last executing test programs:

26m42.089604963s ago: executing program 0 (id=1043):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0x1, 0x3, 0x1}) (fail_nth: 1)

26m41.50630657s ago: executing program 0 (id=1045):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1004e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ppoll(&(0x7f0000000000)=[{r1, 0x2000}, {r1, 0x8104}], 0x2, 0x0, 0x0, 0x0)
bind$unix(r1, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
syz_emit_ethernet(0x1fc, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd68626acf01c611fffc020000000000000000000000000000fe8800000000000000000000000001010c010000000000000105000000000009025add00010000000c0200000000000004010b05020006c2040000010105020004000000000000008404027f00000000fe8000000000000000000000000000aaff0100000000000000000000000000011d000728650000000002000000000000c910fc02000000000000000000000000000104010300000004000509670000002902000000000000c910fe8000000000000000000000000000aa0000000000003308010100000000ff020000000000000000000000000001ff020000000000000000000000000001fe8000000000000000000000000000aafe8000000000000000000000000000aa01010000000000000502ff540502000000010000000000004e204e2000b69078a39cf3ea9902dbf59d55395782074c8bd2921b4aad41429c6774410ab4d68d8e1411e1507f2a0fbc631958da09d8865bb82a8d0374f236016af652fe685ab57bad27cd0a441eaa190b1c7b"], 0x0)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x7ffd, 0xffffffff, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000001c0)={0x8}, 0x10)
r4 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000003b0007010000000000000000017c00000400fc800c00018006000600800a000008000280040072800c0009000600000000000000"], 0x38}}, 0xc000)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
writev(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="1e", 0x1}], 0x1)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000040)="9b2f58bc", 0x4}], 0x1)

26m35.558768023s ago: executing program 0 (id=1058):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x7593, 0x2, 0x0)
futex_waitv(&(0x7f0000002940)=[{0x0, &(0x7f0000001000), 0x82}, {0x0, &(0x7f0000001040), 0x82}, {0x0, &(0x7f0000001080), 0x82}, {0x0, &(0x7f00000010c0), 0x82}, {0x0, &(0x7f0000001100), 0x82}, {0x0, &(0x7f0000001140), 0x82}, {0x0, &(0x7f0000001180)}, {0x0, &(0x7f00000011c0)}, {0x0, &(0x7f0000001200)}, {0x0, &(0x7f0000001240)}, {0x0, &(0x7f0000001280)}, {0x0, &(0x7f00000012c0)}, {0x0, &(0x7f0000001300)}, {0x0, &(0x7f0000001340)}, {0x0, &(0x7f0000001380)}, {0x0, &(0x7f00000013c0)}, {0x0, &(0x7f0000001400)}, {0x0, &(0x7f0000001440)}, {0x0, &(0x7f0000001480)}, {0x0, &(0x7f00000014c0)}, {0x0, &(0x7f0000001500)}, {0x0, &(0x7f0000001540)}, {0x0, &(0x7f0000001580)}, {0x0, &(0x7f00000015c0)}, {0x0, &(0x7f0000001600)}, {0x0, &(0x7f0000001640)}, {0x0, &(0x7f0000001680)}, {0x0, &(0x7f00000016c0)}, {0x0, &(0x7f0000001700)}, {0x0, &(0x7f0000001740)}, {0x0, &(0x7f0000001780)}, {0x0, &(0x7f00000017c0)}, {0x0, &(0x7f0000001800)}, {0x0, &(0x7f0000001840)}, {0x0, &(0x7f0000001880)}, {0x0, &(0x7f00000018c0)}, {0x0, &(0x7f0000001900)}, {0x0, &(0x7f0000001940)}, {0x0, &(0x7f0000001980)}, {0x0, &(0x7f00000019c0)}, {0x0, &(0x7f0000001a00)}, {0x0, &(0x7f0000001a40)}, {0x0, &(0x7f0000001a80)}, {0x0, &(0x7f0000001ac0)}, {0x0, &(0x7f0000001b00)}, {0x0, &(0x7f0000001b40)}, {0x0, &(0x7f0000001b80)}, {0x0, &(0x7f0000001bc0)}, {0x0, &(0x7f0000001c00)}, {0x0, &(0x7f0000001c40)}, {0x0, &(0x7f0000001c80)}, {0x0, &(0x7f0000001cc0)}, {0x0, &(0x7f0000001d00)}, {0x0, &(0x7f0000001d40)}, {0x0, &(0x7f0000001d80)}, {0x0, &(0x7f0000001dc0)}, {0x0, &(0x7f0000001e00)}, {0x0, &(0x7f0000001e40)}, {0x0, &(0x7f0000001e80)}, {0x0, &(0x7f0000001ec0)}, {0x0, &(0x7f0000001f00)}, {0x0, &(0x7f0000001f40)}, {0x0, &(0x7f0000001f80)}, {0x0, &(0x7f0000001fc0)}, {0x0, &(0x7f0000002000)}, {0x0, &(0x7f0000002040)}, {0x0, &(0x7f0000002080)}, {0x0, &(0x7f00000020c0)}, {0x0, &(0x7f0000002100)}, {0x0, &(0x7f0000002140)}, {0x0, &(0x7f0000002180)}, {0x0, &(0x7f00000021c0)}, {0x0, &(0x7f0000002200)}, {0x0, &(0x7f0000002240)}, {0x0, &(0x7f0000002280)}, {0x0, &(0x7f00000022c0)}, {0x0, &(0x7f0000002300)}, {0x0, &(0x7f0000002340)}, {0x0, &(0x7f0000002380)}, {0x0, &(0x7f00000023c0)}, {0x0, &(0x7f0000002400)}, {0x0, &(0x7f0000002440)}, {0x0, &(0x7f0000002480)}, {0x0, &(0x7f00000024c0)}, {0x0, &(0x7f0000002500)}, {0x0, &(0x7f0000002540)}, {0x0, &(0x7f0000002580)}, {0x0, 0x0}, {0x0, &(0x7f0000002600)}, {0x0, &(0x7f0000002640)}, {0x0, &(0x7f0000002680)}, {0x0, &(0x7f00000026c0)}, {0x0, &(0x7f0000002700)}, {0x0, &(0x7f0000002740)}, {0x0, &(0x7f0000002780)}, {0x0, &(0x7f00000027c0)}, {0x0, &(0x7f0000002800)}, {0x0, &(0x7f0000002840)}, {0x0, &(0x7f0000002880)}, {0x0, &(0x7f0000003380)}, {0x0, &(0x7f0000002900)}], 0x65, 0x0, &(0x7f0000003300), 0x1)

26m32.470221704s ago: executing program 0 (id=1069):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket(0x1e, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
writev(r5, &(0x7f0000000140)=[{&(0x7f00000000c0)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee0000000000000000020000", 0x56}, {&(0x7f0000000000)="abd9", 0x2}], 0x2)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10)
accept4$packet(r1, 0x0, 0x0, 0x800)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000180)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x2}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$DRM_IOCTL_GET_CLIENT(r7, 0xc0286405, &(0x7f0000000000)={0x5, 0x8, {<r8=>0x0}, {0xee00}, 0xffffffffffffffea, 0x9})
ioctl$BINDER_FREEZE(r7, 0x400c620e, &(0x7f0000000100)={r8, 0x0, 0x7})
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)

26m31.372502542s ago: executing program 0 (id=1071):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
read$FUSE(r1, &(0x7f0000003080)={0x2020}, 0xfffffda3)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000000)={0x1, 0xffffffffffffffff, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, 0xffffffffffffffff, &(0x7f0000000000))
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$CEC_DQEVENT(r3, 0xc0506107, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)

26m31.182377234s ago: executing program 0 (id=1074):
syz_usb_connect$cdc_ecm(0x2, 0x5c, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024a00010100000009040000160202000005241b000a05240000000d240f010000000000000000000624070000000905810340000000000905820208000000000905", @ANYRES16], 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000080)={[0x965, 0x5, 0x10, 0x9, 0x0, 0xd, 0x9, 0x0, 0x5, 0xe, 0x8001, 0x4, 0x2, 0x1ff, 0x7, 0x7ff], 0x1000})

26m30.027036267s ago: executing program 32 (id=1074):
syz_usb_connect$cdc_ecm(0x2, 0x5c, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024a00010100000009040000160202000005241b000a05240000000d240f010000000000000000000624070000000905810340000000000905820208000000000905", @ANYRES16], 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000080)={[0x965, 0x5, 0x10, 0x9, 0x0, 0xd, 0x9, 0x0, 0x5, 0xe, 0x8001, 0x4, 0x2, 0x1ff, 0x7, 0x7ff], 0x1000})

21m29.022984415s ago: executing program 5 (id=2029):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000790000006c0200004622"])

21m27.182334466s ago: executing program 5 (id=2034):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_settime(r3, 0x0, &(0x7f0000000900), &(0x7f0000000940))
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f00000008c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x20, r1, 0x4, 0x70bd25, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xffff, 0x70}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x8000000}, 0x800)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r4, 0x6, 0x1c, &(0x7f0000000600)="3e88a7787577bf22efff933fe00a76181bbcb419bc841bcf852a0acabbb6c160109aa3d8f54dd54a6bfb1f5b55ef19e175620949ab52a7906447fae262c287f752bc53792edfe3cb0ffb904aa561f2", 0x4f)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000000)={<r5=>r4, 0x2, 0xfba, 0x3})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0x7, [@decl_tag={0x3, 0x0, 0x0, 0x11, 0x1, 0x2}, @type_tag={0xa, 0x0, 0x0, 0x12, 0x4}, @func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0xe, 0x1}, {0xf, 0x2}, {0x10}]}, @volatile={0x5, 0x0, 0x0, 0x9, 0x5}, @func={0x7, 0x0, 0x0, 0xc, 0x4}, @const={0x10, 0x0, 0x0, 0xa, 0x4}]}, {0x0, [0x5f, 0x5f, 0x30, 0x0, 0x30]}}, &(0x7f0000000780)=""/42, 0x83, 0x2a, 0x1, 0xfff, 0x0, @void, @value}, 0x28)
r6 = syz_create_resource$binfmt(&(0x7f00000000c0)='./file0\x00')
execveat$binfmt(r5, r6, &(0x7f0000000240)={[&(0x7f0000000100)=']\x00', &(0x7f0000000140)=':(\x00', &(0x7f0000000180)=',@\xd7\x00', &(0x7f00000001c0)='.\x00']}, &(0x7f0000000500)={[&(0x7f0000000280)='\x8e\x00', &(0x7f00000002c0)='\'}(-{!)^\x00', &(0x7f0000000300)='\\--:\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='security.SMACK64MMAP\x00', &(0x7f0000000400)='[:\x00', &(0x7f0000000440)='-%+[.\xc7(\\\x00', &(0x7f0000000480)='security.SMACK64MMAP\x00', &(0x7f00000004c0)='security.SMACK64MMAP\x00']}, 0x1800)
setsockopt$inet6_tcp_int(r4, 0x6, 0x11, &(0x7f0000000040)=0x7fffffff, 0x4)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'macvlan0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r10, @ANYBLOB="800202000a0002"], 0x48}}, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000940)={0x0, 0xc, &(0x7f00000001c0), 0x1}, 0x0)
bind$tipc(r8, 0x0, 0x0)
bind$tipc(r7, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r7, 0x10f, 0x88)

21m27.12522716s ago: executing program 5 (id=2035):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x29, 0x2, 0x2802000, 0xfffd, 0xfffd, 0x0, 0x60, 0x0, 0x0, 0x100}}, 0x50)
vmsplice(r1, &(0x7f0000000140), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

21m25.791633703s ago: executing program 5 (id=2039):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
fchdir(r0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
syz_open_dev$usbfs(&(0x7f0000000000), 0x76, 0x121301)
chdir(&(0x7f0000000080)='./file1\x00')
syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)

21m24.852853734s ago: executing program 5 (id=2045):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0xa, 0x8, 0x3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x40000000004, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f000016f000/0x1000)=nil, 0x1000, 0x100000c, 0x13, r1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000040000900020073797a32000000001400078005001400740000000800084000000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7fe, 0xf83, 0x8}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)

21m23.240847953s ago: executing program 5 (id=2050):
prctl$PR_SET_SECUREBITS(0x1c, 0x10)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r0, &(0x7f0000000540)=[{&(0x7f0000000580)=""/192, 0xc0}], 0x1, 0x1a, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@local}, 0x0, @in=@initdev}}, &(0x7f0000000000)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000c40)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000000240)=0xe8)
setresuid(r2, r1, 0x0)
setreuid(0xee01, 0xffffffffffffffff)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000440)={'netdevsim0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000300)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r6, &(0x7f0000000000)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x33, 0x0)

21m22.355006441s ago: executing program 33 (id=2050):
prctl$PR_SET_SECUREBITS(0x1c, 0x10)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r0, &(0x7f0000000540)=[{&(0x7f0000000580)=""/192, 0xc0}], 0x1, 0x1a, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@local}, 0x0, @in=@initdev}}, &(0x7f0000000000)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000c40)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000000240)=0xe8)
setresuid(r2, r1, 0x0)
setreuid(0xee01, 0xffffffffffffffff)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000440)={'netdevsim0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000300)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r6, &(0x7f0000000000)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x33, 0x0)

16m52.771870211s ago: executing program 2 (id=2819):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x0, 0x0})
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_TABLE(r1, 0x0, 0xcf, &(0x7f0000000180)=0xfd, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0x9, 0x1, 'DNAT\x00'}]}}}]}]}], {0x14}}, 0xc0}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x5})
ioctl$FIONREAD(r0, 0x2103, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r0, {0x2}}, './file0\x00'})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x1, &(0x7f0000000480)=ANY=[@ANYRESDEC=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x21, 0x2, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r5, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000008000200000000001400", @ANYRES64=r5], 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r4, 0x0, 0x8}, 0x18)
r6 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_pressure(r7, &(0x7f00000002c0)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r8, &(0x7f0000000040)={'full', 0x20, 0x100001, 0x20, 0x100002}, 0x2f)
ioctl$UFFDIO_WRITEPROTECT(r3, 0xc018aa06, &(0x7f0000000100)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x1})
write$cgroup_pressure(r8, &(0x7f00000005c0)={'full', 0x20, 0x7, 0x20, 0x1}, 0x2f)
lgetxattr(0x0, 0x0, 0x0, 0x0)

16m52.103785112s ago: executing program 2 (id=2821):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
shutdown(0xffffffffffffffff, 0x0)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000340)={0xe, 0xc, 0x11, 0x13, 0x2, 0x0, 0x4, 0x157, 0x1})
socket(0x2, 0x80805, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e21, 0x3, 'dh\x00', 0x1, 0x2, 0x20}, 0x2c)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x7, &(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

16m50.747655059s ago: executing program 2 (id=2823):
unshare(0x22020400) (async)
unshare(0x20060000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
quotactl_fd$Q_GETINFO(r0, 0xffffffff80000502, 0x0, 0x0) (async)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000000)={0xfffe, 0x0, 0x0, 0x7, @vifc_lcl_addr=@local, @multicast1}, 0x10) (async)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f00000008c0)=0x8, 0x4)

