148][T12574]  kmem_cache_alloc_noprof+0x78/0x390
[  751.086166][T12574]  ? __kernfs_new_node+0xdf/0x890
[  751.086197][T12574]  __kernfs_new_node+0xdf/0x890
[  751.086223][T12574]  ? __lock_acquire+0xad5/0xd80
[  751.086247][T12574]  ? __pfx___kernfs_new_node+0x10/0x10
[  751.086284][T12574]  ? kernfs_root+0x1c/0x230
[  751.086310][T12574]  ? kernfs_root+0x1c/0x230
[  751.086337][T12574]  kernfs_new_node+0x114/0x220
[  751.086368][T12574]  kernfs_create_dir_ns+0x43/0x120
[  751.086398][T12574]  sysfs_create_dir_ns+0x1a2/0x3f0
[  751.086427][T12574]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  751.086462][T12574]  kobject_add_internal+0x435/0x8d0
[  751.086500][T12574]  kobject_add+0x15b/0x230
[  751.086523][T12574]  ? __pfx_kobject_add+0x10/0x10
[  751.086548][T12574]  ? kobject_put+0x43d/0x480
[  751.086573][T12574]  ? __pfx_kobject_add+0x10/0x10
[  751.086600][T12574]  ? kobject_init+0x83/0x1f0
[  751.086628][T12574]  ? get_device_parent+0x3dd/0x410
[  751.086657][T12574]  device_add+0x4e5/0xbf0
[  751.086683][T12574]  ? device_initialize+0x266/0x460
[  751.086707][T12574]  wakeup_source_sysfs_add+0x1aa/0x270
[  751.086735][T12574]  wakeup_source_register+0x171/0x250
[  751.086762][T12574]  ep_insert+0xe61/0x1ac0
[  751.086799][T12574]  ? __pfx_ep_insert+0x10/0x10
[  751.086835][T12574]  ? bpf_lsm_capable+0x9/0x10
[  751.086867][T12574]  do_epoll_ctl+0x8bc/0xf70
[  751.086899][T12574]  __x64_sys_epoll_ctl+0x163/0x1a0
[  751.086924][T12574]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  751.086951][T12574]  ? do_syscall_64+0xb6/0x230
[  751.086987][T12574]  do_syscall_64+0xf3/0x230
[  751.087012][T12574]  ? clear_bhb_loop+0x45/0xa0
[  751.087036][T12574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.087054][T12574] RIP: 0033:0x7f37d5b8e169
[  751.087074][T12574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.087089][T12574] RSP: 002b:00007f37d6ade038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  751.087111][T12574] RAX: ffffffffffffffda RBX: 00007f37d5db5fa0 RCX: 00007f37d5b8e169
[  751.087125][T12574] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000003
[  751.087136][T12574] RBP: 00007f37d6ade090 R08: 0000000000000000 R09: 0000000000000000
[  751.087147][T12574] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000002
[  751.087160][T12574] R13: 0000000000000000 R14: 00007f37d5db5fa0 R15: 00007ffc3e095858
[  751.087194][T12574]  </TASK>
[  751.412273][T12574] kobject: kobject_add_internal failed for wakeup12 (error: -12 parent: wakeup)
[  753.622260][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  753.952219][ T5881] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  754.057765][T12611] tipc: Enabled bearer <eth:batadv0>, priority 10
[  754.166159][ T5881] usb 3-1: unable to get BOS descriptor or descriptor too short
[  754.177367][ T5881] usb 3-1: config 6 has an invalid interface number: 156 but max is 0
[  754.187804][ T5881] usb 3-1: config 6 has no interface number 0
[  754.201059][ T5881] usb 3-1: config 6 interface 156 has no altsetting 0
[  754.215986][ T5881] usb 3-1: New USB device found, idVendor=d37e, idProduct=8dcd, bcdDevice=e9.99
[  754.228101][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.252428][ T5881] usb 3-1: Product: syz
[  754.260509][ T5881] usb 3-1: Manufacturer: syz
[  754.265814][ T5881] usb 3-1: SerialNumber: syz
[  754.486879][ T5881] usb-storage 3-1:6.156: USB Mass Storage device detected
[  754.576735][ T5881] usb 3-1: USB disconnect, device number 21
[  754.885620][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  754.900709][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  756.077211][T12643] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1838'.
[  756.152777][T12646] FAULT_INJECTION: forcing a failure.
[  756.152777][T12646] name failslab, interval 1, probability 0, space 0, times 0
[  756.381560][T12646] CPU: 0 UID: 0 PID: 12646 Comm: syz.2.1838 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  756.381595][T12646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  756.381607][T12646] Call Trace:
[  756.381615][T12646]  <TASK>
[  756.381624][T12646]  dump_stack_lvl+0x241/0x360
[  756.381658][T12646]  ? __pfx_dump_stack_lvl+0x10/0x10
[  756.381683][T12646]  ? __pfx__printk+0x10/0x10
[  756.381706][T12646]  ? __lock_acquire+0xad5/0xd80
[  756.381737][T12646]  should_fail_ex+0x424/0x570
[  756.381768][T12646]  should_failslab+0xac/0x100
[  756.381789][T12646]  kmem_cache_alloc_noprof+0x78/0x390
[  756.381807][T12646]  ? skb_clone+0x20c/0x390
[  756.381833][T12646]  skb_clone+0x20c/0x390
[  756.381858][T12646]  __netlink_deliver_tap+0x3c4/0x7f0
[  756.381897][T12646]  ? netlink_deliver_tap+0x2e/0x1b0
[  756.381921][T12646]  netlink_deliver_tap+0x19d/0x1b0
[  756.381948][T12646]  netlink_unicast+0x7c6/0x9a0
[  756.381982][T12646]  ? __pfx_netlink_unicast+0x10/0x10
[  756.382004][T12646]  ? smack_socket_getpeersec_dgram+0x220/0x410
[  756.382035][T12646]  ? skb_put+0x114/0x1f0
[  756.382058][T12646]  netlink_sendmsg+0x8c3/0xcd0
[  756.382100][T12646]  ? __pfx_netlink_sendmsg+0x10/0x10
[  756.382133][T12646]  ? ____sys_sendmsg+0x51/0x860
[  756.382160][T12646]  ? __pfx_netlink_sendmsg+0x10/0x10
[  756.382184][T12646]  __sock_sendmsg+0x221/0x270
[  756.382212][T12646]  ____sys_sendmsg+0x523/0x860
[  756.382244][T12646]  ? __pfx_____sys_sendmsg+0x10/0x10
[  756.382264][T12646]  ? __fget_files+0x2a/0x420
[  756.382291][T12646]  ? __fget_files+0x2a/0x420
[  756.382324][T12646]  __sys_sendmsg+0x271/0x360
[  756.382353][T12646]  ? __pfx___sys_sendmsg+0x10/0x10
[  756.382460][T12646]  do_syscall_64+0xf3/0x230
[  756.382487][T12646]  ? clear_bhb_loop+0x45/0xa0
[  756.382511][T12646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.382530][T12646] RIP: 0033:0x7f6d7918e169
[  756.382549][T12646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.382565][T12646] RSP: 002b:00007f6d79fb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  756.382589][T12646] RAX: ffffffffffffffda RBX: 00007f6d793b6080 RCX: 00007f6d7918e169
[  756.382603][T12646] RDX: 00000000000048c0 RSI: 0000200000000000 RDI: 0000000000000003
[  756.382616][T12646] RBP: 00007f6d79fb8090 R08: 0000000000000000 R09: 0000000000000000
[  756.382629][T12646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.382641][T12646] R13: 0000000000000000 R14: 00007f6d793b6080 R15: 00007ffc61c3a7d8
[  756.382675][T12646]  </TASK>
[  757.120413][T12657] syzkaller0: entered promiscuous mode
[  757.152129][T12657] syzkaller0: entered allmulticast mode
[  757.182160][ T5882] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  757.365784][ T5882] usb 3-1: Using ep0 maxpacket: 32
[  757.652315][ T5882] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  757.661399][ T5882] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  757.689497][ T5882] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  757.702012][ T5882] usb 3-1: config 1 has no interface number 0
[  757.708180][ T5882] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  757.725390][ T5882] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  757.745067][ T5882] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  757.754778][ T5882] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.822634][ T5882] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  758.012973][T12650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  758.022368][T12650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  758.062949][ T5882] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  758.105655][   T10] hid-generic 0000:0003:0000.000A: unknown main item tag 0x0
[  758.135759][   T10] hid-generic 0000:0003:0000.000A: unknown main item tag 0x0
[  758.371107][   T10] hid-generic 0000:0003:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  758.917755][T12671] befs: (nullb0): invalid magic header
[  759.216225][ T5882] snd_usb_pod 3-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  759.233541][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  760.037716][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  760.105780][   T49] usb 3-1: USB disconnect, device number 22
[  760.124166][   T49] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  760.398711][T12681] macsec1: entered allmulticast mode
[  760.404270][T12681] macvlan0: entered allmulticast mode
[  760.409744][T12681] veth1_vlan: entered allmulticast mode
[  760.564239][T12681] macvlan0: left allmulticast mode
[  760.569687][T12681] veth1_vlan: left allmulticast mode
[  761.066728][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  761.435204][T12693] FAULT_INJECTION: forcing a failure.