16m50.401700727s ago: executing program 2 (id=2827):
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x700, 0x100, 0x101, 0xfffffffc, {{0x5, 0x4, 0x2, 0x6, 0x14, 0x67, 0x0, 0x3, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x30}, @loopback}}}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x7f5825ce3b4211ea, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_usb_connect(0x2, 0x36, &(0x7f0000000380)={{0x12, 0x1, 0x0, 0x69, 0x3f, 0xc, 0x10, 0x1044, 0x7001, 0x8020, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x4, 0x0, 0xc6874c83f2e5f2aa, 0x3, [{{0x9, 0x4, 0x2c, 0x0, 0x2, 0xc1, 0xd, 0xb2, 0x7, [], [{{0x9, 0x5, 0x2, 0x1, 0x20, 0x3, 0x10, 0xd}}, {{0x9, 0x5, 0x7, 0x0, 0x68, 0x6, 0xb, 0x7f}}]}}]}}]}}, 0x0)
syz_usb_control_io(r2, &(0x7f0000000a00)={0x2c, 0x0, &(0x7f0000000840)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000001a80)={0x84, &(0x7f0000000780)=ANY=[@ANYBLOB="001701000000f3e37f0ce2b5ddbc40e29f023819d42c702dabd99abfa296a1f9d8ae0e734456daae9a6162d90f000936c8ddafc30da382be708037da"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r2, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000200)={0x0, 0x7, 0x14, "c41d21447228b20bbf83c90a1e23ac6084afd8f6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x0, 0x0, 0x32314752, 0x0, 0x0, 0xfffffffc}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
openat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000)={0x149842}, 0x68)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000280)=0x10)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="18080000d0ff00000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a0000000000008500000006000000950000000000000051f658ff617cb7b8dde00b302616ce6b1fe1828bd34dd9b9a23e2f2cd8fdfb214c11ee546271b913e024cdfed03133d1ed8285116d2e7f89277801c4ffda73529bf17abe53cf21fd72876384fa708fca93ea295d7bc913e30119defa7dd964fe66c2285dcf7c22140eeab76801ccf02e1b95752b892d5eaadab74b4f8e7bd627d909000000000000beabc1027fa3b8d174b5f8bb56e7a89f79cb71cf25821ed2f6b08206df4782dd13727a4687cf00fa228b2a7905281e0c2a077af0c7d3f1a31403a5b3c1bfd232c2fc5852695b37e093686f57b162dc2ac612280496a594b59eb264013027f8a63ea8498e6df27cbe1c5a06bba3"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
mkdirat(r5, &(0x7f0000000200)='./bus/file0\x00', 0x152)
renameat2(r5, &(0x7f0000000240)='./bus/file0\x00', r5, &(0x7f00000001c0)='./file0\x00', 0x0)
creat(0x0, 0x0)
r6 = socket$kcm(0x10, 0x1, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket(0x2, 0x3, 0x1)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000080)='batadv_slave_1\x00', 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b4307000001", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0, 0x0, 0x0, 0xfffd}}}}}, 0x0)
sendmsg$kcm(r6, &(0x7f00000002c0)={0x0, 0x20, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)

16m47.620362594s ago: executing program 2 (id=2833):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_emit_ethernet(0x22, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000140000000000739078ac1414bbac141435e185cbd78c5ba924f939f7e24b75ca058412abec679b6f8610bc9d315a06147bfd8ebeb8cd3a1569b5e9deb498f4da7a"], 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/mem_sleep', 0x102, 0x0)
sendfile(r4, r4, 0x0, 0x6)
openat$audio1(0xffffffffffffff9c, 0x0, 0x129202, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
preadv(r5, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x114a, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000a80)={'dummy0\x00', <r6=>0x0})
r7 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000040)={0x1d, r8, 0x3}, 0x18)
sendmmsg$unix(r7, &(0x7f0000001080)=[{{&(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000240)="1a", 0x1}], 0x1, 0x0, 0x0, 0x4000010}}, {{&(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x80)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d616373656300001400028005000d000000000005000c000000000008000500", @ANYRES32=r6], 0x4c}}, 0x0)

16m47.309702418s ago: executing program 2 (id=2838):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs_stats\x00')
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc2)
lseek(r2, 0xfffffffffffffffe, 0x4)
getdents64(r1, &(0x7f0000000040)=""/52, 0x34)
getdents64(r1, 0xfffffffffffffffe, 0x29)

16m46.469753704s ago: executing program 34 (id=2838):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs_stats\x00')
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc2)
lseek(r2, 0xfffffffffffffffe, 0x4)
getdents64(r1, &(0x7f0000000040)=""/52, 0x34)
getdents64(r1, 0xfffffffffffffffe, 0x29)

10m25.456249594s ago: executing program 4 (id=3920):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000004f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0xfffffe01, 0x0, 0x4, 0x16, "000080f10000000000000000000300"})
r3 = syz_open_pts(r2, 0x801)
r4 = dup3(r3, r2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x15)
write$UHID_INPUT(r4, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)
recvmmsg(r1, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x3, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r6}, 0x38)
close(r1)
unshare(0x4000400)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f0000000140)=@abs, 0x6e)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x3a}, @l2cap_cid_signaling={{0x36}, [@l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x1, 0x40}}, @l2cap_move_chan_rsp={{0xf, 0x0, 0x4}, {0x2, 0x4}}, @l2cap_conn_rsp={{0x3, 0x10, 0x8}, {0x4, 0xfffe, 0x2, 0x9}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x8001}}, @l2cap_conn_req={{0x2, 0x10, 0x4}, {0x8, 0x2}}, @l2cap_conn_rsp={{0x3, 0x81, 0x8}, {0x7, 0xffd3, 0x3}}]}}, 0x3f)

10m21.686857417s ago: executing program 4 (id=3932):
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x3)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
write$P9_RCREATE(r0, &(0x7f0000000100)={0x18, 0x73, 0x1, {{0x40, 0x3, 0x1}, 0xffffffff}}, 0x18)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x1, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)
r2 = openat$cgroup_ro(r0, &(0x7f0000000580)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000be02e708cf100355678f0102030109022d00010806007c0904bc0003e404ac000905040310"], 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r3, 0x5408, &(0x7f0000000080)={0x49de, 0x3, 0x0, 0xc003, 0x0, "f1870d07f2cf8baf"})
write$binfmt_aout(r3, &(0x7f0000000240)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x5, 0x7, 0x2, 0xf, "1000a817b67bc2c95a5947388e9c00"})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a01080000000000000000030000200900010073797a310000000014000000020a0104000000000000000007000000540000001f0a030000000000000000000300000008000340000000000900010073797a31000000000900020073797a30000000000c0006"], 0xb0}}, 0x0)
r5 = syz_open_pts(r3, 0x0)
r6 = dup3(r5, r3, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000001040)={0xfc, {"a2e3ad21ed0d09f91b45090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f330063090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a6d5e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210380106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b07c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r8, 0x12, 0x0, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x17)

10m17.98632718s ago: executing program 4 (id=3950):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="240000001800e308000000000010000002180000ff0800060000000008000100ac1414"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0100eaffffff0000000097200000"], 0x14}, 0x1, 0xf000, 0x0, 0x8c1}, 0x20040)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001040)='net/rt_cache\x00')
lseek(r2, 0xae7d, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='io_uring_register\x00', r4, 0x0, 0xffff}, 0x18)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r6, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4004014}, 0x4000000)
sendto(r5, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0), 0x41, 0x2, 0x0)
r7 = socket(0x10, 0x400000000080803, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0x4, 0x0, 0x45, 0xfffffffe, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})

10m17.404694849s ago: executing program 4 (id=3953):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040)=0x1, 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x14) (async)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2) (async)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa8022, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000080)={0x1d, r3}, 0x10, &(0x7f0000000340)={&(0x7f00000005c0)=@canfd={{}, 0x39, 0x3, 0x0, 0x0, "0e7692fddc9d8ba5a0ac79669b2947a81f2e3c8973fc2af2a7fa10b9126ea28baed9b57d82ab23db557c307a0000a9c6c68d7693af9e9920f0ac97b87f8c925a"}, 0x48}, 0x2, 0x0, 0x0, 0xc00}, 0x6048081)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffeab)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x29)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
mknodat(r6, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) (async)
mknodat(r6, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00') (async)
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r6, &(0x7f00000001c0)='./file1\x00', r6, &(0x7f0000000280)='./file0\x00', 0x1400) (async)
linkat(r6, &(0x7f00000001c0)='./file1\x00', r6, &(0x7f0000000280)='./file0\x00', 0x1400)
unlink(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a"], 0xb8}}, 0x0)
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x4, &(0x7f00000002c0)={@local={0xac, 0x2, 0x44, 0xa}, @private=0x5000000}, 0xc)
r8 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x18, 0x0)
landlock_restrict_self(r8, 0x0) (async)
landlock_restrict_self(r8, 0x0)

10m17.026340483s ago: executing program 4 (id=3955):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x6a)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
ioperm(0x0, 0x6, 0x8000000000004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r4, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000080)={r4, r7})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000180)={r6, r7, 0x1})

10m16.722287794s ago: executing program 4 (id=3958):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000007"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

10m15.709206838s ago: executing program 35 (id=3958):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000007"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3m47.560990531s ago: executing program 7 (id=5156):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup(0x3af9, &(0x7f0000000280)={0x0, 0x4e9e, 0x1, 0x0, 0x7a, 0x0, r2})
socket(0x40000000015, 0x5, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0xffffffffffff6810, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
pread64(r3, 0x0, 0x0, 0xce2)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x8, 0x3}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
pipe2(&(0x7f00000001c0)={<r5=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r5, 0x408, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x1000, 0x0)
get_mempolicy(0x0, &(0x7f0000000200), 0x4d5, &(0x7f0000ffb000/0x3000)=nil, 0x2)
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x401, 0x1f5, 0x0, 0x0, {0x0, 0x0, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffff, 0xfffc, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000dfff00"}})
ioctl$BLKTRACESTART(r0, 0x1274, 0x0)
epoll_create1(0x0)

3m46.496547849s ago: executing program 7 (id=5160):
r0 = syz_io_uring_setup(0x304, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x6, 0xdf}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r4, 0x0, 0x14)
ioctl$SNDCTL_SEQ_PANIC(r5, 0x5111)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x50, 0x0, @fd_index=0xa, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2001, 0x2})
r7 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f0000000100))
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
r9 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$dsp(r8, &(0x7f00000004c0)='\x00', 0x1)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r9, 0xc0884113, &(0x7f0000000240)={0x1, 0x2000002, 0x0, 0x80000000008, 0x8000000000000000, 0xb, 0xfffdfffffffffffd, 0x2000b, 0x2000b, 0x1, 0xfffffffd, 0x2})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

3m45.832287468s ago: executing program 7 (id=5163):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="1800128008"], 0x40}, 0x1, 0x4c00000000000000}, 0x0)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast2, @local}, 0xc)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r5, 0xae9a)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x1, 0x2004c8, 0x108000000, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x4]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

3m44.5571347s ago: executing program 7 (id=5170):
syz_clone3(&(0x7f0000000400)={0x107345080, 0x0, 0x0, &(0x7f0000000140), {0x3c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000180000000000000000000000711207000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='cmdline\x00')
read$FUSE(r0, &(0x7f0000002900)={0x2020}, 0x2020)
open_tree(r0, &(0x7f00000000c0)='./file0/../file0\x00', 0x801)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
open_tree(r1, &(0x7f00000001c0)='./file0/file0\x00', 0x1)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0xc1, &(0x7f0000000240)={[{@index_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@index_on}, {@metacopy_off}, {@xino_auto}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@xino_on}, {@volatile}, {@verity_require}, {@verity_on}], [{@appraise_type}, {@appraise_type}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@obj_role={'obj_role', 0x3d, '[$:#'}}]})

3m44.382734033s ago: executing program 7 (id=5171):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002600)={0x2020}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0xc000)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0xfffffffa)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x11, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x6}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x4}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x6}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x4, 0x6}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x9}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x6}, {}, {}, {0x18, 0x6, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3m44.152811933s ago: executing program 7 (id=5172):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}})

3m43.881821463s ago: executing program 36 (id=5172):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}})

12.410420223s ago: executing program 6 (id=5702):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, &(0x7f0000000300))
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$char_usb(r2, &(0x7f00000001c0)=""/4068, 0xfe4)

11.500396884s ago: executing program 6 (id=5705):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000001600156fdf64b505e800000000000000", @ANYRES32=0x0], 0x18}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xaece, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000050c0)={&(0x7f0000000140)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
preadv(r2, &(0x7f0000000180), 0x5f, 0x0, 0x0)
iopl(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1200000009000000080000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000008000000100000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r4, r5, 0x6, 0x0, @void}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x2)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r8=>0x0})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r10=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="4c0000001000030400003f970266000000000000", @ANYRES32=0x0, @ANYBLOB="15020000000000001c00128009000100766c616e000000000c0002800600010000000000080005", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r10, @ANYBLOB], 0x4c}, 0x1, 0xba01}, 0x0)

7.758030098s ago: executing program 9 (id=5710):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$inet(0x2, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x113b4850, 0x4000)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$IOC_PR_RELEASE(r0, 0x401070ca, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7ff, 0x800, 0x0, 0x12, 0x4, 0x0, "c9de5578150b0908ad01dc13473c003c69b594da321ca62766333c448ff2baefe4c2af3c073b614fbac0b258d2bd99e9f79998b409aafbcf4583db038d0742b4", "a94d840ccc6c71578b154bbb3f7b51547f66a4a0a606812df42d49a77a85b3a8c6fc1902cc861326218e64a4c4e5b24b6c122f52b527003564f6d0c842038ed9", "f60d27bb83a22fbea0ea46cb62da13e73499165b016daf8cedf9676ce8fa3ec6", [0xfffffffffffffffa, 0x8]})
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb08004500001c00000000001190780000008458069e0100000e21000890787c78"], 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = io_uring_setup(0x1588, &(0x7f00000003c0)={0x0, 0x9ea7, 0x80, 0x0, 0x9d})
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000140)=0x3, 0x4)
r5 = dup3(r3, r4, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000080)=r5, 0x1)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

6.823852126s ago: executing program 1 (id=5711):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r2, 0x0, 0x2e, &(0x7f0000000480)={0x3, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @loopback}}}, 0x108)
r3 = socket(0x11, 0x800000003, 0x0)
r4 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x5b, 0x2, {{0x2, [], 0x0, [0x4, 0x2], [0x0, 0x4]}, [@TCA_MQPRIO_MODE={0x6, 0x4}]}}}]}, 0x90}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=@newlink={0x34, 0x10, 0xc362e63b3f31ba5f, 0x6000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80e1}, [@IFLA_GROUP={0x8}, @IFLA_BROADCAST={0xa, 0x2, @broadcast}]}, 0x34}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f00000000c0)={0x2, 'lo\x00', {0x482ce658}, 0x30})

6.820016817s ago: executing program 8 (id=5712):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x7593, 0x2, 0x0)
futex_waitv(&(0x7f0000002940)=[{0x0, &(0x7f0000001000), 0x82}, {0x0, &(0x7f0000001040), 0x82}, {0x0, &(0x7f0000001080), 0x82}, {0x0, &(0x7f00000010c0), 0x82}, {0x0, &(0x7f0000001100), 0x82}, {0x0, &(0x7f0000001140), 0x82}, {0x0, &(0x7f0000001180)}, {0x0, &(0x7f00000011c0)}, {0x0, &(0x7f0000001200)}, {0x0, &(0x7f0000001240)}, {0x0, &(0x7f0000001280)}, {0x0, &(0x7f00000012c0)}, {0x0, &(0x7f0000001300)}, {0x0, &(0x7f0000001340)}, {0x0, &(0x7f0000001380)}, {0x0, &(0x7f00000013c0)}, {0x0, &(0x7f0000001400)}, {0x0, &(0x7f0000001440)}, {0x0, &(0x7f0000001480)}, {0x0, &(0x7f00000014c0)}, {0x0, &(0x7f0000001500)}, {0x0, &(0x7f0000001540)}, {0x0, &(0x7f0000001580)}, {0x0, &(0x7f00000015c0)}, {0x0, &(0x7f0000001600)}, {0x0, &(0x7f0000001640)}, {0x0, &(0x7f0000001680)}, {0x0, &(0x7f00000016c0)}, {0x0, &(0x7f0000001700)}, {0x0, &(0x7f0000001740)}, {0x0, &(0x7f0000001780)}, {0x0, &(0x7f00000017c0)}, {0x0, &(0x7f0000001800)}, {0x0, &(0x7f0000001840)}, {0x0, &(0x7f0000001880)}, {0x0, &(0x7f00000018c0)}, {0x0, &(0x7f0000001900)}, {0x0, &(0x7f0000001940)}, {0x0, &(0x7f0000001980)}, {0x0, &(0x7f00000019c0)}, {0x0, &(0x7f0000001a00)}, {0x0, &(0x7f0000001a40)}, {0x0, &(0x7f0000001a80)}, {0x0, &(0x7f0000001ac0)}, {0x0, &(0x7f0000001b00)}, {0x0, &(0x7f0000001b40)}, {0x0, &(0x7f0000001b80)}, {0x0, &(0x7f0000001bc0)}, {0x0, &(0x7f0000001c00)}, {0x0, &(0x7f0000001c40)}, {0x0, &(0x7f0000001c80)}, {0x0, &(0x7f0000001cc0)}, {0x0, &(0x7f0000001d00)}, {0x0, &(0x7f0000001d40)}, {0x0, &(0x7f0000001d80)}, {0x0, &(0x7f0000001dc0)}, {0x0, &(0x7f0000001e00)}, {0x0, &(0x7f0000001e40)}, {0x0, &(0x7f0000001ec0)}, {0x0, &(0x7f0000001f00)}, {0x0, &(0x7f0000001f40)}, {0x0, &(0x7f0000001f80)}, {0x0, &(0x7f0000001fc0)}, {0x0, &(0x7f0000002000)}, {0x0, &(0x7f0000002040)}, {0x0, &(0x7f0000002080)}, {0x0, &(0x7f00000020c0)}, {0x0, &(0x7f0000002100)}, {0x0, &(0x7f0000002140)}, {0x0, &(0x7f0000002180)}, {0x0, &(0x7f00000021c0)}, {0x0, &(0x7f0000002200)}, {0x0, &(0x7f0000002240)}, {0x0, &(0x7f0000002280)}, {0x0, &(0x7f00000022c0)}, {0x0, &(0x7f0000002300)}, {0x0, &(0x7f0000002340)}, {0x0, &(0x7f0000002380)}, {0x0, &(0x7f00000023c0)}, {0x0, &(0x7f0000002400)}, {0x0, &(0x7f0000002440)}, {0x0, &(0x7f0000002480)}, {0x0, &(0x7f00000024c0)}, {0x0, &(0x7f0000002500)}, {0x0, &(0x7f0000002540)}, {0x0, &(0x7f0000002580)}, {0x0, &(0x7f00000025c0)}, {0x0, &(0x7f0000002600)}, {0x0, &(0x7f0000002640)}, {0x0, &(0x7f0000002680)}, {0x0, &(0x7f00000026c0)}, {0x0, &(0x7f0000002700)}, {0x0, &(0x7f0000002740)}, {0x0, &(0x7f0000002780)}, {0x0, &(0x7f00000027c0)}, {0x0, &(0x7f0000002800)}, {0x0, &(0x7f0000002840)}, {0x0, &(0x7f0000002880)}, {0x0, &(0x7f0000003380)}, {0x0, &(0x7f0000002900)}], 0x64, 0x0, &(0x7f0000003300), 0x1)

6.699508581s ago: executing program 6 (id=5713):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioperm(0x0, 0x6, 0x8000000000004)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640), 0x0, 0x0})
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, 0x0, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000180)={r5, r6, 0x1})

6.642342317s ago: executing program 9 (id=5714):
r0 = openat$audio1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000340)={&(0x7f00000002c0)=[0x0, 0x0, <r2=>0x0, 0x0, 0x0], 0x5})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[<r3=>0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x3, 0xa, 0x9})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000500)={r2, 0x0, r3, 0x0, 0x0, 0x7, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff000000000000ffff0008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee100000deff0000000200000000", 0x58}], 0x1)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x200000)
ioctl$EVIOCGBITSND(r5, 0x80404532, &(0x7f0000000100)=""/234)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
read$FUSE(r7, &(0x7f0000002080)={0x2020}, 0x2020)
r8 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_script(r8, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'llTR'}, {0x20, 'ax\xe8\x9b^\xfb^$\r\'uij\r\xd9\xef\xd2Et^Q\v\x9fOFL\x95`Z\xae\xc3a\xfe%\x94\x1a\xebt\xc6\x06\x8fD,\xf7\xae#\x80\x80\xdf\xa3\xcaO\xc6\x8a\x91\x90\xadR\aW\xe1\xf3n\xca\xa3\x8f\xd6F\x03\x0e\x9b\xe5yb\xfc\xa19wUs\x83\xf1{&\n\x1d\x8e\x82y\x1a.B\x0e\xea\x17\xc7\xe7H\xa9\xd4\x8e\xe7 gD\x89*\xb5c<d\x1f\\\x10$o\x93\x02\x9c@\x9ddt\x8c\x875\xf7@\x9aM\xa3j\xfa\x1f\xe5\x81\xc9u<\xf0?w8P>\xc5\x8a\xe6R\xe5YGq\xf5\xb6\x95\xbc\x112\x9bno\xc8\x06\xb6\b\xcc\x03{Sn\x94G\x01\xb4\xffJQ8t\x99vY\xaaf\xc7,\x9f\xbb\x15G\x1cr\x19\xef\xab\n\xa8\xbc\xbd\xa2E\x16\x1cm\xbd=\x98\x7fU\xcbg\x15%\x95\xb11\x017\x83*\x14\xcbt\xc2\xcb\x04\x1e~?\xb9j\x18\x96\x84EA\xeaB\a\x83\xba\xdco<\x00'/256}]}, 0x111)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
remap_file_pages(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x7000008, 0x3, 0x10)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r9, 0x84, 0x6, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e23, @loopback}}}, 0x84)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r10=>r5}, './file0\x00'})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32=r10, @ANYBLOB="170000000010000000000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000000)=0x1)
pselect6(0x40, &(0x7f0000000300)={0x0, 0x3f7fffffffffffff, 0x0, 0x8000000000000001}, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc, 0xa3, 0x8f, 0x40, 0x13d8, 0x11, 0xd062, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa6, 0x1, 0x56}}]}}]}}, 0x0)
socket$kcm(0x29, 0x5, 0x0)

6.208637978s ago: executing program 1 (id=5715):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, &(0x7f0000000300))
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$char_usb(r2, &(0x7f00000001c0)=""/4068, 0xfe4)

6.126642291s ago: executing program 3 (id=5716):
syz_io_uring_setup(0x304, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x6, 0xdf}, &(0x7f0000000100), &(0x7f0000000140)=<r0=>0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r2, 0x0, 0x14)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x50, 0x0, @fd_index=0xa, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000100))

5.930092772s ago: executing program 1 (id=5717):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec8500000050000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1)

5.694978118s ago: executing program 1 (id=5718):
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x109000)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r4 = syz_open_procfs(0x0, &(0x7f0000000500)='net/protocols\x00')
pread64(r4, &(0x7f00000001c0)=""/145, 0x91, 0xffff)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000580)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x3, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x9, 0x0, [<r7=>0x0], [0xff, 0x0, 0x39a], [], [0x100000001]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000500), 0x4)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000200)={r6, 0x4000, 0x0, 0x5, 0x0, [], [], [], [0x0, 0x8]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r8})

5.00959228s ago: executing program 3 (id=5719):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x27b8, 0x1ed, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io$hid(r0, &(0x7f00000006c0)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="002208000000aa8cc8a9"], 0x0}, 0x0)

4.898387183s ago: executing program 1 (id=5720):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0305602, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newae={0x64, 0x1e, 0x101, 0x70bd2b, 0x25dfdbfb, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d5, 0xa, 0x2b}, @in=@local, 0x6, 0x34ff}, [@lifetime_val={0x24, 0x9, {0x786, 0x1, 0xfffffffffffffe00, 0x9}}]}, 0x64}}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000640)={0xa, 0x0, 0x80, @private2, 0x5597bac7}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a01de00000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000000c0a09030000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c000080080003400000000214000000110001"], 0xc0}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

3.894325482s ago: executing program 8 (id=5721):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x5, [@type_tag={0x1, 0x0, 0x0, 0x12, 0x5}, @const={0x2, 0x0, 0x0, 0xa, 0x3}]}, {0x0, [0x5f, 0x0, 0x30]}}, &(0x7f0000000180)=""/11, 0x35, 0xb, 0x0, 0x7, 0x10000, @value=r0}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000680)=@framed={{}, [@jmp={0x5, 0x1, 0x4, 0x4, 0x1, 0xfffffffffffffffe, 0x1}], {0x95, 0x0, 0x700}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xc, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.74416318s ago: executing program 1 (id=5722):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f0b00d3edb2a4a2809302060000fd41fe0102f8ffff09000f0002002800000019002dfd7fffffff0022de1330d54400009b84136ef75afb83de066a5900fbbaac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

3.651241932s ago: executing program 8 (id=5723):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000001600156fdf64b505e800000000000000", @ANYRES32=0x0], 0x18}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xaece, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000050c0)={&(0x7f0000000140)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
preadv(r2, &(0x7f0000000180), 0x5f, 0x0, 0x0)
iopl(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1200000009000000080000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000008000000100000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r4, r5, 0x6, 0x0, @void}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x2)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r8=>0x0})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r10=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="4c0000001000030400003f970266000000000000", @ANYRES32=0x0, @ANYBLOB="15020000000000001c00128009000100766c616e000000000c0002800600010000000000080005", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r10, @ANYBLOB], 0x4c}, 0x1, 0xba01}, 0x0)

3.414264828s ago: executing program 9 (id=5724):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setresgid(0x0, 0xee00, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mount(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
r3 = inotify_init1(0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setown(r3, 0x8, r4)
fcntl$getownex(r3, 0x10, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000280)=""/252, 0xfc, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500006000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000022c0)=""/4107, &(0x7f00000000c0)=0x100b)
socket$inet6(0xa, 0xa, 0x8)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), r6)
sendmsg$NLBL_UNLABEL_C_STATICADD(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x58, r7, 0x1, 0x0, 0x0, {0x4}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wlan1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x58}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

3.305889545s ago: executing program 6 (id=5725):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000001080)={0x400, 0x300, 0x0, 0x384, 0x0, 0x0, 0x0, 0x1, {0x0, 0xfffffffc}, {}, {0x0, 0x9}, {}, 0x3, 0x3f0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x3, 0x761a, 0x0, 0x0, 0x0, 0x10, 0x1, 0x0, 0x1})
socket$nl_rdma(0x10, 0x3, 0x14)
socket$inet(0x2, 0x2, 0x0)
socket(0x2b, 0x80801, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$key(0xf, 0x3, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000700)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r3, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {0xffe0}, {}, {0xa, 0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

3.142734083s ago: executing program 8 (id=5726):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
set_tid_address(&(0x7f0000000380))
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)
r2 = socket$xdp(0x2c, 0x3, 0x0)
close_range(r2, r2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bd2)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
gettid()
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x2)
write$cgroup_int(r4, &(0x7f0000000040)=0x1f00, 0x12)

2.402894877s ago: executing program 9 (id=5727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_SET(r1, 0x5452, &(0x7f0000000500)={0x1c, 0x2d, 0x0, 0x6, 0x9, 0x2006, 0xffffffff, 0x0, 0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = getuid()
setfsuid(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@newtfilter={0x64, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x3}, {0x6}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_vlan={0x30, 0x9, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004c885}, 0x4008000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bb000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x46, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, @void, @value}, 0x94)
shmget$private(0x0, 0x2000, 0x8, &(0x7f0000ffd000/0x2000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='ext2\x00', 0x0, 0x0)

2.226220834s ago: executing program 3 (id=5728):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="240000001800e308000000000010000002180000ff0800060000000008000100ac1414"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[], 0x14}, 0x1, 0xf000, 0x0, 0x8c1}, 0x20040)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001040)='net/rt_cache\x00')
lseek(r2, 0xae7d, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x6acf, &(0x7f0000000940), &(0x7f00000009c0), &(0x7f00000003c0))
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r5, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4004014}, 0x4000000)
sendto(r4, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000037c0), 0x41, 0x2, 0x0)
r6 = socket(0x10, 0x400000000080803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0x4, 0x0, 0x45, 0xfffffffe, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})

2.100707746s ago: executing program 9 (id=5729):
syz_io_uring_setup(0x304, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x6, 0xdf}, &(0x7f0000000100), &(0x7f0000000140)=<r0=>0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
read$midi(r2, 0x0, 0x14)
ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5111)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x50, 0x0, @fd_index=0xa, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000100))

1.994771188s ago: executing program 8 (id=5730):
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x109000)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r4 = syz_open_procfs(0x0, &(0x7f0000000500)='net/protocols\x00')
pread64(r4, &(0x7f00000001c0)=""/145, 0x91, 0xffff)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000580)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x3, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x9, 0x0, [<r7=>0x0], [0xff, 0x0, 0x39a], [], [0x100000001]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000500), 0x4)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000200)={r6, 0x4000, 0x0, 0x5, 0x0, [], [], [], [0x0, 0x8]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r8})

1.908714972s ago: executing program 3 (id=5731):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff51, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0xeb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='rpcgss_upcall_result\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r3, 0x4b2f, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000480), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_IO(r6, 0x2285, 0x0)
ioctl$sock_inet_SIOCDARP(r6, 0x8953, &(0x7f0000000380)={{0x2, 0x4e22, @rand_addr=0x64010100}, {0x1, @remote}, 0x46, {0x2, 0x4e20, @local}, 'syz_tun\x00'})
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000280)="94b1942b512f966ed60446009ca136ba7271cab1e4db02ee2fb92c1bf57856f6aa2d44e5a2090d2de3898c20329bfcb4ccad5958499c0c9b2fa81517ca788f9e32e494be2af8b4632aca2d9ef1bc8f298a630ab5b351baf17a060bba3f50a896a32d7790647daa3c88287851d5a59cc5e9bf84b2fe00a47a31c0acd144c003a3eddf49afe4bd45892411108315133ee22ae21dbc40cd5981eb56bbf2a7d4997e18919828d429016d3c4f925ffe1ed6ea96f4daed9daa3b499ce6d2442cba", 0xbe)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4)

1.907192936s ago: executing program 6 (id=5732):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000040)=ANY=[@ANYBLOB="efc08ae72aeb18a56728bf671f7195bb234e8f972a358ecbb3b7914479f40470454921f278818f103baa52a7033b526dce4a26db8e5cb4aa062f113dc8454285e3193ab9fd05139e273fb59eb43bc0efb24f75cb2968755b2bc2aff95f91dcfd4cfbaa94f4cf4901b8f578590edf9cfa6219df7c2ed62b5f1387fc1be0d8b471e9b0ee66ad0802feb41372ea4223ab9c7233eadac08f76ec5c1b6eef85c1c4e82dec7058e9ce705743f0069f2cbca7be07715e0b92aad5e85d1334b6fdb96a247d13fdf04af348c7cd5e8f0a461658831ac6cf23ae725cf064144b2dac34"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x1}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.650217172s ago: executing program 6 (id=5733):
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000640)=0x8000)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x20c3, 0x1ef)
socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000000780)={0x268, 0x0, 0x5, 0x201, 0x0, 0x0, {0xa}, [{{0x254, 0x1, {{0x2}, 0x6, 0x8, 0x9c4b, 0xd, 0x5, 'syz1\x00', "e97edabbdb8cebcd0f590c6b6879ef3fc9d8811814cb58467663170ca15a633f", "2ad9a41f64e22372604e69351f2a69605b69e4008d76699c34905a2b806e5b78", [{0x5, 0x6, {0x0, 0x100000}}, {0x4, 0x1, {0x2, 0x9}}, {0x7fff, 0x7, {0x1, 0x4}}, {0x45, 0x8, {0x2, 0x9}}, {0x1, 0x4, {0x0, 0xfffffffa}}, {0x1, 0x401, {0x2, 0x1}}, {0x4, 0x8000, {0x1, 0x5}}, {0x4, 0x3, {0x2, 0x100}}, {0x3, 0x2, {0x3}}, {0x9, 0x3, {0x2, 0xb59e}}, {0x4, 0x1, {0x1, 0x2}}, {0x7, 0x4, {0x3, 0x2}}, {0xff2f, 0xb4, {0x0, 0xfffffff7}}, {0x7, 0x1ff, {0x2, 0x5}}, {0x2, 0x3, {0x3, 0x9}}, {0x3f23, 0xc88, {0x2, 0x2}}, {0x3, 0x5, {0x0, 0xe07}}, {0x1ff, 0x34c, {0xab308ca82cf2388e, 0x8000}}, {0x5, 0x3, {0x2, 0xfff}}, {0x20, 0xb, {0x0, 0x7}}, {0x6, 0x0, {0x2, 0x5}}, {0x8, 0x5, {0x1, 0x8}}, {0xe75, 0x758, {0x2, 0xffffff81}}, {0x1, 0x5, {0x1, 0x9}}, {0x9, 0x7, {0x1, 0x3}}, {0x18, 0x20, {0x3, 0x7}}, {0xf3, 0x0, {0x2, 0xfffffe01}}, {0xa, 0xf094, {0x2, 0x4}}, {0x10c, 0x0, {0x1, 0x6}}, {0x6, 0x8001, {0x1, 0x5}}, {0x1000, 0x5, {0x3, 0x6}}, {0x7ff, 0x3, {0x1, 0x10}}, {0xfff9, 0x1, {0x3, 0x7}}, {0x5, 0x6, {0x3, 0x682}}, {0x1, 0x8001, {0x0, 0x1}}, {0x5, 0x1, {0x0, 0x7}}, {0x27a3, 0x4, {0x1, 0x9}}, {0x1, 0x0, {0x3, 0x1}}, {0x2, 0x4, {0x2, 0xdfc9}}, {0x1000, 0xb71e, {0x1, 0xfffffff9}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, &(0x7f0000000100)={0x0})