[  761.435204][T12693] name failslab, interval 1, probability 0, space 0, times 0
[  761.461255][T12693] CPU: 0 UID: 0 PID: 12693 Comm: syz.3.1853 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  761.461287][T12693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  761.461299][T12693] Call Trace:
[  761.461307][T12693]  <TASK>
[  761.461323][T12693]  dump_stack_lvl+0x241/0x360
[  761.461358][T12693]  ? __pfx_dump_stack_lvl+0x10/0x10
[  761.461383][T12693]  ? __pfx__printk+0x10/0x10
[  761.461414][T12693]  ? __pfx___might_resched+0x10/0x10
[  761.461440][T12693]  should_fail_ex+0x424/0x570
[  761.461473][T12693]  should_failslab+0xac/0x100
[  761.461495][T12693]  __kvmalloc_node_noprof+0x170/0x5a0
[  761.461517][T12693]  ? nf_hook_entries_grow+0x290/0x740
[  761.461541][T12693]  ? trace_contention_end+0x3c/0x120
[  761.461568][T12693]  nf_hook_entries_grow+0x290/0x740
[  761.461606][T12693]  __nf_register_net_hook+0x278/0x8e0
[  761.461646][T12693]  nf_register_net_hook+0xb0/0x190
[  761.461671][T12693]  nf_register_net_hooks+0x41/0x1a0
[  761.461709][T12693]  nf_defrag_ipv4_enable+0x85/0x110
[  761.461734][T12693]  nf_ct_netns_do_get+0x181/0x680
[  761.461760][T12693]  ? __lock_acquire+0xad5/0xd80
[  761.461778][T12693]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  761.461804][T12693]  ? __mutex_trylock_common+0x184/0x2e0
[  761.461839][T12693]  xt_ct_tg_check+0x125/0xc40
[  761.461876][T12693]  ? __pfx_xt_ct_tg_check+0x10/0x10
[  761.461907][T12693]  ? __mutex_unlock_slowpath+0x229/0x800
[  761.461935][T12693]  xt_check_target+0x3bd/0xa40
[  761.461971][T12693]  ? __pfx_xt_check_target+0x10/0x10
[  761.462015][T12693]  ? xt_find_target+0x1e1/0x240
[  761.462053][T12693]  translate_table+0x1a07/0x2390
[  761.462075][T12693]  ? do_syscall_64+0xf3/0x230
[  761.462095][T12693]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.462147][T12693]  ? __pfx_translate_table+0x10/0x10
[  761.462201][T12693]  ? copy_from_sockptr_offset+0x60/0xb0
[  761.462230][T12693]  do_ipt_set_ctl+0xe44/0x1260
[  761.462262][T12693]  ? __pfx___mutex_trylock_common+0x10/0x10
[  761.462287][T12693]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  761.462329][T12693]  ? __mutex_unlock_slowpath+0x229/0x800
[  761.462364][T12693]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  761.462397][T12693]  ? ksys_write+0x24e/0x2d0
[  761.462433][T12693]  nf_setsockopt+0x295/0x2c0
[  761.462468][T12693]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  761.462494][T12693]  do_sock_setsockopt+0x3b1/0x710
[  761.462523][T12693]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  761.462541][T12693]  ? __fget_files+0x2a/0x420
[  761.462567][T12693]  ? __fget_files+0x39d/0x420
[  761.462586][T12693]  ? __fget_files+0x2a/0x420
[  761.462615][T12693]  __x64_sys_setsockopt+0x1ee/0x280
[  761.462644][T12693]  do_syscall_64+0xf3/0x230
[  761.462667][T12693]  ? clear_bhb_loop+0x45/0xa0
[  761.462698][T12693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.462715][T12693] RIP: 0033:0x7fb96698e169
[  761.462733][T12693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.462749][T12693] RSP: 002b:00007fb96784c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  761.462772][T12693] RAX: ffffffffffffffda RBX: 00007fb966bb5fa0 RCX: 00007fb96698e169
[  761.462786][T12693] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  761.462799][T12693] RBP: 00007fb96784c090 R08: 00000000000002e0 R09: 0000000000000000
[  761.462811][T12693] R10: 0000200000000a40 R11: 0000000000000246 R12: 0000000000000001
[  761.462823][T12693] R13: 0000000000000000 R14: 00007fb966bb5fa0 R15: 00007ffcfb6e8258
[  761.462865][T12693]  </TASK>
[  764.641803][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  765.814303][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  766.405609][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  769.315701][T12760] orangefs_mount: mount request failed with -4
[  769.438797][T12785] FAULT_INJECTION: forcing a failure.
[  769.438797][T12785] name failslab, interval 1, probability 0, space 0, times 0
[  769.499494][T12785] CPU: 1 UID: 0 PID: 12785 Comm: syz.3.1882 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  769.499527][T12785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  769.499539][T12785] Call Trace:
[  769.499547][T12785]  <TASK>
[  769.499556][T12785]  dump_stack_lvl+0x241/0x360
[  769.499592][T12785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  769.499618][T12785]  ? __pfx__printk+0x10/0x10
[  769.499648][T12785]  ? ref_tracker_alloc+0x316/0x4c0
[  769.499675][T12785]  should_fail_ex+0x424/0x570
[  769.499701][T12785]  should_failslab+0xac/0x100
[  769.499723][T12785]  kmem_cache_alloc_noprof+0x78/0x390
[  769.499742][T12785]  ? skb_clone+0x20c/0x390
[  769.499770][T12785]  skb_clone+0x20c/0x390
[  769.499795][T12785]  __netlink_deliver_tap+0x3c4/0x7f0
[  769.499837][T12785]  ? netlink_deliver_tap+0x2e/0x1b0
[  769.499862][T12785]  netlink_deliver_tap+0x19d/0x1b0
[  769.499890][T12785]  netlink_sendskb+0x68/0x140
[  769.499916][T12785]  netlink_unicast+0x39f/0x9a0
[  769.499937][T12785]  ? __asan_memcpy+0x40/0x70
[  769.499970][T12785]  ? __pfx_netlink_unicast+0x10/0x10
[  769.500008][T12785]  netlink_rcv_skb+0x296/0x480
[  769.500036][T12785]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  769.500060][T12785]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  769.500108][T12785]  ? safesetid_security_capable+0xb2/0x1d0
[  769.500127][T12785]  ? bpf_lsm_capable+0x9/0x10
[  769.500141][T12785]  ? security_capable+0x7e/0x2d0
[  769.500156][T12785]  nfnetlink_rcv+0x296/0x28f0
[  769.500171][T12785]  ? __dev_queue_xmit+0x2f9/0x3f60
[  769.500185][T12785]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  769.500205][T12785]  ? __dev_queue_xmit+0x2f9/0x3f60
[  769.500218][T12785]  ? __dev_queue_xmit+0x2f9/0x3f60
[  769.500238][T12785]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  769.500250][T12785]  ? lockdep_hardirqs_on+0x9d/0x150
[  769.500264][T12785]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  769.500274][T12785]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  769.500286][T12785]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  769.500313][T12785]  ? rcu_preempt_deferred_qs_irqrestore+0x8c6/0xcb0
[  769.500342][T12785]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  769.500359][T12785]  ? __skb_clone+0x5c/0x6d0
[  769.500376][T12785]  ? rcu_is_watching+0x15/0xb0
[  769.500391][T12785]  ? rcu_read_unlock_special+0x49b/0x570
[  769.500409][T12785]  ? skb_clone+0x240/0x390
[  769.500421][T12785]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  769.500445][T12785]  ? netlink_deliver_tap+0x2e/0x1b0
[  769.500462][T12785]  ? __rcu_read_unlock+0xa1/0x110
[  769.500481][T12785]  netlink_unicast+0x7f8/0x9a0
[  769.500500][T12785]  ? __pfx_netlink_unicast+0x10/0x10
[  769.500516][T12785]  ? skb_put+0x114/0x1f0
[  769.500530][T12785]  netlink_sendmsg+0x8c3/0xcd0
[  769.500565][T12785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  769.500600][T12785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  769.500617][T12785]  __sock_sendmsg+0x221/0x270
[  769.500642][T12785]  ____sys_sendmsg+0x523/0x860
[  769.500661][T12785]  ? __pfx_____sys_sendmsg+0x10/0x10
[  769.500672][T12785]  ? __fget_files+0x2a/0x420
[  769.500687][T12785]  ? __fget_files+0x2a/0x420
[  769.500705][T12785]  __sys_sendmsg+0x271/0x360
[  769.500721][T12785]  ? __pfx___sys_sendmsg+0x10/0x10
[  769.500768][T12785]  ? do_syscall_64+0xb6/0x230
[  769.500784][T12785]  do_syscall_64+0xf3/0x230
[  769.500798][T12785]  ? clear_bhb_loop+0x45/0xa0
[  769.500812][T12785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.500823][T12785] RIP: 0033:0x7fb96698e169
[  769.500835][T12785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.500845][T12785] RSP: 002b:00007fb96784c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  769.500860][T12785] RAX: ffffffffffffffda RBX: 00007fb966bb5fa0 RCX: 00007fb96698e169
[  769.500869][T12785] RDX: 0000000000008000 RSI: 0000200000000180 RDI: 0000000000000003
[  769.500877][T12785] RBP: 00007fb96784c090 R08: 0000000000000000 R09: 0000000000000000
[  769.500884][T12785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  769.500891][T12785] R13: 0000000000000000 R14: 00007fb966bb5fa0 R15: 00007ffcfb6e8258
[  769.500909][T12785]  </TASK>
[  770.407978][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  770.529250][T12796] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1884'.
[  771.086592][T12795] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1885'.
[  771.101929][T12795] FAULT_INJECTION: forcing a failure.