391.370052ms ago: executing program 3 (id=5734):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="d800000018007b7be00212ba0d0505040a003f00000f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b3162700e06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5005ccca262f3d40fad95667e04adcdf63cc1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e0700000004000000", 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0)

340.554597ms ago: executing program 8 (id=5735):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioperm(0x0, 0x6, 0x8000000000004)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640), 0x0, 0x0})
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, 0x0, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000180)={r5, r6, 0x1})

282.991093ms ago: executing program 9 (id=5736):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102394, 0x18ffa)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @local}, 0x0, 0x0, 0x4, 0x4}}, 0x26)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x58008, &(0x7f0000001080)=ANY=[@ANYRESOCT=r2, @ANYRESOCT=r1, @ANYRES32=r2, @ANYRESOCT=0x0, @ANYRES64=r1, @ANYRESHEX, @ANYRESOCT=r0, @ANYRESOCT=r2, @ANYRES16=r1, @ANYRES32, @ANYRES32=r1])
syz_io_uring_setup(0x1e1e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
creat(&(0x7f0000000300)='./bus\x00', 0x15d)
r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe)
r6 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r6, &(0x7f0000001b00)={0x2020}, 0x2020)
ftruncate(r5, 0x2008002)
sendfile(r4, r5, 0x0, 0x80000001)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
gettid()

0s ago: executing program 3 (id=5737):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setresgid(0x0, 0xee00, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mount(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
r3 = inotify_init1(0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setown(r3, 0x8, r4)
fcntl$getownex(r3, 0x10, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000280)=""/252, 0xfc, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500006000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000022c0)=""/4107, &(0x7f00000000c0)=0x100b)
socket$inet6(0xa, 0xa, 0x8)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), r6)
sendmsg$NLBL_UNLABEL_C_STATICADD(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x58, r7, 0x1, 0x0, 0x0, {0x4}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wlan1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x58}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

kernel console output (not intermixed with test programs):

[T21469] devtmpfs: Too few inodes for current use
[ 1571.494130][T21483] fuse: Bad value for 'rootmode'
[ 1574.513987][T21514] openvswitch: netlink: Port -1 exceeds max allowable 65535
[ 1574.722296][T21514] overlayfs: failed to clone upperpath
[ 1575.572730][T21525] devtmpfs: Too few inodes for current use
[ 1576.391351][T21535] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4453'.
[ 1576.430269][T21535] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4453'.
[ 1580.274102][T21574] devtmpfs: Too few inodes for current use
[ 1580.913507][T21583] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4467'.
[ 1580.955453][T21583] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4467'.
[ 1583.770095][T21627] FAULT_INJECTION: forcing a failure.
[ 1583.770095][T21627] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1583.830408][T21627] CPU: 0 UID: 0 PID: 21627 Comm: syz.7.4481 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1583.830426][T21627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1583.830433][T21627] Call Trace:
[ 1583.830438][T21627]  <TASK>
[ 1583.830442][T21627]  dump_stack_lvl+0x241/0x360
[ 1583.830464][T21627]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1583.830479][T21627]  ? __pfx__printk+0x10/0x10
[ 1583.830494][T21627]  ? __pfx_lock_release+0x10/0x10
[ 1583.830511][T21627]  should_fail_ex+0x40a/0x550
[ 1583.830525][T21627]  _copy_from_user+0x2d/0xb0
[ 1583.830536][T21627]  memdup_user+0x64/0xc0
[ 1583.830550][T21627]  strndup_user+0x68/0xc0
[ 1583.830564][T21627]  bpf_uprobe_multi_link_attach+0x329/0xdd0
[ 1583.830581][T21627]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[ 1583.830594][T21627]  ? __fget_files+0x395/0x410
[ 1583.830609][T21627]  ? bpf_prog_attach_check_attach_type+0x42c/0x4f0
[ 1583.830624][T21627]  link_create+0x6d7/0x870
[ 1583.830638][T21627]  __sys_bpf+0x4bc/0x810
[ 1583.830649][T21627]  ? __pfx___sys_bpf+0x10/0x10
[ 1583.830665][T21627]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1583.830678][T21627]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1583.830690][T21627]  ? do_syscall_64+0x100/0x230
[ 1583.830706][T21627]  __x64_sys_bpf+0x7c/0x90
[ 1583.830716][T21627]  do_syscall_64+0xf3/0x230
[ 1583.830728][T21627]  ? clear_bhb_loop+0x35/0x90
[ 1583.830743][T21627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1583.830755][T21627] RIP: 0033:0x7f637598cde9
[ 1583.830764][T21627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1583.830772][T21627] RSP: 002b:00007f6376835038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1583.830784][T21627] RAX: ffffffffffffffda RBX: 00007f6375ba6080 RCX: 00007f637598cde9
[ 1583.830791][T21627] RDX: 000000000000003c RSI: 00004000000012c0 RDI: 000000000000001c
[ 1583.830797][T21627] RBP: 00007f6376835090 R08: 0000000000000000 R09: 0000000000000000
[ 1583.830803][T21627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1583.830809][T21627] R13: 0000000000000000 R14: 00007f6375ba6080 R15: 00007ffd10205ae8
[ 1583.830823][T21627]  </TASK>
[ 1584.256831][T17938] Bluetooth: hci1: command 0x0406 tx timeout
[ 1587.427739][T21668] tmpfs: Cannot disable swap on remount
[ 1589.347614][T21691] devtmpfs: Too few inodes for current use
[ 1592.463581][T21715] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4509'.
[ 1592.614592][   T29] audit: type=1800 audit(1739396785.649:1719): pid=21715 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.4509" name="/" dev="9p" ino=2 res=0 errno=0
[ 1594.691935][   T29] audit: type=1326 audit(1739396787.729:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1595.233696][   T29] audit: type=1326 audit(1739396787.729:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1595.346943][   T29] audit: type=1326 audit(1739396787.729:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1595.627867][   T29] audit: type=1326 audit(1739396787.729:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1595.649586][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1596.426583][   T29] audit: type=1326 audit(1739396787.729:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1596.448343][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1596.711524][   T29] audit: type=1326 audit(1739396787.729:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1596.733696][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1596.815335][   T29] audit: type=1326 audit(1739396787.729:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1596.900312][   T29] audit: type=1326 audit(1739396787.729:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1596.948723][   T29] audit: type=1326 audit(1739396787.729:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21744 comm="syz.7.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f637598cde9 code=0x7ffc0000
[ 1599.751966][T21795] overlayfs: failed to clone upperpath
[ 1603.320397][T21853] netlink: 'syz.6.4549': attribute type 13 has an invalid length.
[ 1604.406238][T21862] overlayfs: failed to clone upperpath
[ 1605.515179][T21871] netlink: 'syz.7.4554': attribute type 72 has an invalid length.
[ 1605.525440][T21871] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4554'.
[ 1607.227235][T21888] openvswitch: netlink: IPv4 tun info is not correct
[ 1607.894747][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1609.592037][T21911] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4565'.
[ 1609.669595][   T29] kauditd_printk_skb: 58 callbacks suppressed
[ 1609.669613][   T29] audit: type=1326 audit(1739396802.709:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1609.697365][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1610.294906][   T29] audit: type=1326 audit(1739396802.709:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1610.361474][   T29] audit: type=1326 audit(1739396802.709:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1610.434087][   T29] audit: type=1326 audit(1739396802.709:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1610.665649][   T29] audit: type=1326 audit(1739396802.709:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1610.688115][   T29] audit: type=1326 audit(1739396802.709:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1610.711252][   T29] audit: type=1326 audit(1739396802.709:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1611.006746][T21928] netlink: 'syz.1.4567': attribute type 72 has an invalid length.
[ 1611.021447][T21928] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4567'.
[ 1611.241871][   T29] audit: type=1326 audit(1739396802.759:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1611.264565][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1611.357345][   T29] audit: type=1326 audit(1739396802.819:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1611.378981][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1611.400703][   T29] audit: type=1326 audit(1739396802.819:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21910 comm="syz.1.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f838eb8cde9 code=0x7ffc0000
[ 1614.403635][T21966] (unnamed net_device) (uninitialized): down delay (32768) is not a multiple of miimon (100), value rounded to 32700 ms
[ 1614.416614][T21966] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[ 1614.526637][T21966] SET target dimension over the limit!
[ 1617.282298][T21991] overlayfs: failed to clone upperpath
[ 1618.385013][T21998] 9pnet_fd: Insufficient options for proto=fd
[ 1622.624642][T22043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4601'.
[ 1633.754159][T22143] FAULT_INJECTION: forcing a failure.
[ 1633.754159][T22143] name failslab, interval 1, probability 0, space 0, times 0
[ 1633.793238][T22143] CPU: 0 UID: 0 PID: 22143 Comm: syz.8.4630 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1633.793266][T22143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1633.793277][T22143] Call Trace:
[ 1633.793285][T22143]  <TASK>
[ 1633.793293][T22143]  dump_stack_lvl+0x241/0x360
[ 1633.793326][T22143]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1633.793350][T22143]  ? __pfx__printk+0x10/0x10
[ 1633.793380][T22143]  ? __kmalloc_noprof+0xb5/0x4c0
[ 1633.793403][T22143]  ? __pfx___might_resched+0x10/0x10
[ 1633.793425][T22143]  should_fail_ex+0x40a/0x550
[ 1633.793449][T22143]  should_failslab+0xac/0x100
[ 1633.793470][T22143]  __kmalloc_noprof+0xdd/0x4c0
[ 1633.793490][T22143]  ? usb_hcd_submit_urb+0x8fc/0x1e80
[ 1633.793519][T22143]  usb_hcd_submit_urb+0x8fc/0x1e80
[ 1633.793546][T22143]  ? __asan_memset+0x23/0x50
[ 1633.793572][T22143]  ? __pfx_usb_hcd_submit_urb+0x10/0x10
[ 1633.793594][T22143]  ? __asan_memset+0x23/0x50
[ 1633.793616][T22143]  ? lockdep_init_map_type+0xa1/0x910
[ 1633.793639][T22143]  ? __pfx_lockdep_init_map_type+0x10/0x10
[ 1633.793663][T22143]  ? usb_submit_urb+0xe85/0x18c0
[ 1633.793693][T22143]  usbfs_start_wait_urb+0x141/0x410
[ 1633.793714][T22143]  ? __pfx_usbfs_start_wait_urb+0x10/0x10
[ 1633.793741][T22143]  ? snoop_urb+0x43/0x210
[ 1633.793758][T22143]  ? __kmalloc_cache_noprof+0x243/0x390
[ 1633.793784][T22143]  do_proc_control+0x9a4/0xfe0
[ 1633.793812][T22143]  ? __pfx_do_proc_control+0x10/0x10
[ 1633.793830][T22143]  ? __might_fault+0xaa/0x120
[ 1633.793870][T22143]  usbdev_ioctl+0x2d0b/0x6120
[ 1633.793886][T22143]  ? is_bpf_text_address+0x285/0x2a0
[ 1633.793905][T22143]  ? is_bpf_text_address+0x26/0x2a0
[ 1633.793930][T22143]  ? __kernel_text_address+0xd/0x40
[ 1633.793952][T22143]  ? unwind_get_return_address+0x4d/0x90
[ 1633.793974][T22143]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 1633.793989][T22143]  ? arch_stack_walk+0xfd/0x150
[ 1633.794022][T22143]  ? stack_trace_save+0x118/0x1d0
[ 1633.794042][T22143]  ? __pfx_stack_trace_save+0x10/0x10
[ 1633.794061][T22143]  ? stack_depot_save_flags+0x37/0x940
[ 1633.794089][T22143]  ? kasan_save_track+0x51/0x80
[ 1633.794103][T22143]  ? kasan_save_track+0x3f/0x80
[ 1633.794117][T22143]  ? kasan_save_free_info+0x40/0x50
[ 1633.794137][T22143]  ? __kasan_slab_free+0x59/0x70
[ 1633.794153][T22143]  ? kfree+0x196/0x430
[ 1633.794169][T22143]  ? tomoyo_path_number_perm+0x679/0x860
[ 1633.794189][T22143]  ? security_file_ioctl+0xc6/0x2a0
[ 1633.794210][T22143]  ? __se_sys_ioctl+0x46/0x170
[ 1633.794224][T22143]  ? do_syscall_64+0xf3/0x230
[ 1633.794244][T22143]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.794272][T22143]  ? do_vfs_ioctl+0xf07/0x2e40
[ 1633.794294][T22143]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1633.794313][T22143]  ? mark_lock+0x9a/0x360
[ 1633.794348][T22143]  ? tomoyo_path_number_perm+0x206/0x860
[ 1633.794375][T22143]  ? __pfx_lock_release+0x10/0x10
[ 1633.794398][T22143]  ? tomoyo_path_number_perm+0x679/0x860
[ 1633.794422][T22143]  ? tomoyo_path_number_perm+0x679/0x860
[ 1633.794447][T22143]  ? tomoyo_path_number_perm+0x6f9/0x860
[ 1633.794467][T22143]  ? __lock_acquire+0x1397/0x2100
[ 1633.794488][T22143]  ? tomoyo_path_number_perm+0x206/0x860
[ 1633.794509][T22143]  ? smack_log+0x10d/0x5c0
[ 1633.794532][T22143]  ? __pfx_smack_log+0x10/0x10
[ 1633.794550][T22143]  ? smk_access+0x4ab/0x4e0
[ 1633.794574][T22143]  ? smk_tskacc+0x300/0x370
[ 1633.794597][T22143]  ? smack_file_ioctl+0x2f7/0x3a0
[ 1633.794620][T22143]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1633.794646][T22143]  ? __fget_files+0x2a/0x410
[ 1633.794670][T22143]  ? __fget_files+0x2a/0x410
[ 1633.794693][T22143]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 1633.794712][T22143]  __se_sys_ioctl+0xf5/0x170
[ 1633.794730][T22143]  do_syscall_64+0xf3/0x230
[ 1633.794751][T22143]  ? clear_bhb_loop+0x35/0x90
[ 1633.794774][T22143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.794795][T22143] RIP: 0033:0x7ff045f8cde9
[ 1633.794810][T22143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1633.794824][T22143] RSP: 002b:00007ff043df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1633.794843][T22143] RAX: ffffffffffffffda RBX: 00007ff0461a5fa0 RCX: 00007ff045f8cde9
[ 1633.794855][T22143] RDX: 0000400000000040 RSI: 00000000c0185500 RDI: 0000000000000003
[ 1633.794866][T22143] RBP: 00007ff043df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1633.794877][T22143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1633.794887][T22143] R13: 0000000000000000 R14: 00007ff0461a5fa0 R15: 00007ffe79f459e8
[ 1633.794914][T22143]  </TASK>
[ 1634.571832][T22145] devtmpfs: Too few inodes for current use
[ 1636.669755][T22161] IPv6: addrconf: prefix option has invalid lifetime
[ 1636.774815][T22161] tipc: Invalid UDP bearer configuration
[ 1636.774862][T22161] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1638.753043][T22187] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4644'.
[ 1638.775366][T22187] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4644'.
[ 1642.640307][T22229] netlink: 'syz.8.4654': attribute type 16 has an invalid length.
[ 1642.776471][T22229] netlink: 'syz.8.4654': attribute type 17 has an invalid length.
[ 1643.628711][T22229] bridge0: port 3(netdevsim2) entered disabled state
[ 1643.635551][T22229] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1643.644466][T22229] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1643.654990][T22237] devtmpfs: Too few inodes for current use
[ 1644.255520][T22229] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1644.289448][T22229] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1644.620824][T22229] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.646751][T22229] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1645.480434][T22229] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1645.508590][T22229] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1646.006979][T22260] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4660'.
[ 1646.111988][T22229] syz_tun: left promiscuous mode
[ 1646.142472][T22246] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4658'.
[ 1646.167015][T22248] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4658'.
[ 1646.627279][T14944] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1646.962734][T14944] usb 2-1: config 0 has an invalid interface number: 186 but max is 0
[ 1647.063996][T14944] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1647.084845][T14944] usb 2-1: config 0 has no interface number 0
[ 1647.199388][T14944] usb 2-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1647.210975][T14944] usb 2-1: config 0 interface 186 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1647.264127][T14944] usb 2-1: New USB device found, idVendor=05ac, idProduct=8600, bcdDevice=d0.28
[ 1647.313635][T14944] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1647.338528][T14944] usb 2-1: Product: syz
[ 1647.348349][T14944] usb 2-1: Manufacturer: syz
[ 1647.352980][T14944] usb 2-1: SerialNumber: syz
[ 1647.371912][T14944] usb 2-1: config 0 descriptor??
[ 1647.386262][T22281] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1647.712685][T22284] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4666'.
[ 1648.493474][T22288] devtmpfs: Too few inodes for current use
[ 1649.727098][T14944] usb 2-1: Found UVC 0.00 device syz (05ac:8600)
[ 1649.755445][T14944] usb 2-1: No valid video chain found.
[ 1650.788091][T14944] usb 2-1: USB disconnect, device number 45
[ 1651.872902][T22313] FAULT_INJECTION: forcing a failure.
[ 1651.872902][T22313] name failslab, interval 1, probability 0, space 0, times 0
[ 1651.946435][T22313] CPU: 0 UID: 0 PID: 22313 Comm: syz.1.4674 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1651.946464][T22313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1651.946475][T22313] Call Trace:
[ 1651.946482][T22313]  <TASK>
[ 1651.946490][T22313]  dump_stack_lvl+0x241/0x360
[ 1651.946522][T22313]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1651.946553][T22313]  ? __pfx__printk+0x10/0x10
[ 1651.946578][T22313]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[ 1651.946605][T22313]  ? __pfx___might_resched+0x10/0x10
[ 1651.946627][T22313]  should_fail_ex+0x40a/0x550
[ 1651.946651][T22313]  should_failslab+0xac/0x100
[ 1651.946672][T22313]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[ 1651.946693][T22313]  ? __kasan_kmalloc+0x98/0xb0
[ 1651.946719][T22313]  ? v9fs_session_init+0xb0/0x1b80
[ 1651.946741][T22313]  ? v9fs_mount+0xb2/0xa90
[ 1651.946756][T22313]  ? legacy_get_tree+0xee/0x190
[ 1651.946780][T22313]  kstrdup+0x39/0xb0
[ 1651.946802][T22313]  v9fs_session_init+0xb0/0x1b80
[ 1651.946844][T22313]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1651.946877][T22313]  ? __kasan_kmalloc+0x98/0xb0
[ 1651.946895][T22313]  ? __kmalloc_cache_noprof+0x243/0x390
[ 1651.946913][T22313]  ? v9fs_mount+0xb2/0xa90
[ 1651.946933][T22313]  v9fs_mount+0xd5/0xa90
[ 1651.946951][T22313]  ? __kasan_kmalloc+0x98/0xb0
[ 1651.946968][T22313]  ? __pfx_v9fs_mount+0x10/0x10
[ 1651.946983][T22313]  ? __kmalloc_cache_noprof+0x243/0x390
[ 1651.947005][T22313]  ? rcu_is_watching+0x15/0xb0
[ 1651.947028][T22313]  ? cap_capable+0x139/0x450
[ 1651.947051][T22313]  legacy_get_tree+0xee/0x190
[ 1651.947069][T22313]  ? __pfx_v9fs_mount+0x10/0x10
[ 1651.947088][T22313]  vfs_get_tree+0x90/0x2b0
[ 1651.947108][T22313]  do_new_mount+0x2be/0xb40
[ 1651.947132][T22313]  ? __pfx_do_new_mount+0x10/0x10
[ 1651.947159][T22313]  __se_sys_mount+0x2d6/0x3c0
[ 1651.947183][T22313]  ? __pfx___se_sys_mount+0x10/0x10
[ 1651.947204][T22313]  ? do_syscall_64+0x100/0x230
[ 1651.947229][T22313]  ? __x64_sys_mount+0x20/0xc0
[ 1651.947250][T22313]  do_syscall_64+0xf3/0x230
[ 1651.947271][T22313]  ? clear_bhb_loop+0x35/0x90
[ 1651.947294][T22313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1651.947314][T22313] RIP: 0033:0x7f838eb8cde9
[ 1651.947329][T22313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1651.947343][T22313] RSP: 002b:00007f838c9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1651.947361][T22313] RAX: ffffffffffffffda RBX: 00007f838eda5fa0 RCX: 00007f838eb8cde9
[ 1651.947374][T22313] RDX: 0000400000000180 RSI: 00004000000001c0 RDI: 0000000000000000
[ 1651.947385][T22313] RBP: 00007f838c9f6090 R08: 0000400000000200 R09: 0000000000000000
[ 1651.947397][T22313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1651.947407][T22313] R13: 0000000000000000 R14: 00007f838eda5fa0 R15: 00007fff313127a8
[ 1651.947432][T22313]  </TASK>
[ 1653.851863][T22320] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1653.886513][T14837] IPVS: starting estimator thread 0...
[ 1653.909304][T11677] Bluetooth: hci1: unexpected event for opcode 0x0809
[ 1654.170941][T22339] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1655.072273][T22336] netlink: 81 bytes leftover after parsing attributes in process `syz.1.4682'.
[ 1656.137025][T22374] devtmpfs: Too few inodes for current use
[ 1657.419923][T22383] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1658.666555][T22394] openvswitch: netlink: Tunnel attr 47 out of range max 16
[ 1658.748443][T22394] veth0_vlan: entered allmulticast mode
[ 1660.186450][T14837] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1660.347422][T14837] usb 2-1: Using ep0 maxpacket: 8
[ 1660.368121][T14837] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1660.426900][T14837] usb 2-1: config 8 has no interfaces?
[ 1660.439038][T14837] usb 2-1: New USB device found, idVendor=2109, idProduct=0711, bcdDevice=2a.51
[ 1660.457033][T14837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.496399][T14837] usb 2-1: Product: syz
[ 1660.541218][T14837] usb 2-1: Manufacturer: syz
[ 1660.561992][T14837] usb 2-1: SerialNumber: syz
[ 1660.852536][T22407] IPVS: Unknown mcast interface: vcan0
[ 1660.875369][T22407] FAULT_INJECTION: forcing a failure.
[ 1660.875369][T22407] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.891508][T22407] CPU: 1 UID: 0 PID: 22407 Comm: syz.6.4702 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1660.891534][T22407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1660.891545][T22407] Call Trace:
[ 1660.891551][T22407]  <TASK>
[ 1660.891559][T22407]  dump_stack_lvl+0x241/0x360
[ 1660.891591][T22407]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1660.891614][T22407]  ? __pfx__printk+0x10/0x10
[ 1660.891639][T22407]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[ 1660.891668][T22407]  ? __pfx___might_resched+0x10/0x10
[ 1660.891691][T22407]  should_fail_ex+0x40a/0x550
[ 1660.891715][T22407]  should_failslab+0xac/0x100
[ 1660.891736][T22407]  kmem_cache_alloc_node_noprof+0x77/0x380
[ 1660.891756][T22407]  ? __alloc_skb+0x1c3/0x440
[ 1660.891782][T22407]  __alloc_skb+0x1c3/0x440
[ 1660.891809][T22407]  ? __pfx___alloc_skb+0x10/0x10
[ 1660.891830][T22407]  ? __rcu_read_unlock+0xa1/0x110
[ 1660.891851][T22407]  ? netlink_autobind+0xd6/0x2f0
[ 1660.891867][T22407]  ? netlink_autobind+0x2b0/0x2f0
[ 1660.891888][T22407]  netlink_sendmsg+0x638/0xcb0
[ 1660.891915][T22407]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1660.891938][T22407]  ? __sanitizer_cov_trace_pc+0x8/0x70
[ 1660.891960][T22407]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1660.891976][T22407]  __sock_sendmsg+0x221/0x270
[ 1660.891999][T22407]  ____sys_sendmsg+0x52a/0x7e0
[ 1660.892024][T22407]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1660.892039][T22407]  ? __fget_files+0x2a/0x410
[ 1660.892062][T22407]  ? __fget_files+0x2a/0x410
[ 1660.892090][T22407]  __sys_sendmsg+0x269/0x350
[ 1660.892111][T22407]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1660.892167][T22407]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1660.892190][T22407]  ? do_syscall_64+0x100/0x230
[ 1660.892214][T22407]  ? do_syscall_64+0xb6/0x230
[ 1660.892238][T22407]  do_syscall_64+0xf3/0x230
[ 1660.892259][T22407]  ? clear_bhb_loop+0x35/0x90
[ 1660.892299][T22407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1660.892320][T22407] RIP: 0033:0x7f8040f8cde9