[  771.101929][T12795] name failslab, interval 1, probability 0, space 0, times 0
[  771.141781][T12795] CPU: 0 UID: 0 PID: 12795 Comm: syz.1.1885 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  771.141820][T12795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  771.141833][T12795] Call Trace:
[  771.141841][T12795]  <TASK>
[  771.141850][T12795]  dump_stack_lvl+0x241/0x360
[  771.141887][T12795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  771.141913][T12795]  ? __pfx__printk+0x10/0x10
[  771.141939][T12795]  ? nfnetlink_rcv_msg+0xdfe/0x1190
[  771.141965][T12795]  ? __pfx___might_resched+0x10/0x10
[  771.141993][T12795]  should_fail_ex+0x424/0x570
[  771.142021][T12795]  should_failslab+0xac/0x100
[  771.142044][T12795]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  771.142067][T12795]  ? __alloc_skb+0x1c2/0x480
[  771.142092][T12795]  __alloc_skb+0x1c2/0x480
[  771.142118][T12795]  ? __pfx___alloc_skb+0x10/0x10
[  771.142146][T12795]  ? netlink_ack_tlv_len+0x6e/0x200
[  771.142176][T12795]  netlink_ack+0x147/0xa70
[  771.142201][T12795]  ? arch_stack_walk+0xff/0x150
[  771.142231][T12795]  ? __lock_acquire+0xad5/0xd80
[  771.142261][T12795]  netlink_rcv_skb+0x296/0x480
[  771.142289][T12795]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  771.142313][T12795]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  771.142356][T12795]  ? safesetid_security_capable+0xb2/0x1d0
[  771.142386][T12795]  ? bpf_lsm_capable+0x9/0x10
[  771.142415][T12795]  ? security_capable+0x7e/0x2d0
[  771.142449][T12795]  nfnetlink_rcv+0x296/0x28f0
[  771.142469][T12795]  ? __kernel_text_address+0xd/0x40
[  771.142500][T12795]  ? arch_stack_walk+0xff/0x150
[  771.142539][T12795]  ? stack_trace_save+0x11a/0x1d0
[  771.142569][T12795]  ? __pfx_stack_trace_save+0x10/0x10
[  771.142598][T12795]  ? stack_depot_save_flags+0x44/0x940
[  771.142618][T12795]  ? stack_trace_snprint+0xe1/0xf0
[  771.142643][T12795]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  771.142677][T12795]  ? kasan_save_track+0x51/0x80
[  771.142701][T12795]  ? kasan_save_track+0x3f/0x80
[  771.142723][T12795]  ? __kasan_slab_alloc+0x66/0x80
[  771.142748][T12795]  ? kmem_cache_alloc_node_noprof+0x1f2/0x3b0
[  771.142766][T12795]  ? kmalloc_reserve+0xa8/0x2a0
[  771.142782][T12795]  ? __alloc_skb+0x1f2/0x480
[  771.142797][T12795]  ? netlink_sendmsg+0x638/0xcd0
[  771.142822][T12795]  ? __sock_sendmsg+0x221/0x270
[  771.142844][T12795]  ? ____sys_sendmsg+0x523/0x860
[  771.142869][T12795]  ? __lock_acquire+0xad5/0xd80
[  771.142917][T12795]  ? __lock_acquire+0xad5/0xd80
[  771.142957][T12795]  ? netlink_deliver_tap+0x2e/0x1b0
[  771.142987][T12795]  ? netlink_deliver_tap+0x2e/0x1b0
[  771.143017][T12795]  netlink_unicast+0x7f8/0x9a0
[  771.143053][T12795]  ? __pfx_netlink_unicast+0x10/0x10
[  771.143080][T12795]  ? skb_put+0x114/0x1f0
[  771.143106][T12795]  netlink_sendmsg+0x8c3/0xcd0
[  771.143148][T12795]  ? __pfx_netlink_sendmsg+0x10/0x10
[  771.143190][T12795]  ? __pfx_netlink_sendmsg+0x10/0x10
[  771.143215][T12795]  __sock_sendmsg+0x221/0x270
[  771.143244][T12795]  ____sys_sendmsg+0x523/0x860
[  771.143298][T12795]  ? __pfx_____sys_sendmsg+0x10/0x10
[  771.143317][T12795]  ? __fget_files+0x2a/0x420
[  771.143345][T12795]  ? __fget_files+0x2a/0x420
[  771.143379][T12795]  __sys_sendmsg+0x271/0x360
[  771.143497][T12795]  ? __pfx___sys_sendmsg+0x10/0x10
[  771.143586][T12795]  ? do_syscall_64+0xb6/0x230
[  771.143620][T12795]  do_syscall_64+0xf3/0x230
[  771.143647][T12795]  ? clear_bhb_loop+0x45/0xa0
[  771.143673][T12795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.143719][T12795] RIP: 0033:0x7f7f8cb8e169
[  771.143745][T12795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.143762][T12795] RSP: 002b:00007f7f8da4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  771.143788][T12795] RAX: ffffffffffffffda RBX: 00007f7f8cdb5fa0 RCX: 00007f7f8cb8e169
[  771.143804][T12795] RDX: 0000000004000080 RSI: 0000200000000480 RDI: 0000000000000003
[  771.143816][T12795] RBP: 00007f7f8da4f090 R08: 0000000000000000 R09: 0000000000000000
[  771.143829][T12795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.143842][T12795] R13: 0000000000000000 R14: 00007f7f8cdb5fa0 R15: 00007ffd762c64c8
[  771.143877][T12795]  </TASK>
[  771.579336][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  772.163055][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  772.421956][T12816] FAULT_INJECTION: forcing a failure.
[  772.421956][T12816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  772.435852][T12816] CPU: 0 UID: 0 PID: 12816 Comm: syz.3.1890 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  772.435883][T12816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  772.435895][T12816] Call Trace:
[  772.435903][T12816]  <TASK>
[  772.435911][T12816]  dump_stack_lvl+0x241/0x360
[  772.435946][T12816]  ? __pfx_dump_stack_lvl+0x10/0x10
[  772.435981][T12816]  ? __wake_up_klogd+0xcc/0x110
[  772.436016][T12816]  should_fail_ex+0x424/0x570
[  772.436041][T12816]  _copy_to_user+0x31/0xb0
[  772.436061][T12816]  simple_read_from_buffer+0xc4/0x170
[  772.436077][T12816]  proc_fail_nth_read+0x1ef/0x260
[  772.436096][T12816]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  772.436113][T12816]  ? rw_verify_area+0x246/0x630
[  772.436128][T12816]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  772.436144][T12816]  vfs_read+0x21f/0xb90
[  772.436163][T12816]  ? __pfx___mutex_lock+0x10/0x10
[  772.436180][T12816]  ? __pfx_vfs_read+0x10/0x10
[  772.436198][T12816]  ? __fget_files+0x2a/0x420
[  772.436212][T12816]  ? __fget_files+0x39d/0x420
[  772.436224][T12816]  ? __fget_files+0x2a/0x420
[  772.436243][T12816]  ksys_read+0x19d/0x2d0
[  772.436260][T12816]  ? __pfx_ksys_read+0x10/0x10
[  772.436279][T12816]  ? do_syscall_64+0xb6/0x230
[  772.436296][T12816]  do_syscall_64+0xf3/0x230
[  772.436310][T12816]  ? clear_bhb_loop+0x45/0xa0
[  772.436325][T12816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.436336][T12816] RIP: 0033:0x7fb96698cb7c
[  772.436350][T12816] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  772.436360][T12816] RSP: 002b:00007fb96780a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  772.436376][T12816] RAX: ffffffffffffffda RBX: 00007fb966bb6160 RCX: 00007fb96698cb7c
[  772.436384][T12816] RDX: 000000000000000f RSI: 00007fb96780a0a0 RDI: 0000000000000009
[  772.436392][T12816] RBP: 00007fb96780a090 R08: 0000000000000000 R09: 0000000000000000
[  772.436399][T12816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  772.436406][T12816] R13: 0000000000000000 R14: 00007fb966bb6160 R15: 00007ffcfb6e8258
[  772.436425][T12816]  </TASK>
[  773.749348][T12830] FAULT_INJECTION: forcing a failure.
[  773.749348][T12830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  773.763629][T12830] CPU: 1 UID: 0 PID: 12830 Comm: syz.4.1895 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  773.763662][T12830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  773.763674][T12830] Call Trace:
[  773.763682][T12830]  <TASK>
[  773.763691][T12830]  dump_stack_lvl+0x241/0x360
[  773.763729][T12830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  773.763754][T12830]  ? __pfx__printk+0x10/0x10
[  773.763792][T12830]  should_fail_ex+0x424/0x570
[  773.763820][T12830]  _copy_to_user+0x31/0xb0
[  773.763848][T12830]  simple_read_from_buffer+0xc4/0x170
[  773.763864][T12830]  proc_fail_nth_read+0x1ef/0x260
[  773.763882][T12830]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  773.763899][T12830]  ? rw_verify_area+0x246/0x630
[  773.763915][T12830]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  773.763931][T12830]  vfs_read+0x21f/0xb90
[  773.763950][T12830]  ? __pfx___mutex_lock+0x10/0x10
[  773.763966][T12830]  ? __pfx_vfs_read+0x10/0x10
[  773.763986][T12830]  ? __fget_files+0x2a/0x420
[  773.764001][T12830]  ? __fget_files+0x39d/0x420
[  773.764012][T12830]  ? __fget_files+0x2a/0x420
[  773.764030][T12830]  ksys_read+0x19d/0x2d0
[  773.764047][T12830]  ? __pfx_ksys_read+0x10/0x10
[  773.764066][T12830]  ? do_syscall_64+0xb6/0x230
[  773.764083][T12830]  do_syscall_64+0xf3/0x230
[  773.764097][T12830]  ? clear_bhb_loop+0x45/0xa0
[  773.764111][T12830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.764122][T12830] RIP: 0033:0x7f37d5b8cb7c
[  773.764134][T12830] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  773.764144][T12830] RSP: 002b:00007f37d6ade030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  773.764158][T12830] RAX: ffffffffffffffda RBX: 00007f37d5db5fa0 RCX: 00007f37d5b8cb7c
[  773.764167][T12830] RDX: 000000000000000f RSI: 00007f37d6ade0a0 RDI: 0000000000000005
[  773.764174][T12830] RBP: 00007f37d6ade090 R08: 0000000000000000 R09: 0000000000000000
[  773.764181][T12830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  773.764188][T12830] R13: 0000000000000000 R14: 00007f37d5db5fa0 R15: 00007ffc3e095858
[  773.764209][T12830]  </TASK>
[  774.034336][T12834] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1897'.