[ 1660.892336][T22407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1660.892349][T22407] RSP: 002b:00007f8041d6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1660.892368][T22407] RAX: ffffffffffffffda RBX: 00007f80411a5fa0 RCX: 00007f8040f8cde9
[ 1660.892380][T22407] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000009
[ 1660.892391][T22407] RBP: 00007f8041d6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1660.892401][T22407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1660.892411][T22407] R13: 0000000000000000 R14: 00007f80411a5fa0 R15: 00007ffe77373d28
[ 1660.892437][T22407]  </TASK>
[ 1661.152969][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1663.228180][T14837] usb 2-1: USB disconnect, device number 46
[ 1664.586829][T22470] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1664.730338][T22471] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4718'.
[ 1669.257916][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1670.225338][T22511] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4732'.
[ 1670.354107][T22512] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4732'.
[ 1672.946672][T22539] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1673.538493][T11677] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[ 1674.944234][T22561] FAULT_INJECTION: forcing a failure.
[ 1674.944234][T22561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1674.954521][T22558] netlink: 44 bytes leftover after parsing attributes in process `syz.8.4744'.
[ 1674.971501][T22561] CPU: 0 UID: 0 PID: 22561 Comm: syz.6.4746 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1674.971527][T22561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1674.971537][T22561] Call Trace:
[ 1674.971545][T22561]  <TASK>
[ 1674.971552][T22561]  dump_stack_lvl+0x241/0x360
[ 1674.971585][T22561]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1674.971608][T22561]  ? __pfx__printk+0x10/0x10
[ 1674.971633][T22561]  ? __pfx_lock_release+0x10/0x10
[ 1674.971651][T22561]  ? kasan_save_track+0x51/0x80
[ 1674.971667][T22561]  ? kasan_save_free_info+0x40/0x50
[ 1674.971688][T22561]  ? kfree+0x196/0x430
[ 1674.971706][T22561]  ? security_file_ioctl+0xc6/0x2a0
[ 1674.971732][T22561]  should_fail_ex+0x40a/0x550
[ 1674.971756][T22561]  _copy_from_user+0x2d/0xb0
[ 1674.971774][T22561]  vmci_host_unlocked_ioctl+0x683/0x3560
[ 1674.971797][T22561]  ? mark_lock+0x9a/0x360
[ 1674.971818][T22561]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[ 1674.971849][T22561]  ? tomoyo_path_number_perm+0x206/0x860
[ 1674.971871][T22561]  ? __pfx_lock_release+0x10/0x10
[ 1674.971894][T22561]  ? tomoyo_path_number_perm+0x679/0x860
[ 1674.971924][T22561]  ? tomoyo_path_number_perm+0x6f9/0x860
[ 1674.971945][T22561]  ? __lock_acquire+0x1397/0x2100
[ 1674.971966][T22561]  ? tomoyo_path_number_perm+0x206/0x860
[ 1674.971990][T22561]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1674.972032][T22561]  ? __asan_memset+0x23/0x50
[ 1674.972061][T22561]  ? smack_file_ioctl+0x29e/0x3a0
[ 1674.972084][T22561]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1674.972110][T22561]  ? __fget_files+0x2a/0x410
[ 1674.972134][T22561]  ? __fget_files+0x2a/0x410
[ 1674.972158][T22561]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[ 1674.972180][T22561]  __se_sys_ioctl+0xf5/0x170
[ 1674.972198][T22561]  do_syscall_64+0xf3/0x230
[ 1674.972220][T22561]  ? clear_bhb_loop+0x35/0x90
[ 1674.972245][T22561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1674.972265][T22561] RIP: 0033:0x7f8040f8cde9
[ 1674.972281][T22561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1674.972295][T22561] RSP: 002b:00007f8041d6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1674.972314][T22561] RAX: ffffffffffffffda RBX: 00007f80411a5fa0 RCX: 00007f8040f8cde9
[ 1674.972326][T22561] RDX: 00004000000000c0 RSI: 00000000000007b1 RDI: 0000000000000003
[ 1674.972338][T22561] RBP: 00007f8041d6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1674.972349][T22561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1674.972359][T22561] R13: 0000000000000000 R14: 00007f80411a5fa0 R15: 00007ffe77373d28
[ 1674.972386][T22561]  </TASK>
[ 1675.230184][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1675.343775][T22560] netlink: 44 bytes leftover after parsing attributes in process `syz.8.4744'.
[ 1675.926874][T14944] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1676.096976][T14944] usb 2-1: Using ep0 maxpacket: 32
[ 1676.119868][T14944] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1676.138783][T14944] usb 2-1: config 1 has an invalid interface number: 5 but max is 0
[ 1676.147366][T14944] usb 2-1: config 1 has no interface number 0
[ 1676.170368][T14944] usb 2-1: config 1 interface 5 has no altsetting 0
[ 1676.189607][T14944] usb 2-1: New USB device found, idVendor=0403, idProduct=e050, bcdDevice=a2.6c
[ 1676.199123][T14944] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1676.230502][T14944] usb 2-1: Product: syz
[ 1676.237405][T14944] usb 2-1: Manufacturer: �
[ 1676.247069][T14944] usb 2-1: SerialNumber: syz
[ 1676.473854][T14944] ftdi_sio 2-1:1.5: FTDI USB Serial Device converter detected
[ 1676.524887][T14944] ftdi_sio ttyUSB0: unknown device type: 0xa26c
[ 1676.527673][T14944] usb 2-1: USB disconnect, device number 47
[ 1676.528556][T14944] ftdi_sio 2-1:1.5: device disconnected
[ 1677.515684][T22595] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1679.357054][T22615] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4762'.
[ 1680.256204][   T29] kauditd_printk_skb: 7 callbacks suppressed
[ 1680.256221][   T29] audit: type=1326 audit(1739396873.289:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22618 comm="syz.3.4766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0bd98cde9 code=0x7ffc0000
[ 1680.345359][   T29] audit: type=1326 audit(1739396873.289:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22618 comm="syz.3.4766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0bd98cde9 code=0x7ffc0000
[ 1680.374589][   T29] audit: type=1326 audit(1739396873.289:1806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22618 comm="syz.3.4766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc0bd98cde9 code=0x7ffc0000
[ 1680.473400][T14837] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1680.479190][   T29] audit: type=1326 audit(1739396873.289:1807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22618 comm="syz.3.4766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0bd98cde9 code=0x7ffc0000
[ 1680.501612][T22636] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1680.601611][   T29] audit: type=1326 audit(1739396873.299:1808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22618 comm="syz.3.4766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fc0bd98cde9 code=0x7ffc0000
[ 1680.623224][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1680.686575][T14837] usb 9-1: device descriptor read/64, error -71
[ 1680.855650][   T29] audit: type=1326 audit(1739396873.459:1809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22618 comm="syz.3.4766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fc0bd98cde9 code=0x7ffc0000
[ 1680.877283][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1681.118719][T14837] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1681.258410][T14837] usb 9-1: device descriptor read/64, error -71
[ 1681.366733][T14837] usb usb9-port1: attempt power cycle
[ 1682.386400][T14837] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1682.407062][T14837] usb 9-1: device descriptor read/8, error -71
[ 1682.646510][T14837] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1682.726426][T14837] usb 9-1: device descriptor read/8, error -71
[ 1682.836784][T14837] usb usb9-port1: unable to enumerate USB device
[ 1686.116987][T22724] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4793'.
[ 1686.161014][T22724] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4793'.
[ 1686.650460][T14837] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1686.826455][T14837] usb 2-1: Using ep0 maxpacket: 32
[ 1686.844092][T14837] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[ 1686.895311][T14837] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1687.140715][T14837] usb 2-1: config 0 descriptor??
[ 1687.178467][T14837] gspca_main: sq930x-2.14.0 probing 041e:403c
[ 1687.577127][T22748] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4800'.
[ 1687.638283][T22748] wireguard0: entered promiscuous mode
[ 1687.645478][T22748] wireguard0: entered allmulticast mode
[ 1688.696463][T14837] gspca_sq930x: reg_w 0105 bf00 failed -110
[ 1688.779581][T14837] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[ 1690.692966][T14837] usb 2-1: USB disconnect, device number 48
[ 1690.791973][T22798] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4814'.
[ 1691.038611][T22809] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4819'.
[ 1691.057441][T22809] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4819'.
[ 1693.555498][T22849] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4829'.
[ 1693.567640][T22849] Bluetooth: MGMT ver 1.23
[ 1693.588548][T22852] FAULT_INJECTION: forcing a failure.
[ 1693.588548][T22852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1693.601775][T22852] CPU: 0 UID: 0 PID: 22852 Comm: syz.6.4830 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1693.601796][T22852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1693.601807][T22852] Call Trace:
[ 1693.601815][T22852]  <TASK>
[ 1693.601822][T22852]  dump_stack_lvl+0x241/0x360
[ 1693.601855][T22852]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1693.601880][T22852]  ? __pfx__printk+0x10/0x10
[ 1693.601912][T22852]  ? __pfx_lock_release+0x10/0x10
[ 1693.601941][T22852]  should_fail_ex+0x40a/0x550
[ 1693.601965][T22852]  _copy_from_user+0x2d/0xb0
[ 1693.601984][T22852]  do_sock_getsockopt+0x1d1/0x7e0
[ 1693.602007][T22852]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1693.602035][T22852]  ? __fget_files+0x2a/0x410
[ 1693.602058][T22852]  ? __fget_files+0x395/0x410
[ 1693.602077][T22852]  ? __fget_files+0x2a/0x410
[ 1693.602104][T22852]  __x64_sys_getsockopt+0x2a1/0x370
[ 1693.602121][T22852]  ? irqentry_exit+0x63/0x90
[ 1693.602147][T22852]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[ 1693.602174][T22852]  do_syscall_64+0xf3/0x230
[ 1693.602196][T22852]  ? clear_bhb_loop+0x35/0x90
[ 1693.602233][T22852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1693.602254][T22852] RIP: 0033:0x7f8040f8cde9
[ 1693.602269][T22852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1693.602284][T22852] RSP: 002b:00007f8041d2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1693.602308][T22852] RAX: ffffffffffffffda RBX: 00007f80411a6160 RCX: 00007f8040f8cde9
[ 1693.602320][T22852] RDX: 000000000000007c RSI: 0000000000000084 RDI: 0000000000000007
[ 1693.602330][T22852] RBP: 00007f8041d2a090 R08: 0000400000000180 R09: 0000000000000000
[ 1693.602342][T22852] R10: 00004000000000c0 R11: 0000000000000246 R12: 0000000000000001
[ 1693.602354][T22852] R13: 0000000000000000 R14: 00007f80411a6160 R15: 00007ffe77373d28
[ 1693.602380][T22852]  </TASK>
[ 1695.271725][T22876] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4837'.
[ 1695.281976][T22876] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4837'.
[ 1700.692176][T22948] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4858'.
[ 1701.076310][    C0] hrtimer: interrupt took 45717 ns
[ 1701.868128][T22975] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1701.879200][T22975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1701.889343][T22975] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1701.899395][T22975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1701.998508][T22977] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4867'.
[ 1703.777179][T14837] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1703.793900][T22989] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[ 1703.800455][T22989] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1703.809281][T22989] vhci_hcd vhci_hcd.0: Device attached
[ 1704.006713][T14837] usb 9-1: Using ep0 maxpacket: 32
[ 1704.029203][    T9] vhci_hcd: vhci_device speed not set
[ 1704.794710][    T9] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[ 1704.945555][T14837] usb 9-1: config 0 has an invalid interface number: 8 but max is 0
[ 1705.015132][T14837] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1705.173377][T22990] vhci_hcd: connection reset by peer
[ 1705.191948][T14837] usb 9-1: config 0 has no interface number 0
[ 1705.213920][T12348] vhci_hcd: stop threads
[ 1705.222349][T12348] vhci_hcd: release socket
[ 1705.226995][T14837] usb 9-1: config 0 interface 8 altsetting 248 has 2 endpoint descriptors, different from the interface descriptor's value: 10
[ 1705.246502][T12348] vhci_hcd: disconnect device
[ 1705.261462][T14837] usb 9-1: config 0 interface 8 has no altsetting 0
[ 1705.353531][T14837] usb 9-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=2d.bb
[ 1705.438354][T14837] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1705.456185][T14837] usb 9-1: Product: syz
[ 1705.466393][T14837] usb 9-1: Manufacturer: syz
[ 1705.478124][T14837] usb 9-1: SerialNumber: syz
[ 1705.500871][T14837] usb 9-1: config 0 descriptor??
[ 1705.515866][T14837] usb 9-1: can't set config #0, error -71
[ 1705.537111][T14837] usb 9-1: USB disconnect, device number 7
[ 1705.559543][T23004] FAULT_INJECTION: forcing a failure.
[ 1705.559543][T23004] name failslab, interval 1, probability 0, space 0, times 0
[ 1705.583455][T23004] CPU: 1 UID: 0 PID: 23004 Comm: syz.1.4876 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1705.583480][T23004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1705.583491][T23004] Call Trace:
[ 1705.583498][T23004]  <TASK>
[ 1705.583506][T23004]  dump_stack_lvl+0x241/0x360
[ 1705.583537][T23004]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1705.583562][T23004]  ? __pfx__printk+0x10/0x10
[ 1705.583588][T23004]  ? __kmalloc_noprof+0xb5/0x4c0
[ 1705.583610][T23004]  ? __pfx___might_resched+0x10/0x10
[ 1705.583626][T23004]  ? trace_contention_end+0x3c/0x120
[ 1705.583654][T23004]  should_fail_ex+0x40a/0x550
[ 1705.583678][T23004]  should_failslab+0xac/0x100
[ 1705.583700][T23004]  __kmalloc_noprof+0xdd/0x4c0
[ 1705.583719][T23004]  ? input_ff_create+0x52/0x2f0
[ 1705.583740][T23004]  ? __pfx___mutex_lock+0x10/0x10
[ 1705.583766][T23004]  input_ff_create+0x52/0x2f0
[ 1705.583791][T23004]  uinput_create_device+0x26d/0x630
[ 1705.583822][T23004]  uinput_ioctl_handler+0x488/0x1770
[ 1705.583848][T23004]  ? __pfx_uinput_ioctl_handler+0x10/0x10
[ 1705.583889][T23004]  ? __pfx_uinput_ioctl+0x10/0x10
[ 1705.583912][T23004]  __se_sys_ioctl+0xf5/0x170
[ 1705.583932][T23004]  do_syscall_64+0xf3/0x230
[ 1705.583953][T23004]  ? clear_bhb_loop+0x35/0x90
[ 1705.583979][T23004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1705.584000][T23004] RIP: 0033:0x7f838eb8cde9
[ 1705.584014][T23004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1705.584029][T23004] RSP: 002b:00007f838c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1705.584048][T23004] RAX: ffffffffffffffda RBX: 00007f838eda5fa0 RCX: 00007f838eb8cde9
[ 1705.584061][T23004] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[ 1705.584080][T23004] RBP: 00007f838c9f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1705.584090][T23004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1705.584100][T23004] R13: 0000000000000000 R14: 00007f838eda5fa0 R15: 00007fff313127a8
[ 1705.584129][T23004]  </TASK>
[ 1705.815624][T23007] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4877'.
[ 1706.742907][T23012] --map-set only usable from mangle table
[ 1706.778676][   T29] audit: type=1326 audit(1739396899.819:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23011 comm="syz.3.4879" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc0bd98cde9 code=0x0
[ 1706.798056][T23018] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4880'.
[ 1707.010842][T23028] openvswitch: netlink: Flow key attr not present in new flow.
[ 1708.356240][T23044] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4884'.
[ 1709.656948][T23058] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4893'.
[ 1710.263449][    T9] vhci_hcd: vhci_device speed not set
[ 1713.056532][    T9] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1713.409372][    T9] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1713.418541][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1713.432956][    T9] usb 2-1: config 0 descriptor??
[ 1713.686673][T23102] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1713.696593][T23102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1713.706745][T23102] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1713.716710][T23102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1714.587271][    T9] usb 2-1: Cannot read MAC address
[ 1714.592731][    T9] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1714.607160][    T9] usb 2-1: USB disconnect, device number 49
[ 1716.077408][T23128] tmpfs: Unknown parameter 'quoza'
[ 1716.082986][T23128] netlink: 'syz.7.4914': attribute type 4 has an invalid length.
[ 1716.091475][T23128] netlink: 152 bytes leftover after parsing attributes in process `syz.7.4914'.
[ 1716.150364][T23128] : renamed from bond0 (while UP)
[ 1718.355617][T23136] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1718.486323][T23154] netlink: 'syz.7.4921': attribute type 9 has an invalid length.
[ 1718.974722][T23160] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1722.700060][T23203] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1723.145616][T23191] overlayfs: failed to resolve './file1': -2
[ 1726.974469][T23236] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1729.338090][T23257] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4949'.
[ 1729.996837][T14837] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1730.166705][T14837] usb 2-1: Using ep0 maxpacket: 8
[ 1730.199125][T14837] usb 2-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[ 1730.244651][T14837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1730.287246][T14837] usb 2-1: Product: syz
[ 1730.312047][T14837] usb 2-1: Manufacturer: syz
[ 1730.339036][T14837] usb 2-1: SerialNumber: syz
[ 1730.375463][T14837] usb 2-1: config 0 descriptor??
[ 1730.717469][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.831318][T14837] gspca_main: sunplus-2.14.0 probing 04a5:3003
[ 1730.847089][T14837] gspca_sunplus: reg_w_riv err -71
[ 1730.852296][T14837] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[ 1730.864060][T14837] usb 2-1: USB disconnect, device number 50
[ 1730.913610][T23277] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4958'.
[ 1733.255191][T23297] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4963'.
[ 1741.363842][T23349] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4975'.
[ 1741.530284][T23380] openvswitch: netlink: Flow key attr not present in new flow.
[ 1743.199938][T23395] tmpfs: Cannot disable swap on remount
[ 1748.766700][T23449] tmpfs: Cannot disable swap on remount
[ 1749.838443][T23466] FAULT_INJECTION: forcing a failure.
[ 1749.838443][T23466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1749.852143][T23466] CPU: 1 UID: 0 PID: 23466 Comm: syz.7.5006 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1749.852167][T23466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1749.852178][T23466] Call Trace:
[ 1749.852185][T23466]  <TASK>
[ 1749.852193][T23466]  dump_stack_lvl+0x241/0x360
[ 1749.852225][T23466]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1749.852249][T23466]  ? __pfx__printk+0x10/0x10
[ 1749.852274][T23466]  ? __pfx_lock_release+0x10/0x10
[ 1749.852294][T23466]  ? __schedule+0x18c4/0x4c40
[ 1749.852321][T23466]  should_fail_ex+0x40a/0x550
[ 1749.852344][T23466]  _copy_from_user+0x2d/0xb0
[ 1749.852362][T23466]  move_addr_to_kernel+0x82/0x150
[ 1749.852384][T23466]  __sys_connect+0xb6/0x2d0
[ 1749.852407][T23466]  ? __fget_files+0x2a/0x410
[ 1749.852427][T23466]  ? __pfx___sys_connect+0x10/0x10
[ 1749.852460][T23466]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1749.852482][T23466]  ? do_syscall_64+0x100/0x230
[ 1749.852508][T23466]  __x64_sys_connect+0x7a/0x90
[ 1749.852531][T23466]  do_syscall_64+0xf3/0x230
[ 1749.852552][T23466]  ? clear_bhb_loop+0x35/0x90
[ 1749.852577][T23466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1749.852597][T23466] RIP: 0033:0x7f637598cde9
[ 1749.852613][T23466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1749.852627][T23466] RSP: 002b:00007f6376814038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1749.852647][T23466] RAX: ffffffffffffffda RBX: 00007f6375ba6160 RCX: 00007f637598cde9
[ 1749.852660][T23466] RDX: 000000000000001c RSI: 00004000000002c0 RDI: 0000000000000006
[ 1749.852670][T23466] RBP: 00007f6376814090 R08: 0000000000000000 R09: 0000000000000000
[ 1749.852681][T23466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1749.852692][T23466] R13: 0000000000000000 R14: 00007f6375ba6160 R15: 00007ffd10205ae8
[ 1749.852717][T23466]  </TASK>
[ 1750.041899][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1752.540763][T23477] openvswitch: netlink: Flow key attr not present in new flow.
[ 1754.296716][T23503] netlink: 1280 bytes leftover after parsing attributes in process `syz.1.5015'.
[ 1754.306746][T23503] openvswitch: netlink: Missing key (keys=40, expected=100)
[ 1755.280759][T23510] sp0: Synchronizing with TNC
[ 1759.010135][T23533] openvswitch: netlink: Flow key attr not present in new flow.
[ 1760.996220][T23549] netlink: 'syz.1.5028': attribute type 9 has an invalid length.
[ 1761.774239][T23557] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.5031'.
[ 1766.390641][T23594] netlink: 'syz.7.5041': attribute type 9 has an invalid length.
[ 1771.122106][T23616] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5046'.
[ 1771.132427][T23619] FAULT_INJECTION: forcing a failure.
[ 1771.132427][T23619] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1771.145815][T23619] CPU: 1 UID: 0 PID: 23619 Comm: syz.1.5048 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1771.145830][T23619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1771.145837][T23619] Call Trace:
[ 1771.145843][T23619]  <TASK>
[ 1771.145848][T23619]  dump_stack_lvl+0x241/0x360
[ 1771.145869][T23619]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1771.145884][T23619]  ? __pfx__printk+0x10/0x10
[ 1771.145903][T23619]  should_fail_ex+0x40a/0x550
[ 1771.145917][T23619]  strncpy_from_user+0x36/0x270
[ 1771.145929][T23619]  getname_flags+0xf1/0x540
[ 1771.145944][T23619]  user_path_at+0x24/0x60
[ 1771.146000][T23619]  __se_sys_mount+0x297/0x3c0
[ 1771.146015][T23619]  ? __pfx___se_sys_mount+0x10/0x10
[ 1771.146027][T23619]  ? do_syscall_64+0x100/0x230
[ 1771.146042][T23619]  ? __x64_sys_mount+0x20/0xc0
[ 1771.146054][T23619]  do_syscall_64+0xf3/0x230
[ 1771.146067][T23619]  ? clear_bhb_loop+0x35/0x90
[ 1771.146082][T23619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1771.146094][T23619] RIP: 0033:0x7f838eb8cde9
[ 1771.146104][T23619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1771.146112][T23619] RSP: 002b:00007f838c9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1771.146123][T23619] RAX: ffffffffffffffda RBX: 00007f838eda5fa0 RCX: 00007f838eb8cde9
[ 1771.146130][T23619] RDX: 0000400000000100 RSI: 0000400000000040 RDI: 0000000000000000
[ 1771.146136][T23619] RBP: 00007f838c9f6090 R08: 0000400000000140 R09: 0000000000000000
[ 1771.146142][T23619] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000001
[ 1771.146147][T23619] R13: 0000000000000000 R14: 00007f838eda5fa0 R15: 00007fff313127a8
[ 1771.146161][T23619]  </TASK>
[ 1771.315405][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1775.255593][T23648] netlink: 'syz.6.5054': attribute type 9 has an invalid length.
[ 1779.311503][T23674] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1779.377508][T23676] sch_tbf: burst 0 is lower than device lo mtu (196626) !
[ 1781.976813][T23701] overlayfs: failed to resolve './file0': -2
[ 1783.382409][T23710] netlink: 'syz.7.5068': attribute type 9 has an invalid length.
[ 1783.729282][T23717] overlayfs: failed to resolve './file0': -40
[ 1785.144998][T23727] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5075'.
[ 1785.183265][T23727] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5075'.
[ 1785.296602][T23732] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5076'.
[ 1785.327823][T23727] netlink: 'syz.1.5075': attribute type 3 has an invalid length.
[ 1785.352532][T23727] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5075'.
[ 1785.892423][T23750] overlayfs: failed to resolve './file0': -2
[ 1788.091823][T23762] netlink: 'syz.1.5082': attribute type 9 has an invalid length.
[ 1789.426713][T23787] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5088'.
[ 1791.377158][T23800] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5094'.
[ 1792.101762][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.663336][T23812] can: request_module (can-proto-0) failed.
[ 1792.668870][T23817] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1794.724345][T23837] overlayfs: failed to clone upperpath
[ 1794.748691][T23841] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5106'.
[ 1795.007483][T23845] wg2: entered promiscuous mode
[ 1795.026562][T23845] wg2: entered allmulticast mode
[ 1796.057446][T23861] netlink: 'syz.1.5113': attribute type 9 has an invalid length.
[ 1796.776387][T14837] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1797.078520][T14837] usb 2-1: device descriptor read/64, error -71
[ 1797.349914][T14837] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1797.546623][T14837] usb 2-1: device descriptor read/64, error -71
[ 1797.746760][T14837] usb usb2-port1: attempt power cycle
[ 1798.816399][T14837] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1798.828943][T23893] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5120'.
[ 1798.887386][T14837] usb 2-1: device descriptor read/8, error -71
[ 1798.902965][T23890] overlayfs: failed to clone upperpath
[ 1799.061564][T23897] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (9)
[ 1799.846372][T14837] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1799.905090][T14837] usb 2-1: device descriptor read/8, error -71
[ 1800.038234][T14837] usb usb2-port1: unable to enumerate USB device
[ 1802.406582][T23934] netlink: 'syz.7.5134': attribute type 72 has an invalid length.
[ 1802.414565][T23934] netlink: 60 bytes leftover after parsing attributes in process `syz.7.5134'.
[ 1803.109753][T23942] netlink: 'syz.6.5138': attribute type 9 has an invalid length.
[ 1804.155207][T23949] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5139'.
[ 1804.694295][T23964] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5145'.
[ 1805.451934][T23973] netlink: 'syz.8.5148': attribute type 72 has an invalid length.
[ 1805.460179][T23973] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5148'.
[ 1807.583324][T24000] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5157'.
[ 1807.814461][T17938] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1807.815215][T24004] netlink: 'syz.6.5159': attribute type 2 has an invalid length.
[ 1807.833890][T17938] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1807.843530][T17938] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1807.857876][T17938] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1807.873939][T17938] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1807.886880][T17938] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1807.907308][T24004] FAULT_INJECTION: forcing a failure.
[ 1807.907308][T24004] name failslab, interval 1, probability 0, space 0, times 0
[ 1807.966488][T24004] CPU: 1 UID: 0 PID: 24004 Comm: syz.6.5159 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1807.966513][T24004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1807.966523][T24004] Call Trace:
[ 1807.966529][T24004]  <TASK>
[ 1807.966536][T24004]  dump_stack_lvl+0x241/0x360
[ 1807.966567][T24004]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1807.966590][T24004]  ? __pfx__printk+0x10/0x10
[ 1807.966614][T24004]  ? __kmalloc_cache_noprof+0x48/0x390
[ 1807.966635][T24004]  ? __pfx___might_resched+0x10/0x10
[ 1807.966656][T24004]  should_fail_ex+0x40a/0x550
[ 1807.966679][T24004]  should_failslab+0xac/0x100
[ 1807.966701][T24004]  __kmalloc_cache_noprof+0x70/0x390
[ 1807.966720][T24004]  ? ovs_flow_tbl_init+0xfa/0x890
[ 1807.966742][T24004]  ovs_flow_tbl_init+0xfa/0x890
[ 1807.966760][T24004]  ? __kmalloc_cache_noprof+0x243/0x390
[ 1807.966779][T24004]  ? ovs_dp_cmd_new+0x1a9/0xc10
[ 1807.966802][T24004]  ovs_dp_cmd_new+0x246/0xc10
[ 1807.966832][T24004]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1807.966858][T24004]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 1807.966887][T24004]  genl_rcv_msg+0xb14/0xec0
[ 1807.966913][T24004]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1807.966956][T24004]  ? __pfx_lock_acquire+0x10/0x10
[ 1807.966976][T24004]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1807.966996][T24004]  ? __pfx___might_resched+0x10/0x10
[ 1807.967021][T24004]  netlink_rcv_skb+0x1e3/0x430
[ 1807.967045][T24004]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1807.967066][T24004]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1807.967139][T24004]  ? __netlink_deliver_tap+0x7aa/0x7f0
[ 1807.967169][T24004]  genl_rcv+0x28/0x40
[ 1807.967186][T24004]  netlink_unicast+0x7f6/0x990
[ 1807.967214][T24004]  ? __pfx_netlink_unicast+0x10/0x10
[ 1807.967228][T24004]  ? __virt_addr_valid+0x45f/0x530
[ 1807.967242][T24004]  ? __phys_addr_symbol+0x2f/0x70
[ 1807.967254][T24004]  ? __check_object_size+0x47a/0x730
[ 1807.967269][T24004]  netlink_sendmsg+0x8e4/0xcb0
[ 1807.967285][T24004]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1807.967300][T24004]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1807.967309][T24004]  __sock_sendmsg+0x221/0x270
[ 1807.967322][T24004]  ____sys_sendmsg+0x52a/0x7e0
[ 1807.967336][T24004]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1807.967345][T24004]  ? __fget_files+0x2a/0x410
[ 1807.967361][T24004]  ? __fget_files+0x2a/0x410
[ 1807.967377][T24004]  __sys_sendmsg+0x269/0x350
[ 1807.967389][T24004]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1807.967405][T24004]  ? do_sys_openat2+0x17a/0x1d0
[ 1807.967431][T24004]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1807.967443][T24004]  ? do_syscall_64+0x100/0x230
[ 1807.967458][T24004]  ? do_syscall_64+0xb6/0x230
[ 1807.967471][T24004]  do_syscall_64+0xf3/0x230
[ 1807.967483][T24004]  ? clear_bhb_loop+0x35/0x90
[ 1807.967498][T24004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1807.967510][T24004] RIP: 0033:0x7f8040f8cde9
[ 1807.967520][T24004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1807.967528][T24004] RSP: 002b:00007f8041d6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1807.967539][T24004] RAX: ffffffffffffffda RBX: 00007f80411a5fa0 RCX: 00007f8040f8cde9
[ 1807.967546][T24004] RDX: 000000000000c000 RSI: 0000400000000000 RDI: 0000000000000003
[ 1807.967553][T24004] RBP: 00007f8041d6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1807.967559][T24004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1807.967564][T24004] R13: 0000000000000000 R14: 00007f80411a5fa0 R15: 00007ffe77373d28
[ 1807.967579][T24004]  </TASK>
[ 1808.384547][T24009] usb usb8: usbfs: process 24009 (syz.6.5161) did not claim interface 0 before use
[ 1808.689762][T24012] netlink: 'syz.8.5162': attribute type 9 has an invalid length.
[ 1808.832525][T24002] chnl_net:caif_netlink_parms(): no params data found
[ 1808.936879][    T9] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1808.986589][T24029] vlan3: entered allmulticast mode
[ 1808.993537][T24029] bond0: entered allmulticast mode
[ 1808.999798][T24029] bond_slave_0: entered allmulticast mode
[ 1809.005650][T24029] bond_slave_1: entered allmulticast mode
[ 1809.014354][T24029] bond0: left allmulticast mode
[ 1809.019979][T24029] bond_slave_0: left allmulticast mode
[ 1809.025579][T24029] bond_slave_1: left allmulticast mode
[ 1809.063772][T24002] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1809.071409][T24002] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1809.076588][    T9] usb 9-1: device descriptor read/64, error -71
[ 1809.079388][T24002] bridge_slave_0: entered allmulticast mode
[ 1809.093135][T24002] bridge_slave_0: entered promiscuous mode
[ 1809.115035][T24002] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1809.127614][T24002] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1809.135789][T24002] bridge_slave_1: entered allmulticast mode
[ 1809.145218][T24002] bridge_slave_1: entered promiscuous mode
[ 1809.179842][T24002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1809.192718][T24002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1809.244392][T24002] team0: Port device team_slave_0 added
[ 1809.252737][T24002] team0: Port device team_slave_1 added
[ 1809.291964][T24002] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1809.309584][T24002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1809.317972][    T9] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1809.354968][T24002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1809.388656][T24002] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1809.408702][T24002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1809.449791][T24002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1809.540142][T24033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5168'.
[ 1809.644479][T24002] hsr_slave_0: entered promiscuous mode
[ 1809.655335][T24002] hsr_slave_1: entered promiscuous mode
[ 1809.661889][T24002] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1809.730868][T24002] Cannot create hsr debugfs directory
[ 1809.786507][    T9] usb 9-1: device descriptor read/64, error -71
[ 1809.822147][T24038] overlay: Unknown parameter 'appraise_type'
[ 1809.886610][T14837] usb 2-1: new full-speed USB device number 55 using dummy_hcd
[ 1809.891106][T24002] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1809.906834][    T9] usb usb9-port1: attempt power cycle
[ 1809.920899][T17938] Bluetooth: hci4: command tx timeout
[ 1809.995050][T24002] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.038268][T14837] usb 2-1: config 8 interface 0 has no altsetting 0
[ 1810.044902][T14837] usb 2-1: New USB device found, idVendor=046d, idProduct=08b8, bcdDevice=fb.bc
[ 1810.063730][T24002] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.073706][T14837] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1810.245139][ T5929] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.268165][    T9] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1810.281419][T24002] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.307167][    T9] usb 9-1: device descriptor read/8, error -71
[ 1810.328060][ T5929] bridge0: port 2(netdevsim2) entered disabled state
[ 1810.337949][T14837] usb 2-1: string descriptor 0 read error: -71
[ 1810.354363][T14837] pwc: Logitech QuickCam detected (reserved ID).
[ 1810.363802][T14837] pwc: Failed to set LED on/off time (-71)
[ 1810.376495][T14837] pwc: send_video_command error -71
[ 1810.386478][T14837] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1810.388552][ T5929] netdevsim netdevsim7 netdevsim2 (unregistering): left allmulticast mode
[ 1810.394118][T14837] Philips webcam 2-1:8.0: probe with driver Philips webcam failed with error -71
[ 1810.420963][ T5929] netdevsim netdevsim7 netdevsim2 (unregistering): left promiscuous mode
[ 1810.436847][ T5929] bridge0: port 2(netdevsim2) entered disabled state
[ 1810.442361][T14837] usb 2-1: USB disconnect, device number 55
[ 1810.459866][ T5929] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.566367][    T9] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1810.587005][    T9] usb 9-1: device descriptor read/8, error -71
[ 1810.601759][ T5929] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.708041][    T9] usb usb9-port1: unable to enumerate USB device
[ 1810.715042][ T5929] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1810.737716][T11677] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1810.749026][T24002] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1810.755943][T11677] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1810.764407][T11677] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1810.778190][T11677] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1810.779271][T24002] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1810.794541][T11677] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1810.802308][T11677] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1810.807516][T24002] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1810.862852][T24002] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1811.027755][ T5929] vlan2: left promiscuous mode
[ 1811.032792][ T5929] bridge0: port 3(vlan2) entered disabled state
[ 1811.055688][ T5929] bridge_slave_0: left allmulticast mode
[ 1811.065219][ T5929] bridge_slave_0: left promiscuous mode
[ 1811.072958][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1811.964590][T24060] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5178'.
[ 1812.030432][T17938] Bluetooth: hci4: command tx timeout
[ 1812.723884][ T5929]  (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1812.779917][ T5929]  (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1812.803584][ T5929]  (unregistering): (slave bridge_slave_1): Releasing backup interface
[ 1812.824503][ T5929]  (unregistering): Released all slaves
[ 1812.851225][ T5929] bond1 (unregistering): Released all slaves
[ 1812.886581][T17938] Bluetooth: hci0: command tx timeout
[ 1812.919811][T24052] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5176'.
[ 1813.810605][T24002] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1813.890196][T24002] 8021q: adding VLAN 0 to HW filter on device team0
[ 1813.950168][T12348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1813.957343][T12348] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1814.001008][T12348] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1814.008175][T12348] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1814.079309][T17938] Bluetooth: hci4: command tx timeout
[ 1814.202821][T24043] chnl_net:caif_netlink_parms(): no params data found
[ 1814.535117][ T5929] hsr_slave_0: left promiscuous mode
[ 1814.548541][ T5929] hsr_slave_1: left promiscuous mode
[ 1814.554502][ T5929] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1814.582540][ T5929] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1814.597862][ T5929] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1814.614264][ T5929] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1814.822309][ T5929] veth1_vlan: left allmulticast mode
[ 1814.836809][ T5929] veth1_macvtap: left promiscuous mode
[ 1814.845758][ T5929] veth0_macvtap: left promiscuous mode
[ 1814.860059][ T5929] veth1_vlan: left promiscuous mode
[ 1814.872072][ T5929] veth0_vlan: left promiscuous mode
[ 1814.956545][T17938] Bluetooth: hci0: command tx timeout
[ 1815.254552][T24098] netlink: 'syz.8.5187': attribute type 9 has an invalid length.
[ 1815.927224][T17573] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1816.096639][T17573] usb 9-1: device descriptor read/64, error -71
[ 1816.156386][T17938] Bluetooth: hci4: command tx timeout
[ 1816.228236][T24104] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5189'.
[ 1816.393059][T24105] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5188'.
[ 1816.476509][T17573] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1816.565144][ T5929] team0 (unregistering): Port device team_slave_1 removed
[ 1816.620048][T17573] usb 9-1: device descriptor read/64, error -71
[ 1816.629028][ T5929] team0 (unregistering): Port device team_slave_0 removed
[ 1816.753130][T17573] usb usb9-port1: attempt power cycle
[ 1817.036555][T17938] Bluetooth: hci0: command tx timeout
[ 1817.098395][T17573] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1817.140131][T17573] usb 9-1: device descriptor read/8, error -71
[ 1817.426614][T17573] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1817.449243][T17573] usb 9-1: device descriptor read/8, error -71
[ 1817.578292][T17573] usb usb9-port1: unable to enumerate USB device
[ 1817.825739][T24043] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1817.833368][T24043] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1817.850157][T24043] bridge_slave_0: entered allmulticast mode
[ 1817.858586][T24043] bridge_slave_0: entered promiscuous mode
[ 1817.868410][T24043] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1817.875486][T24043] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1817.883368][T24043] bridge_slave_1: entered allmulticast mode
[ 1817.890569][T24043] bridge_slave_1: entered promiscuous mode
[ 1817.991259][T24043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1818.040459][T24043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1818.250521][T24043] team0: Port device team_slave_0 added
[ 1818.310045][T24043] team0: Port device team_slave_1 added
[ 1818.720024][T24123] netlink: 'syz.8.5194': attribute type 72 has an invalid length.
[ 1818.728513][T24123] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5194'.
[ 1818.818370][T24043] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1818.877072][T24043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1818.903545][T24043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1819.050642][T24043] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1819.063624][T24043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1819.099989][T24043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1819.116616][T17938] Bluetooth: hci0: command tx timeout
[ 1819.500952][T24043] hsr_slave_0: entered promiscuous mode
[ 1819.512931][T24043] hsr_slave_1: entered promiscuous mode
[ 1819.531300][T24043] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1819.585311][T24043] Cannot create hsr debugfs directory
[ 1819.619454][T24002] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1820.425088][T24136] FAULT_INJECTION: forcing a failure.
[ 1820.425088][T24136] name failslab, interval 1, probability 0, space 0, times 0
[ 1820.438499][T24136] CPU: 1 UID: 0 PID: 24136 Comm: syz.6.5192 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1820.438522][T24136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1820.438533][T24136] Call Trace:
[ 1820.438540][T24136]  <TASK>
[ 1820.438548][T24136]  dump_stack_lvl+0x241/0x360
[ 1820.438579][T24136]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1820.438604][T24136]  ? __pfx__printk+0x10/0x10
[ 1820.438630][T24136]  ? fs_reclaim_acquire+0x93/0x130
[ 1820.438647][T24136]  ? __pfx___might_resched+0x10/0x10
[ 1820.438670][T24136]  should_fail_ex+0x40a/0x550
[ 1820.438695][T24136]  should_failslab+0xac/0x100
[ 1820.438717][T24136]  __kmalloc_noprof+0xdd/0x4c0
[ 1820.438738][T24136]  ? tomoyo_encode+0x26f/0x540
[ 1820.438760][T24136]  tomoyo_encode+0x26f/0x540
[ 1820.438782][T24136]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1820.438811][T24136]  tomoyo_path_number_perm+0x236/0x860
[ 1820.438832][T24136]  ? __lock_acquire+0x1397/0x2100