[  774.510639][ T5883] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  774.678631][ T5883] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  774.726434][ T5883] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  774.759411][ T5883] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  774.769487][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.796677][T12824] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  774.825414][ T5883] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  774.845870][T12841] netlink: 'syz.4.1899': attribute type 2 has an invalid length.
[  775.119408][   T10] usb 4-1: USB disconnect, device number 32
[  776.012187][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  776.678254][T12870] ERROR: device name not specified.
[  776.989173][T12874] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1911'.
[  777.025565][T12874] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  777.036060][T12874] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  777.398974][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  777.953323][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  778.540720][T12889] Cannot find del_set index 0 as target
[  779.676244][   T30] audit: type=1326 audit(1744802413.213:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  779.823515][   T30] audit: type=1326 audit(1744802413.253:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  779.849102][   T30] audit: type=1326 audit(1744802413.253:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  779.921461][   T30] audit: type=1326 audit(1744802413.253:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.002311][   T30] audit: type=1326 audit(1744802413.283:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.025038][   T30] audit: type=1326 audit(1744802413.283:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.069749][   T30] audit: type=1326 audit(1744802413.283:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.116473][   T30] audit: type=1326 audit(1744802413.303:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.164824][   T30] audit: type=1326 audit(1744802413.303:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.225439][   T30] audit: type=1326 audit(1744802413.303:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12907 comm="syz.2.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7918e169 code=0x7ffc0000
[  780.321969][T12920] ERROR: device name not specified.
[  781.233526][T12927] tipc: Started in network mode
[  781.238720][T12927] tipc: Node identity ac1414bb, cluster identity 4711
[  781.263003][T12927] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  781.395608][T12929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1929'.
[  781.408879][T12929] IPVS: Error joining to the multicast group
[  781.762112][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  781.786439][T12940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1933'.
[  781.894809][T12943] netlink: 'syz.1.1934': attribute type 12 has an invalid length.
[  782.967662][T12959] FAULT_INJECTION: forcing a failure.
[  782.967662][T12959] name failslab, interval 1, probability 0, space 0, times 0
[  783.027024][T12959] CPU: 1 UID: 0 PID: 12959 Comm: syz.1.1939 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  783.027061][T12959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  783.027075][T12959] Call Trace:
[  783.027086][T12959]  <TASK>
[  783.027096][T12959]  dump_stack_lvl+0x241/0x360
[  783.027136][T12959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.027162][T12959]  ? __pfx__printk+0x10/0x10
[  783.027194][T12959]  ? __pfx___might_resched+0x10/0x10
[  783.027222][T12959]  should_fail_ex+0x424/0x570
[  783.027251][T12959]  should_failslab+0xac/0x100
[  783.027275][T12959]  __kmalloc_noprof+0xdf/0x4d0
[  783.027296][T12959]  ? tomoyo_encode+0x26f/0x540
[  783.027321][T12959]  tomoyo_encode+0x26f/0x540
[  783.027347][T12959]  tomoyo_realpath_from_path+0x59e/0x5e0
[  783.027376][T12959]  tomoyo_path_number_perm+0x245/0x790
[  783.027406][T12959]  ? tomoyo_path_number_perm+0x215/0x790
[  783.027434][T12959]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  783.027459][T12959]  ? sb_end_write+0xe9/0x1c0
[  783.027484][T12959]  ? vfs_write+0xb29/0xd10
[  783.027561][T12959]  ? ksys_write+0x266/0x2d0
[  783.027597][T12959]  security_file_ioctl+0xc6/0x2a0
[  783.027628][T12959]  __se_sys_ioctl+0x46/0x160
[  783.027659][T12959]  do_syscall_64+0xf3/0x230
[  783.027685][T12959]  ? clear_bhb_loop+0x45/0xa0
[  783.027710][T12959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.027728][T12959] RIP: 0033:0x7f7f8cb8e169
[  783.027748][T12959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.027765][T12959] RSP: 002b:00007f7f8da4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  783.027790][T12959] RAX: ffffffffffffffda RBX: 00007f7f8cdb5fa0 RCX: 00007f7f8cb8e169
[  783.027804][T12959] RDX: 0000200000001340 RSI: 0000000000003b85 RDI: 0000000000000003
[  783.027818][T12959] RBP: 00007f7f8da4f090 R08: 0000000000000000 R09: 0000000000000000
[  783.027830][T12959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.027842][T12959] R13: 0000000000000000 R14: 00007f7f8cdb5fa0 R15: 00007ffd762c64c8
[  783.027876][T12959]  </TASK>
[  783.247014][    C1] vkms_vblank_simulate: vblank timer overrun
[  783.255511][T12959] ERROR: Out of memory at tomoyo_realpath_from_path.
[  783.269602][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  783.274200][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  783.979182][T12971] syz.1.1941: attempt to access beyond end of device
[  783.979182][T12971] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  783.993334][T12971] MINIX-fs: unable to read superblock
[  784.635663][T12976] overlay: ./bus is not a directory
[  785.990530][T13004] trusted_key: encrypted_key: insufficient parameters specified
[  786.185573][   T30] kauditd_printk_skb: 54 callbacks suppressed
[  786.185596][   T30] audit: type=1326 audit(1744802419.723:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  786.220752][   T30] audit: type=1326 audit(1744802419.753:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  786.243689][   T30] audit: type=1326 audit(1744802419.753:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  786.266351][   T30] audit: type=1326 audit(1744802419.753:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  786.996455][   T30] audit: type=1326 audit(1744802419.753:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37d5b8cad0 code=0x7ffc0000
[  787.030789][   T30] audit: type=1326 audit(1744802419.753:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  787.197304][   T30] audit: type=1326 audit(1744802419.753:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  787.219380][   T30] audit: type=1326 audit(1744802419.753:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d5b8e169 code=0x7ffc0000
[  787.261819][   T30] audit: type=1326 audit(1744802419.753:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37d5b8cad0 code=0x7ffc0000
[  787.302230][T13008] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  787.328922][   T30] audit: type=1326 audit(1744802419.753:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13007 comm="syz.4.1959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f37d5b8f997 code=0x7ffc0000
[  787.573379][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  788.262876][T13041] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1966'.
[  788.313000][T13041] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1966'.
[  788.368317][T13041] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1966'.
[  788.421986][T13041] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1966'.
[  788.769045][T13052] fuse: Unknown parameter 'useò_id'
[  788.811997][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  788.811997][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  789.167029][T13063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1973'.
[  792.410302][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  792.410365][   T30] audit: type=1800 audit(1744802425.943:247): pid=13081 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1977" name="bus" dev="tmpfs" ino=2098 res=0 errno=0
[  793.178923][T13095] FAULT_INJECTION: forcing a failure.
[  793.178923][T13095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  793.204794][T13095] CPU: 0 UID: 0 PID: 13095 Comm: syz.4.1984 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  793.204831][T13095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  793.204844][T13095] Call Trace:
[  793.204853][T13095]  <TASK>
[  793.204862][T13095]  dump_stack_lvl+0x241/0x360
[  793.204899][T13095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  793.204926][T13095]  ? __pfx__printk+0x10/0x10
[  793.204966][T13095]  should_fail_ex+0x424/0x570
[  793.204994][T13095]  _copy_to_iter+0x1f6/0x1c90
[  793.205037][T13095]  ? __pfx__copy_to_iter+0x10/0x10
[  793.205071][T13095]  ? vfs_write+0xb29/0xd10
[  793.205104][T13095]  get_random_bytes_user+0x1e8/0x430
[  793.205142][T13095]  ? __pfx_get_random_bytes_user+0x10/0x10
[  793.205193][T13095]  ? import_ubuf+0x96/0x1d0
[  793.205222][T13095]  __x64_sys_getrandom+0x154/0x250
[  793.205254][T13095]  ? __pfx___x64_sys_getrandom+0x10/0x10
[  793.205279][T13095]  ? ksys_write+0x275/0x2d0
[  793.205318][T13095]  ? do_syscall_64+0xb6/0x230
[  793.205347][T13095]  do_syscall_64+0xf3/0x230
[  793.205371][T13095]  ? clear_bhb_loop+0x45/0xa0
[  793.205396][T13095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  793.205426][T13095] RIP: 0033:0x7f37d5b8e169
[  793.205447][T13095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.205464][T13095] RSP: 002b:00007f37d6ade038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[  793.205487][T13095] RAX: ffffffffffffffda RBX: 00007f37d5db5fa0 RCX: 00007f37d5b8e169
[  793.205501][T13095] RDX: 0000000000000001 RSI: 00000000000000bc RDI: 0000200000000200
[  793.205514][T13095] RBP: 00007f37d6ade090 R08: 0000000000000000 R09: 0000000000000000
[  793.205525][T13095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  793.205536][T13095] R13: 0000000000000000 R14: 00007f37d5db5fa0 R15: 00007ffc3e095858
[  793.205569][T13095]  </TASK>
[  793.422579][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  793.629170][T13103] FAULT_INJECTION: forcing a failure.
[  793.629170][T13103] name failslab, interval 1, probability 0, space 0, times 0
[  793.643285][T13103] CPU: 0 UID: 0 PID: 13103 Comm: syz.4.1986 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  793.643325][T13103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  793.643336][T13103] Call Trace:
[  793.643344][T13103]  <TASK>
[  793.643353][T13103]  dump_stack_lvl+0x241/0x360
[  793.643389][T13103]  ? __pfx_dump_stack_lvl+0x10/0x10
[  793.643414][T13103]  ? __pfx__printk+0x10/0x10
[  793.643445][T13103]  ? __pfx___might_resched+0x10/0x10
[  793.643473][T13103]  should_fail_ex+0x424/0x570
[  793.643501][T13103]  should_failslab+0xac/0x100
[  793.643525][T13103]  __kmalloc_noprof+0xdf/0x4d0
[  793.643544][T13103]  ? tomoyo_encode+0x26f/0x540
[  793.643569][T13103]  tomoyo_encode+0x26f/0x540
[  793.643590][T13103]  ? __pfx_sockfs_dname+0x10/0x10
[  793.643618][T13103]  tomoyo_realpath_from_path+0x59e/0x5e0
[  793.643654][T13103]  tomoyo_path_number_perm+0x245/0x790
[  793.643686][T13103]  ? tomoyo_path_number_perm+0x215/0x790
[  793.643715][T13103]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  793.643741][T13103]  ? sb_end_write+0xe9/0x1c0
[  793.643764][T13103]  ? vfs_write+0xb29/0xd10
[  793.643835][T13103]  ? ksys_write+0x266/0x2d0
[  793.643870][T13103]  security_file_ioctl+0xc6/0x2a0
[  793.643900][T13103]  __se_sys_ioctl+0x46/0x160
[  793.643929][T13103]  do_syscall_64+0xf3/0x230
[  793.643954][T13103]  ? clear_bhb_loop+0x45/0xa0
[  793.643978][T13103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  793.643997][T13103] RIP: 0033:0x7f37d5b8e169
[  793.644015][T13103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.644031][T13103] RSP: 002b:00007f37d6ade038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  793.644066][T13103] RAX: ffffffffffffffda RBX: 00007f37d5db5fa0 RCX: 00007f37d5b8e169
[  793.644084][T13103] RDX: 0000200000000000 RSI: 00000000000089f1 RDI: 0000000000000004
[  793.644098][T13103] RBP: 00007f37d6ade090 R08: 0000000000000000 R09: 0000000000000000
[  793.644111][T13103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  793.644122][T13103] R13: 0000000000000000 R14: 00007f37d5db5fa0 R15: 00007ffc3e095858
[  793.644156][T13103]  </TASK>
[  793.644180][T13103] ERROR: Out of memory at tomoyo_realpath_from_path.
[  794.018614][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  794.600041][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  794.646861][   T30] audit: type=1326 audit(1744802428.183:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13104 comm="syz.2.1987" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6d7918e169 code=0x0
[  797.091545][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  797.240882][T13141] affs: No valid root block on device nullb0
[  797.824690][    T9] usb 2-1: Using ep0 maxpacket: 32
[  797.885606][    T9] usb 2-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[  797.905445][T13145] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1996'.
[  797.921360][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.933329][T13145] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1996'.
[  797.942966][    T9] usb 2-1: Product: syz
[  797.962757][    T9] usb 2-1: Manufacturer: syz
[  797.993692][    T9] usb 2-1: SerialNumber: syz
[  798.031884][    T9] usb 2-1: config 0 descriptor??
[  798.054895][    T9] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  798.104697][T13145] bond1: entered promiscuous mode
[  798.129738][T13145] 8021q: adding VLAN 0 to HW filter on device bond1
[  798.267868][T13136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  798.303706][T13136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  799.044496][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  799.370633][    T9] gspca_topro: reg_w err -71
[  799.401876][    T9] gspca_topro: Sensor soi763a
[  799.430406][    T9] usb 2-1: USB disconnect, device number 23
[  799.834993][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  800.050599][T13152] syz.4.1998 (13152) used greatest stack depth: 17896 bytes left
[  800.324360][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  802.207043][T13188] FAULT_INJECTION: forcing a failure.
[  802.207043][T13188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.221124][T13188] CPU: 1 UID: 0 PID: 13188 Comm: syz.2.2006 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  802.221154][T13188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  802.221167][T13188] Call Trace:
[  802.221175][T13188]  <TASK>
[  802.221183][T13188]  dump_stack_lvl+0x241/0x360
[  802.221220][T13188]  ? __pfx_dump_stack_lvl+0x10/0x10
[  802.221247][T13188]  ? __pfx__printk+0x10/0x10
[  802.221291][T13188]  should_fail_ex+0x424/0x570
[  802.221320][T13188]  _copy_to_user+0x31/0xb0
[  802.221351][T13188]  simple_read_from_buffer+0xc4/0x170
[  802.221378][T13188]  proc_fail_nth_read+0x1ef/0x260
[  802.221407][T13188]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  802.221435][T13188]  ? rw_verify_area+0x246/0x630
[  802.221461][T13188]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  802.221487][T13188]  vfs_read+0x21f/0xb90
[  802.221519][T13188]  ? __pfx___mutex_lock+0x10/0x10
[  802.221545][T13188]  ? __pfx_vfs_read+0x10/0x10
[  802.221575][T13188]  ? __fget_files+0x2a/0x420
[  802.221600][T13188]  ? __fget_files+0x39d/0x420
[  802.221621][T13188]  ? __fget_files+0x2a/0x420
[  802.221654][T13188]  ksys_read+0x19d/0x2d0
[  802.221683][T13188]  ? __pfx_ksys_read+0x10/0x10
[  802.221717][T13188]  ? do_syscall_64+0xb6/0x230
[  802.221744][T13188]  do_syscall_64+0xf3/0x230
[  802.221769][T13188]  ? clear_bhb_loop+0x45/0xa0
[  802.221793][T13188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.221812][T13188] RIP: 0033:0x7f6d7918cb7c
[  802.221831][T13188] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  802.221848][T13188] RSP: 002b:00007f6d79f97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  802.221871][T13188] RAX: ffffffffffffffda RBX: 00007f6d793b6160 RCX: 00007f6d7918cb7c
[  802.221886][T13188] RDX: 000000000000000f RSI: 00007f6d79f970a0 RDI: 0000000000000006
[  802.221898][T13188] RBP: 00007f6d79f97090 R08: 0000000000000000 R09: 0000000000000000
[  802.221911][T13188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.221923][T13188] R13: 0000000000000001 R14: 00007f6d793b6160 R15: 00007ffc61c3a7d8
[  802.221964][T13188]  </TASK>
[  802.657207][T13193] FAULT_INJECTION: forcing a failure.
[  802.657207][T13193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.738209][T13193] CPU: 0 UID: 0 PID: 13193 Comm: syz.4.2010 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  802.738244][T13193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  802.738257][T13193] Call Trace:
[  802.738264][T13193]  <TASK>
[  802.738273][T13193]  dump_stack_lvl+0x241/0x360
[  802.738319][T13193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  802.738345][T13193]  ? __pfx__printk+0x10/0x10
[  802.738386][T13193]  should_fail_ex+0x424/0x570
[  802.738414][T13193]  _copy_from_user+0x2d/0xb0
[  802.738444][T13193]  __sys_bpf+0x1c5/0x8b0
[  802.738467][T13193]  ? __pfx___sys_bpf+0x10/0x10
[  802.738501][T13193]  ? ksys_write+0x275/0x2d0
[  802.738543][T13193]  __x64_sys_bpf+0x7c/0x90
[  802.738572][T13193]  do_syscall_64+0xf3/0x230
[  802.738597][T13193]  ? clear_bhb_loop+0x45/0xa0
[  802.738621][T13193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.738640][T13193] RIP: 0033:0x7f37d5b8e169
[  802.738659][T13193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.738676][T13193] RSP: 002b:00007f37d6ade038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  802.738699][T13193] RAX: ffffffffffffffda RBX: 00007f37d5db5fa0 RCX: 00007f37d5b8e169
[  802.738714][T13193] RDX: 0000000000000080 RSI: 0000200000000200 RDI: 0000000000000005
[  802.738727][T13193] RBP: 00007f37d6ade090 R08: 0000000000000000 R09: 0000000000000000
[  802.738740][T13193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.738752][T13193] R13: 0000000000000000 R14: 00007f37d5db5fa0 R15: 00007ffc3e095858
[  802.738785][T13193]  </TASK>
[  803.523317][T13198] x_tables: ip_tables: ah match: only valid for protocol 51
[  804.214629][T13207] FAULT_INJECTION: forcing a failure.