[ 1820.438855][T24136]  ? tomoyo_path_number_perm+0x206/0x860
[ 1820.438885][T24136]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1820.438946][T24136]  ? __fget_files+0x2a/0x410
[ 1820.438970][T24136]  ? __fget_files+0x2a/0x410
[ 1820.438996][T24136]  security_file_ioctl+0xc6/0x2a0
[ 1820.439022][T24136]  __se_sys_ioctl+0x46/0x170
[ 1820.439041][T24136]  do_syscall_64+0xf3/0x230
[ 1820.439063][T24136]  ? clear_bhb_loop+0x35/0x90
[ 1820.439088][T24136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1820.439109][T24136] RIP: 0033:0x7f8040f8cde9
[ 1820.439125][T24136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1820.439140][T24136] RSP: 002b:00007f8041d2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1820.439158][T24136] RAX: ffffffffffffffda RBX: 00007f80411a6160 RCX: 00007f8040f8cde9
[ 1820.439171][T24136] RDX: 0000000000000000 RSI: 000000000000641e RDI: 0000000000000005
[ 1820.439182][T24136] RBP: 00007f8041d2a090 R08: 0000000000000000 R09: 0000000000000000
[ 1820.439193][T24136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1820.439203][T24136] R13: 0000000000000000 R14: 00007f80411a6160 R15: 00007ffe77373d28
[ 1820.439230][T24136]  </TASK>
[ 1820.439248][T24136] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1820.894930][T24002] veth0_vlan: entered promiscuous mode
[ 1820.958698][T24002] veth1_vlan: entered promiscuous mode
[ 1821.047472][T24002] veth0_macvtap: entered promiscuous mode
[ 1821.078296][T24002] veth1_macvtap: entered promiscuous mode
[ 1821.148548][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1821.193617][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.212934][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1821.232332][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.242721][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1821.253617][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.263878][T24140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5198'.
[ 1821.273094][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1821.300780][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.313151][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1821.324057][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.335477][T24002] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1821.354859][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1821.379039][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.415399][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1821.434151][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.444722][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1821.455624][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.468261][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1821.479102][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1821.502877][T24002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1821.560174][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1822.158998][T24002] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1822.176418][T24043] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1822.222527][T24043] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1822.291535][T24002] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1822.301673][T24002] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1822.311132][T24002] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1822.329109][T24002] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1822.343521][T24043] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1822.396928][T24151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5200'.
[ 1822.406618][T24043] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1822.549434][T24002] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1822.575777][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1822.597022][T24002] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1822.626149][T24002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1823.170179][ T7238] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1823.197092][ T7238] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1823.327728][T24043] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1823.336838][ T5929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1823.372617][ T5929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1823.408763][T24043] 8021q: adding VLAN 0 to HW filter on device team0
[ 1823.445570][ T7238] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1823.452745][ T7238] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1823.499392][ T5993] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1823.499459][ T5993] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1823.610966][T24170] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 1823.614196][T24043] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1823.617504][T24170] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1823.647058][T24170] vhci_hcd vhci_hcd.0: Device attached
[ 1823.671016][T24043] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1823.926149][    T9] usb 35-1: new high-speed USB device number 3 using vhci_hcd
[ 1824.057316][T24171] vhci_hcd: connection closed
[ 1824.063377][T15970] vhci_hcd: stop threads
[ 1824.162743][T15970] vhci_hcd: release socket
[ 1824.175493][T15970] vhci_hcd: disconnect device
[ 1825.179013][T24043] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1825.324060][T24190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5208'.
[ 1827.260010][T24201] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5212'.
[ 1827.685738][T24043] veth0_vlan: entered promiscuous mode
[ 1827.687669][T16913] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[ 1827.703898][T24043] veth1_vlan: entered promiscuous mode
[ 1827.777595][T24043] veth0_macvtap: entered promiscuous mode
[ 1827.789522][T24043] veth1_macvtap: entered promiscuous mode
[ 1827.822684][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1827.822709][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1827.822722][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1827.822736][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1827.822748][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1827.822762][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1827.822776][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1827.822789][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1827.822802][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1827.822816][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1827.822831][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1827.822845][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1827.824043][T24043] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1827.834711][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1828.016986][T16913] usb 9-1: Using ep0 maxpacket: 32
[ 1828.054694][T16913] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1828.075872][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.075884][T16913] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1828.096334][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1828.105382][T16913] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1828.107100][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.107119][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1828.107136][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.107158][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1828.107172][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.107189][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1828.107203][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.107235][T24043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1828.107248][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.108441][T24043] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1828.137722][T16913] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1828.158815][T16913] usb 9-1: config 0 descriptor??
[ 1828.172674][T24043] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.282526][T16913] hub 9-1:0.0: USB hub found
[ 1828.287979][T24043] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.297306][T24043] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.306037][T24043] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.445640][T24043] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1828.471973][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.509674][T16913] hub 9-1:0.0: 1 port detected
[ 1828.524514][T24043] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1828.539815][T16913] hub 9-1:0.0: hub_hub_status failed (err = -71)
[ 1828.546802][T16913] hub 9-1:0.0: config failed, can't get hub status (err -71)
[ 1828.554327][T24043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1828.661458][T16913] usbhid 9-1:0.0: can't add hid device: -71
[ 1828.663339][T16913] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1828.752257][T16913] usb 9-1: USB disconnect, device number 16
[ 1829.280210][    T9] vhci_hcd: vhci_device speed not set
[ 1829.289487][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1829.454138][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1830.627227][ T7238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1830.635132][ T7238] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1831.224124][T24243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5222'.
[ 1832.337892][T24258] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5224'.
[ 1832.957388][T24253] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1835.464096][T11677] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1835.479814][T11677] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1835.488144][T11677] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1835.496658][T11677] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1835.504003][T11677] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1835.511963][T11677] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1835.653454][T24282] chnl_net:caif_netlink_parms(): no params data found
[ 1835.829171][T24282] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1835.841974][T24282] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1835.895919][T24282] bridge_slave_0: entered allmulticast mode
[ 1835.945988][T24282] bridge_slave_0: entered promiscuous mode
[ 1835.966089][    T9] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1835.985452][T24282] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1836.012172][T24282] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1836.046617][T24282] bridge_slave_1: entered allmulticast mode
[ 1836.068025][T24282] bridge_slave_1: entered promiscuous mode
[ 1836.155093][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 1836.168272][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1836.190248][    T9] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1836.202824][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1836.213551][    T9] usb 4-1: Product: syz
[ 1836.228532][    T9] usb 4-1: Manufacturer: syz
[ 1836.233297][    T9] usb 4-1: SerialNumber: syz
[ 1836.242899][    T9] usb 4-1: config 0 descriptor??
[ 1836.262301][T24282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1836.295004][T24282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1836.430938][T24282] team0: Port device team_slave_0 added
[ 1836.450556][T24282] team0: Port device team_slave_1 added
[ 1836.614776][T24282] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1836.648631][T24282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1836.674578][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1836.682884][T24303] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5237'.
[ 1836.706859][T24282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1836.751646][T24282] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1836.768449][T24282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1836.815699][    T9] gs_usb 4-1:0.0: Configuring for 1 interfaces
[ 1836.834935][T24282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1836.935461][T24282] hsr_slave_0: entered promiscuous mode
[ 1836.961356][T24282] hsr_slave_1: entered promiscuous mode
[ 1836.980339][T24282] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1836.994808][T24282] Cannot create hsr debugfs directory
[ 1837.879819][T11677] Bluetooth: hci2: command tx timeout
[ 1837.888463][T24287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1837.920783][    T9] gs_usb 4-1:0.0: Couldn't get bit timing const for channel 0 (-ETIMEDOUT)
[ 1837.948175][    T9] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -110
[ 1837.968988][T24287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1838.471293][T24302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1838.646777][T24302] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1838.710871][T24282] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1838.956516][T24282] bridge0: port 4(netdevsim2) entered disabled state
[ 1839.020549][T24282] netdevsim netdevsim6 netdevsim2 (unregistering): left allmulticast mode
[ 1839.030479][T24282] netdevsim netdevsim6 netdevsim2 (unregistering): left promiscuous mode
[ 1839.041170][T24282] bridge0: port 4(netdevsim2) entered disabled state
[ 1839.065843][T24282] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1839.276444][T24328] netlink: 'syz.8.5244': attribute type 72 has an invalid length.
[ 1839.284422][T24328] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5244'.
[ 1839.765199][    T9] usb 4-1: USB disconnect, device number 28
[ 1839.766639][T24282] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1839.918370][T11677] Bluetooth: hci2: command tx timeout
[ 1840.185387][T24337] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5247'.
[ 1840.225842][T24337] vlan2: entered promiscuous mode
[ 1840.266458][T24338] fuseblk: Unknown parameter 'fd0x0000000000000006'
[ 1841.311743][T24282] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1842.140152][T11677] Bluetooth: hci2: command tx timeout
[ 1842.269925][T24348] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5248'.
[ 1842.668753][T24351] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1843.371509][T24282] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1843.607693][T24282] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1843.739667][T24282] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1843.833163][T24282] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1844.354813][T11677] Bluetooth: hci2: command tx timeout
[ 1844.657096][T24282] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1844.706950][T24282] 8021q: adding VLAN 0 to HW filter on device team0
[ 1844.749787][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1844.756996][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1844.811842][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1844.819025][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1844.919999][T16913] IPVS: starting estimator thread 0...
[ 1845.136460][T24380] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1845.152995][T24385] netlink: 'syz.9.5257': attribute type 72 has an invalid length.
[ 1845.161250][T24385] netlink: 60 bytes leftover after parsing attributes in process `syz.9.5257'.
[ 1845.217800][T16913] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1845.588304][T16913] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1845.606892][T16913] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1845.635115][T16913] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1845.661855][T16913] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1845.708900][T16913] usb 4-1: config 0 descriptor??
[ 1845.931883][T24282] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1845.977610][T24391] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1846.093968][T24391] x_tables: duplicate underflow at hook 2
[ 1846.107557][T24391] cgroup: Bad value for 'name'
[ 1846.194300][T16913] usbhid 4-1:0.0: can't add hid device: -32
[ 1846.228044][T16913] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[ 1846.318892][    T9] usb 4-1: USB disconnect, device number 29
[ 1846.638207][T24403] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5260'.
[ 1847.933082][T24410] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5262'.
[ 1848.274038][T24416] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1848.381733][T24282] veth0_vlan: entered promiscuous mode
[ 1848.461401][T24282] veth1_vlan: entered promiscuous mode
[ 1848.760645][T24282] veth0_macvtap: entered promiscuous mode
[ 1848.819058][T24282] veth1_macvtap: entered promiscuous mode
[ 1848.868510][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1849.004385][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1849.014968][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1849.028368][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1849.039126][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1849.552342][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1849.564000][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1849.659100][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1849.670717][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1849.683827][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1849.700237][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1850.119850][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1850.156405][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1850.169149][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1850.173590][T24433] netlink: 'syz.3.5268': attribute type 72 has an invalid length.
[ 1850.181202][T24282] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1850.194423][T24433] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5268'.
[ 1850.408673][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1850.420333][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1850.437125][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1850.494264][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1850.574202][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1850.665899][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1851.598016][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1851.626982][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1851.637455][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1851.745117][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1851.755842][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1851.767417][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1851.777982][T24282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1851.789188][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1851.815190][T24282] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1851.955197][T24282] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1851.965894][T24282] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1851.975459][T24282] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1852.028059][T24282] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1852.150772][T24442] netlink: 'syz.8.5271': attribute type 9 has an invalid length.
[ 1852.282795][T24282] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1852.305873][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1852.316503][T24282] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[ 1852.327219][T24282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1852.339659][T24445] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5272'.
[ 1852.377020][T15970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1852.385015][T15970] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1852.445929][    T9] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1852.481070][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1852.489850][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1852.538775][T24448] netlink: 'syz.1.5273': attribute type 9 has an invalid length.
[ 1852.586578][    T9] usb 9-1: device descriptor read/64, error -71
[ 1852.886857][ T5936] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1852.966426][    T9] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1853.036643][ T5936] usb 2-1: device descriptor read/64, error -71
[ 1853.523452][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.974781][    T9] usb 9-1: device descriptor read/64, error -71
[ 1854.011126][T24466] tmpfs: Unknown parameter 'nr_inoE3'
[ 1854.027506][ T5936] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1854.160636][    T9] usb usb9-port1: attempt power cycle
[ 1854.281059][ T5936] usb 2-1: device descriptor read/64, error -71
[ 1854.503306][ T5936] usb usb2-port1: attempt power cycle
[ 1854.626334][    T9] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[ 1854.717493][    T9] usb 9-1: device descriptor read/8, error -71
[ 1854.966901][ T5936] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1855.031617][    T9] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1855.058368][ T5936] usb 2-1: device descriptor read/8, error -71
[ 1855.279112][    T9] usb 9-1: device not accepting address 20, error -71
[ 1855.288802][    T9] usb usb9-port1: unable to enumerate USB device
[ 1857.164405][ T5936] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 1857.545256][ T5936] usb 2-1: device descriptor read/8, error -71
[ 1857.696542][ T5936] usb usb2-port1: unable to enumerate USB device
[ 1857.876647][T24549] usb usb8: usbfs: process 24549 (syz.6.5285) did not claim interface 0 before use
[ 1858.007992][T24551] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5284'.
[ 1859.824210][T17573] hid-generic 0005:0007:0002.001E: unexpected long global item
[ 1859.871850][T17573] hid-