[  804.214629][T13207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  804.337420][T13207] CPU: 0 UID: 0 PID: 13207 Comm: syz.2.2012 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  804.337457][T13207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  804.337469][T13207] Call Trace:
[  804.337478][T13207]  <TASK>
[  804.337487][T13207]  dump_stack_lvl+0x241/0x360
[  804.337523][T13207]  ? __pfx_dump_stack_lvl+0x10/0x10
[  804.337549][T13207]  ? __pfx__printk+0x10/0x10
[  804.337588][T13207]  should_fail_ex+0x424/0x570
[  804.337617][T13207]  _copy_to_user+0x31/0xb0
[  804.337648][T13207]  finalize_log+0xec/0x1b0
[  804.337676][T13207]  ? __pfx_finalize_log+0x10/0x10
[  804.337699][T13207]  ? btf_check_type_tags+0x6aa/0x6b0
[  804.337733][T13207]  btf_new_fd+0x9da/0xcf0
[  804.337770][T13207]  ? __pfx_btf_new_fd+0x10/0x10
[  804.337799][T13207]  ? bpf_btf_load+0xcf/0x1a0
[  804.337824][T13207]  __sys_bpf+0x72f/0x8b0
[  804.337846][T13207]  ? __pfx___sys_bpf+0x10/0x10
[  804.337880][T13207]  ? ksys_write+0x275/0x2d0
[  804.337924][T13207]  __x64_sys_bpf+0x7c/0x90
[  804.337954][T13207]  do_syscall_64+0xf3/0x230
[  804.337988][T13207]  ? clear_bhb_loop+0x45/0xa0
[  804.338012][T13207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.338031][T13207] RIP: 0033:0x7f6d7918e169
[  804.338050][T13207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  804.338066][T13207] RSP: 002b:00007f6d79fd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  804.338089][T13207] RAX: ffffffffffffffda RBX: 00007f6d793b5fa0 RCX: 00007f6d7918e169
[  804.338104][T13207] RDX: 0000000000000028 RSI: 0000200000000340 RDI: 0000000000000012
[  804.338117][T13207] RBP: 00007f6d79fd9090 R08: 0000000000000000 R09: 0000000000000000
[  804.338129][T13207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  804.338142][T13207] R13: 0000000000000001 R14: 00007f6d793b5fa0 R15: 00007ffc61c3a7d8
[  804.338180][T13207]  </TASK>
[  804.815550][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  805.184419][T13201] syz.1.2008: attempt to access beyond end of device
[  805.184419][T13201] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  805.202964][T13201] MINIX-fs: unable to read superblock
[  805.512601][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  806.214988][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  806.654626][T13232] FAULT_INJECTION: forcing a failure.
[  806.654626][T13232] name failslab, interval 1, probability 0, space 0, times 0
[  806.701790][T13232] CPU: 0 UID: 0 PID: 13232 Comm: syz.4.2021 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  806.701830][T13232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  806.701843][T13232] Call Trace:
[  806.701851][T13232]  <TASK>
[  806.701861][T13232]  dump_stack_lvl+0x241/0x360
[  806.701900][T13232]  ? __pfx_dump_stack_lvl+0x10/0x10
[  806.701927][T13232]  ? __pfx__printk+0x10/0x10
[  806.701959][T13232]  ? __pfx___might_resched+0x10/0x10
[  806.701988][T13232]  should_fail_ex+0x424/0x570
[  806.702015][T13232]  should_failslab+0xac/0x100
[  806.702039][T13232]  __kmalloc_noprof+0xdf/0x4d0
[  806.702058][T13232]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  806.702077][T13232]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  806.702101][T13232]  tomoyo_realpath_from_path+0xcf/0x5e0
[  806.702124][T13232]  ? kern_path+0x3f/0x50
[  806.702156][T13232]  tomoyo_mount_permission+0xab8/0xbd0
[  806.702195][T13232]  ? tomoyo_mount_permission+0x29d/0xbd0
[  806.702229][T13232]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  806.702337][T13232]  security_sb_mount+0xe0/0x2f0
[  806.702365][T13232]  path_mount+0xb9/0xfa0
[  806.702387][T13232]  ? kmem_cache_free+0x197/0x410
[  806.702406][T13232]  ? user_path_at+0x44/0x60
[  806.702439][T13232]  __se_sys_mount+0x38c/0x400
[  806.702469][T13232]  ? __pfx___se_sys_mount+0x10/0x10
[  806.702499][T13232]  ? __x64_sys_mount+0x20/0xc0
[  806.702524][T13232]  do_syscall_64+0xf3/0x230
[  806.702550][T13232]  ? clear_bhb_loop+0x45/0xa0
[  806.702574][T13232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.702599][T13232] RIP: 0033:0x7f37d5b8e169
[  806.702619][T13232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  806.702636][T13232] RSP: 002b:00007f37d6ade038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  806.702660][T13232] RAX: ffffffffffffffda RBX: 00007f37d5db5fa0 RCX: 00007f37d5b8e169
[  806.702675][T13232] RDX: 0000200000001200 RSI: 00002000000000c0 RDI: 00002000000001c0
[  806.702689][T13232] RBP: 00007f37d6ade090 R08: 0000000000000000 R09: 0000000000000000
[  806.702703][T13232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  806.702715][T13232] R13: 0000000000000000 R14: 00007f37d5db5fa0 R15: 00007ffc3e095858
[  806.702748][T13232]  </TASK>
[  806.702814][T13232] ERROR: Out of memory at tomoyo_realpath_from_path.
[  807.290802][T13244] netlink: 'syz.2.2023': attribute type 39 has an invalid length.
[  807.452462][T13252] syz.0.2024: attempt to access beyond end of device
[  807.452462][T13252] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  807.494971][T13252] MINIX-fs: unable to read superblock
[  809.287530][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  809.294444][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  809.412196][   T49] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  809.593636][   T49] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  809.617104][   T49] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  809.659397][   T49] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  809.671671][   T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  809.689862][   T49] usb 4-1: SerialNumber: syz
[  809.951779][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  810.062423][   T49] usb 4-1: 0:2 : does not exist
[  810.154321][    T9] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  810.581451][    T9] usb 5-1: Using ep0 maxpacket: 32
[  810.590449][   T49] usb 4-1: USB disconnect, device number 33
[  810.609095][    T9] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  810.627757][    T9] usb 5-1: config 0 has no interface number 0
[  810.648352][    T9] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  810.666127][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  810.678080][    T9] usb 5-1: Product: syz
[  810.682572][    T9] usb 5-1: Manufacturer: syz
[  810.687352][    T9] usb 5-1: SerialNumber: syz
[  810.701143][    T9] usb 5-1: config 0 descriptor??
[  811.177696][    T9] smsc95xx v2.0.0
[  811.431588][    T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  811.467306][    T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  811.853094][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  812.630947][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  812.660750][    T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  812.688450][    T9] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71
[  812.708565][    T9] usb 5-1: USB disconnect, device number 36
[  815.357003][T13355] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2058'.
[  816.123592][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  817.604198][ T6925] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  818.590641][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  819.951569][T13384] overlay: ./bus is not a directory
[  822.091881][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  822.681942][   T30] audit: type=1800 audit(1744802456.214:249): pid=13423 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.2077" name="bus" dev="tmpfs" ino=2118 res=0 errno=0
[  822.800082][   T30] audit: type=1800 audit(1744802456.334:250): pid=13415 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.2076" name="bus" dev="tmpfs" ino=2249 res=0 errno=0
[  823.322362][T13432] FAULT_INJECTION: forcing a failure.
[  823.322362][T13432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.373252][T13432] CPU: 0 UID: 0 PID: 13432 Comm: syz.1.2082 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  823.373288][T13432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  823.373300][T13432] Call Trace:
[  823.373308][T13432]  <TASK>
[  823.373318][T13432]  dump_stack_lvl+0x241/0x360
[  823.373354][T13432]  ? __pfx_dump_stack_lvl+0x10/0x10
[  823.373381][T13432]  ? __pfx__printk+0x10/0x10
[  823.373422][T13432]  should_fail_ex+0x424/0x570
[  823.373451][T13432]  _copy_from_iter+0x211/0x1c70
[  823.373484][T13432]  ? __build_skb_around+0x247/0x3d0
[  823.373509][T13432]  ? __alloc_skb+0x298/0x480
[  823.373526][T13432]  ? __pfx__copy_from_iter+0x10/0x10
[  823.373555][T13432]  ? __pfx___alloc_skb+0x10/0x10
[  823.373577][T13432]  ? skb_put+0x114/0x1f0
[  823.373601][T13432]  netlink_sendmsg+0x73c/0xcd0
[  823.373644][T13432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  823.373686][T13432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  823.373712][T13432]  __sock_sendmsg+0x221/0x270
[  823.373753][T13432]  ____sys_sendmsg+0x523/0x860
[  823.373785][T13432]  ? __pfx_____sys_sendmsg+0x10/0x10
[  823.373804][T13432]  ? __fget_files+0x2a/0x420
[  823.373832][T13432]  ? __fget_files+0x2a/0x420
[  823.373864][T13432]  __sys_sendmsg+0x271/0x360
[  823.373893][T13432]  ? __pfx___sys_sendmsg+0x10/0x10
[  823.373974][T13432]  ? do_syscall_64+0xb6/0x230
[  823.374003][T13432]  do_syscall_64+0xf3/0x230
[  823.374027][T13432]  ? clear_bhb_loop+0x45/0xa0
[  823.374051][T13432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.374070][T13432] RIP: 0033:0x7f7f8cb8e169
[  823.374089][T13432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  823.374106][T13432] RSP: 002b:00007f7f8da4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  823.374131][T13432] RAX: ffffffffffffffda RBX: 00007f7f8cdb5fa0 RCX: 00007f7f8cb8e169
[  823.374146][T13432] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  823.374159][T13432] RBP: 00007f7f8da4f090 R08: 0000000000000000 R09: 0000000000000000
[  823.374171][T13432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  823.374184][T13432] R13: 0000000000000000 R14: 00007f7f8cdb5fa0 R15: 00007ffd762c64c8
[  823.374217][T13432]  </TASK>
[  823.605047][    C0] vkms_vblank_simulate: vblank timer overrun
[  824.002956][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  824.032942][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  824.473908][T13441] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2083'.
[  826.356241][T13449] kvm: pic: non byte write
[  826.575453][T13449] usb usb8: usbfs: process 13449 (syz.0.2085) did not claim interface 0 before use
[  827.722208][T13459] ERROR: device name not specified.
[  827.845846][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  828.776786][   T30] audit: type=1800 audit(1744802462.314:251): pid=13473 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.2089" name="bus" dev="tmpfs" ino=2208 res=0 errno=0
[  829.014115][  T974] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  829.196240][  T974] usb 3-1: config 0 has an invalid interface number: 95 but max is 0
[  829.213650][  T974] usb 3-1: config 0 has no interface number 0
[  829.225577][  T974] usb 3-1: config 0 interface 95 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 8
[  829.260060][  T974] usb 3-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46
[  829.286892][  T974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.307246][  T974] usb 3-1: Product: syz
[  829.401279][  T974] usb 3-1: Manufacturer: syz
[  829.406142][  T974] usb 3-1: SerialNumber: syz
[  829.791468][  T974] usb 3-1: config 0 descriptor??
[  829.791995][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  829.797159][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  829.911888][T13474] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  830.241527][  T974] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  830.554763][  T974] usb 3-1: MIDIStreaming interface descriptor not found
[  830.725759][  T974] usb 3-1: USB disconnect, device number 23
[  831.147784][T13503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2099'.
[  832.807369][T13515] ERROR: device name not specified.
[  832.969987][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  834.067580][   T30] audit: type=1800 audit(1744802467.544:252): pid=13527 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.2106" name="bus" dev="tmpfs" ino=2154 res=0 errno=0
[  834.487422][T13535] syz.3.2109: attempt to access beyond end of device
[  834.487422][T13535] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[  834.500803][T13535] MINIX-fs: unable to read superblock
[  834.510678][T13543] syz.0.2112 uses old SIOCAX25GETINFO
[  835.005142][T13554] FAULT_INJECTION: forcing a failure.
[  835.005142][T13554] name failslab, interval 1, probability 0, space 0, times 0
[  835.061734][T13554] CPU: 1 UID: 0 PID: 13554 Comm: syz.0.2115 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  835.061769][T13554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  835.061781][T13554] Call Trace:
[  835.061789][T13554]  <TASK>
[  835.061798][T13554]  dump_stack_lvl+0x241/0x360
[  835.061833][T13554]  ? __pfx_dump_stack_lvl+0x10/0x10
[  835.061869][T13554]  ? __pfx__printk+0x10/0x10
[  835.061899][T13554]  ? __pfx___might_resched+0x10/0x10
[  835.061927][T13554]  should_fail_ex+0x424/0x570
[  835.061959][T13554]  should_failslab+0xac/0x100
[  835.061982][T13554]  __kmalloc_noprof+0xdf/0x4d0
[  835.062003][T13554]  ? tomoyo_encode+0x26f/0x540
[  835.062028][T13554]  tomoyo_encode+0x26f/0x540
[  835.062055][T13554]  tomoyo_realpath_from_path+0x59e/0x5e0
[  835.062090][T13554]  tomoyo_path_number_perm+0x245/0x790
[  835.062121][T13554]  ? tomoyo_path_number_perm+0x215/0x790
[  835.062150][T13554]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  835.062185][T13554]  ? ksys_write+0x24e/0x2d0
[  835.062221][T13554]  ? __lock_acquire+0xad5/0xd80
[  835.062264][T13554]  ? __fget_files+0x2a/0x420
[  835.062287][T13554]  ? __fget_files+0x2a/0x420
[  835.062312][T13554]  ? __fget_files+0x2a/0x420
[  835.062341][T13554]  security_file_ioctl+0xc6/0x2a0
[  835.062371][T13554]  __se_sys_ioctl+0x46/0x160
[  835.062402][T13554]  do_syscall_64+0xf3/0x230
[  835.062426][T13554]  ? clear_bhb_loop+0x45/0xa0
[  835.062447][T13554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.062465][T13554] RIP: 0033:0x7f5b7d58e169
[  835.062483][T13554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  835.062497][T13554] RSP: 002b:00007f5b7e378038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  835.062519][T13554] RAX: ffffffffffffffda RBX: 00007f5b7d7b5fa0 RCX: 00007f5b7d58e169
[  835.062533][T13554] RDX: 0000200000000040 RSI: 00000000c034564b RDI: 0000000000000003
[  835.062545][T13554] RBP: 00007f5b7e378090 R08: 0000000000000000 R09: 0000000000000000
[  835.062557][T13554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.062568][T13554] R13: 0000000000000000 R14: 00007f5b7d7b5fa0 R15: 00007fffb3409db8
[  835.062623][T13554]  </TASK>
[  835.062677][T13554] ERROR: Out of memory at tomoyo_realpath_from_path.
[  835.111254][ T5883] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  835.524477][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  835.897098][ T5883] usb 4-1: Using ep0 maxpacket: 8
[  835.927491][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  835.945323][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  835.987294][ T5883] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  836.017697][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  836.032267][ T5883] usb 4-1: config 0 descriptor??
[  836.243665][T13563] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2114'.
[  836.451783][ T5883] usbhid 4-1:0.0: can't add hid device: -71
[  836.473913][ T5883] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  836.513097][ T5883] usb 4-1: USB disconnect, device number 34
[  836.597504][T13566] ERROR: device name not specified.
[  837.005828][T13568] 9pnet_fd: Insufficient options for proto=fd
[  837.017177][T13568] blktrace: Concurrent blktraces are not allowed on sg0
[  837.189947][T13574] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2121'.
[  837.201035][T13574] sch_tbf: peakrate 4 is lower than or equals to rate 5 !
[  837.281354][ T5883] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[  837.350299][T13577] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  837.493683][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  837.540161][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  837.557910][   T30] audit: type=1800 audit(1744802471.094:253): pid=13585 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.2123" name="bus" dev="tmpfs" ino=2437 res=0 errno=0
[  837.604167][ T5883] usb 5-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  837.627840][ T5883] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  837.651589][ T5883] usb 5-1: Manufacturer: syz
[  837.665479][ T5883] usb 5-1: config 0 descriptor??
[  838.103473][ T5883] cougar 0003:060B:700A.000B: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  838.407895][   T30] audit: type=1800 audit(1744802471.944:254): pid=13595 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.2125" name="bus" dev="tmpfs" ino=2481 res=0 errno=0
[  838.724366][ T6402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  838.866092][T13597] netlink: 'syz.2.2126': attribute type 1 has an invalid length.
[  838.949651][T13601] FAULT_INJECTION: forcing a failure.
[  838.949651][T13601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  839.036544][T13601] CPU: 0 UID: 0 PID: 13601 Comm: syz.2.2126 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  839.036582][T13601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  839.036595][T13601] Call Trace:
[  839.036604][T13601]  <TASK>
[  839.036613][T13601]  dump_stack_lvl+0x241/0x360
[  839.036650][T13601]  ? __pfx_dump_stack_lvl+0x10/0x10
[  839.036676][T13601]  ? __pfx__printk+0x10/0x10
[  839.036717][T13601]  should_fail_ex+0x424/0x570
[  839.036743][T13601]  _copy_from_user+0x2d/0xb0
[  839.036771][T13601]  copy_msghdr_from_user+0xb3/0x580
[  839.036803][T13601]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  839.036823][T13601]  ? __fget_files+0x2a/0x420
[  839.036847][T13601]  ? __fget_files+0x2a/0x420
[  839.036877][T13601]  __sys_sendmsg+0x20a/0x360
[  839.036905][T13601]  ? __pfx___sys_sendmsg+0x10/0x10
[  839.036988][T13601]  ? do_syscall_64+0xb6/0x230
[  839.037027][T13601]  do_syscall_64+0xf3/0x230
[  839.037051][T13601]  ? clear_bhb_loop+0x45/0xa0
[  839.037075][T13601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.037094][T13601] RIP: 0033:0x7f6d7918e169
[  839.037112][T13601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  839.037128][T13601] RSP: 002b:00007f6d79fb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  839.037151][T13601] RAX: ffffffffffffffda RBX: 00007f6d793b6080 RCX: 00007f6d7918e169
[  839.037165][T13601] RDX: 0000000020000400 RSI: 00002000000000c0 RDI: 0000000000000004
[  839.037177][T13601] RBP: 00007f6d79fb8090 R08: 0000000000000000 R09: 0000000000000000
[  839.037189][T13601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  839.037200][T13601] R13: 0000000000000001 R14: 00007f6d793b6080 R15: 00007ffc61c3a7d8
[  839.037230][T13601]  </TASK>
[  839.419159][T13597] 8021q: adding VLAN 0 to HW filter on device bond1
[  839.434581][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  839.542634][ T5883] usb 5-1: reset full-speed USB device number 37 using dummy_hcd
[  840.740253][T13616] ERROR: device name not specified.
[  841.295530][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  842.492692][   T10] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  842.507857][    T9] usb 5-1: USB disconnect, device number 37
[  842.541982][T13637] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  843.064763][   T10] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  843.075817][   T10] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  843.086308][   T10] usb 2-1: config 4 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  843.096500][   T10] usb 2-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x56, changing to 0x6
[  843.370711][T13642] MTD: Couldn't look up 'Ÿë
': -2
[  844.001254][   T10] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  844.065316][   T10] usb 2-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[  844.095128][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.132310][   T10] usb 2-1: Product: syz
[  844.137383][   T10] usb 2-1: Manufacturer: syz
[  844.199752][   T10] usb 2-1: SerialNumber: syz
[  844.243079][   T10] usb 2-1: ucan: probing device on interface #0
[  844.249843][   T10] usb 2-1: ucan: invalid endpoint configuration
[  844.290887][   T10] usb 2-1: ucan: probe failed; try to update the device firmware
[  844.577530][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  844.822544][   T10] usb 2-1: USB disconnect, device number 24
[  845.870574][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  846.004195][T13662] syz.3.2143: attempt to access beyond end of device
[  846.004195][T13662] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[  846.017832][T13662] MINIX-fs: unable to read superblock
[  847.050206][T10399] Bluetooth: hci0: unexpected event for opcode 0x0c26
[  848.303474][   T10] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  848.504231][   T10] usb 5-1: too many endpoints for config 4 interface 0 altsetting 0: 79, using maximum allowed: 30
[  848.535917][   T10] usb 5-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x32, changing to 0x2
[  848.576414][   T10] usb 5-1: config 4 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 91
[  848.601192][   T10] usb 5-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 79
[  848.643379][   T10] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  848.799248][   T24] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  848.819072][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  848.852029][ T5882] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  848.854905][T13688] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  849.035795][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  849.075233][ T5882] usb 4-1: device descriptor read/64, error -71
[  849.117484][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  849.177192][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  849.188020][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  849.202069][   T24] usb 3-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  849.211775][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  849.272919][   T24] usb 3-1: config 0 descriptor??
[  849.319596][   T10] ath6kl: Failed to submit usb control message: -71
[  849.329696][   T10] ath6kl: unable to send the bmi data to the device: -71
[  849.347842][   T10] ath6kl: Unable to send get target info: -71
[  849.351601][ T5882] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  849.400238][   T10] ath6kl: Failed to init ath6kl core: -71
[  849.427932][   T10] ath6kl_usb 5-1:4.0: probe with driver ath6kl_usb failed with error -71
[  849.608781][    T9] usb 3-1: USB disconnect, device number 24
[  849.611840][ T5882] usb 4-1: device descriptor read/64, error -71
[  849.655742][   T10] usb 5-1: USB disconnect, device number 38
[  849.789385][ T5882] usb usb4-port1: attempt power cycle
[  850.132530][ T5882] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  850.540472][ T2963] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  850.632732][T13718] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2157'.
[  850.672052][ T5882] usb 4-1: device descriptor read/8, error -71
[  851.049633][T13725] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2160'.
[  851.059631][T13725] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2160'.
[  851.091595][ T5882] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  851.122956][T13727] 
[  851.125449][T13727] ======================================================
[  851.132499][T13727] WARNING: possible circular locking dependency detected
[  851.139560][T13727] 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 Not tainted
[  851.146802][T13727] ------------------------------------------------------
[  851.153855][T13727] syz.0.2160/13727 is trying to acquire lock:
[  851.160060][T13727] ffffffff900eb308 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0x10f0/0x39c0
[  851.170061][T13727] 
[  851.170061][T13727] but task is already holding lock:
[  851.177759][T13727] ffff888012eb66a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  851.189272][T13727] 
[  851.189272][T13727] which lock already depends on the new lock.
[  851.189272][T13727] 
[  851.200348][T13727] 
[  851.200348][T13727] the existing dependency chain (in reverse order) is:
[  851.211013][T13727] 
[  851.211013][T13727] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  851.220095][T13727]        lock_acquire+0x116/0x2f0
[  851.225421][T13727]        __mutex_lock+0x1a5/0x10c0
[  851.230677][T13727]        smc_switch_to_fallback+0x35/0xda0
[  851.236668][T13727]        smc_sendmsg+0x11f/0x530
[  851.241632][T13727]        __sock_sendmsg+0x221/0x270
[  851.247024][T13727]        __sys_sendto+0x365/0x4c0
[  851.252157][T13727]        __x64_sys_sendto+0xde/0x100
[  851.257444][T13727]        do_syscall_64+0xf3/0x230
[  851.262927][T13727]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.269786][T13727] 
[  851.269786][T13727] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  851.277580][T13727]        lock_acquire+0x116/0x2f0
[  851.282809][T13727]        lock_sock_nested+0x48/0x100
[  851.288128][T13727]        do_ip_setsockopt+0x17e9/0x39c0
[  851.293709][T13727]        ip_setsockopt+0x63/0x100
[  851.298863][T13727]        do_sock_setsockopt+0x3b1/0x710
[  851.305184][T13727]        __x64_sys_setsockopt+0x1ee/0x280
[  851.311381][T13727]        do_syscall_64+0xf3/0x230
[  851.316701][T13727]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.323389][T13727] 
[  851.323389][T13727] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  851.330627][T13727]        validate_chain+0xa69/0x24e0
[  851.336209][T13727]        __lock_acquire+0xad5/0xd80
[  851.341472][T13727]        lock_acquire+0x116/0x2f0
[  851.346816][T13727]        __mutex_lock+0x1a5/0x10c0
[  851.352078][T13727]        do_ip_setsockopt+0x10f0/0x39c0
[  851.357729][T13727]        ip_setsockopt+0x63/0x100
[  851.362792][T13727]        smc_setsockopt+0x25c/0xd50
[  851.368120][T13727]        do_sock_setsockopt+0x3b1/0x710
[  851.373724][T13727]        __x64_sys_setsockopt+0x1ee/0x280
[  851.379545][T13727]        do_syscall_64+0xf3/0x230
[  851.384768][T13727]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.391259][T13727] 
[  851.391259][T13727] other info that might help us debug this:
[  851.391259][T13727] 
[  851.401708][T13727] Chain exists of:
[  851.401708][T13727]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  851.401708][T13727] 
[  851.415491][T13727]  Possible unsafe locking scenario:
[  851.415491][T13727] 
[  851.423060][T13727]        CPU0                    CPU1
[  851.428462][T13727]        ----                    ----
[  851.433847][T13727]   lock(&smc->clcsock_release_lock);
[  851.439338][T13727]                                lock(sk_lock-AF_INET);
[  851.446304][T13727]                                lock(&smc->clcsock_release_lock);
[  851.454327][T13727]   lock(rtnl_mutex);
[  851.458601][T13727] 
[  851.458601][T13727]  *** DEADLOCK ***
[  851.458601][T13727] 
[  851.466782][T13727] 1 lock held by syz.0.2160/13727:
[  851.472371][T13727]  #0: ffff888012eb66a8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  851.482966][T13727] 
[  851.482966][T13727] stack backtrace:
[  851.488917][T13727] CPU: 1 UID: 0 PID: 13727 Comm: syz.0.2160 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  851.488943][T13727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  851.488954][T13727] Call Trace:
[  851.488963][T13727]  <TASK>
[  851.488971][T13727]  dump_stack_lvl+0x241/0x360
[  851.488997][T13727]  ? __pfx_dump_stack_lvl+0x10/0x10
[  851.489018][T13727]  ? __pfx__printk+0x10/0x10
[  851.489038][T13727]  ? print_lock+0x171/0x1a0
[  851.489056][T13727]  print_circular_bug+0x2e1/0x300
[  851.489076][T13727]  check_noncircular+0x142/0x160
[  851.489099][T13727]  validate_chain+0xa69/0x24e0
[  851.489119][T13727]  ? finish_task_switch+0x1e5/0x870
[  851.489148][T13727]  __lock_acquire+0xad5/0xd80
[  851.489165][T13727]  lock_acquire+0x116/0x2f0
[  851.489177][T13727]  ? do_ip_setsockopt+0x10f0/0x39c0
[  851.489200][T13727]  __mutex_lock+0x1a5/0x10c0
[  851.489218][T13727]  ? do_ip_setsockopt+0x10f0/0x39c0
[  851.489235][T13727]  ? look_up_lock_class+0x7b/0x170
[  851.489254][T13727]  ? register_lock_class+0x54/0x330
[  851.489267][T13727]  ? do_ip_setsockopt+0x10f0/0x39c0
[  851.489284][T13727]  ? __pfx___mutex_lock+0x10/0x10
[  851.489301][T13727]  ? __lock_acquire+0xad5/0xd80
[  851.489318][T13727]  ? __pfx___mutex_trylock_common+0x10/0x10
[  851.489337][T13727]  do_ip_setsockopt+0x10f0/0x39c0
[  851.489357][T13727]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  851.489376][T13727]  ? smc_setsockopt+0x1b2/0xd50
[  851.489394][T13727]  ? __pfx___mutex_lock+0x10/0x10
[  851.489423][T13727]  ip_setsockopt+0x63/0x100
[  851.489439][T13727]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  851.489462][T13727]  smc_setsockopt+0x25c/0xd50
[  851.489481][T13727]  ? __pfx_smc_setsockopt+0x10/0x10
[  851.489497][T13727]  ? __lock_acquire+0xad5/0xd80
[  851.489512][T13727]  ? __pfx_smc_setsockopt+0x10/0x10
[  851.489528][T13727]  do_sock_setsockopt+0x3b1/0x710
[  851.489546][T13727]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  851.489560][T13727]  ? __fget_files+0x2a/0x420
[  851.489578][T13727]  ? __fget_files+0x39d/0x420
[  851.489593][T13727]  ? __fget_files+0x2a/0x420
[  851.489611][T13727]  __x64_sys_setsockopt+0x1ee/0x280
[  851.489628][T13727]  do_syscall_64+0xf3/0x230
[  851.489647][T13727]  ? clear_bhb_loop+0x45/0xa0
[  851.489663][T13727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.489680][T13727] RIP: 0033:0x7f5b7d58e169
[  851.489695][T13727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  851.489709][T13727] RSP: 002b:00007f5b7e357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  851.489729][T13727] RAX: ffffffffffffffda RBX: 00007f5b7d7b6080 RCX: 00007f5b7d58e169
[  851.489741][T13727] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000006
[  851.489751][T13727] RBP: 00007f5b7d610a68 R08: 0000000000000028 R09: 0000000000000000
[  851.489760][T13727] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  851.489770][T13727] R13: 0000000000000000 R14: 00007f5b7d7b6080 R15: 00007fffb3409db8
[  851.489786][T13727]  </TASK>
[  851.797834][   T81] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  851.902647][ T5882] usb 4-1: device descriptor read/8, error -71
[  852.011684][ T5882] usb usb4-port1: unable to enumerate USB device
[  852.131619][T13737] x_tables: ip_tables: ah match: only valid for protocol 51
[  856.002692][ T5956] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  857.282182][ T5954] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  860.491858][ T1034] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration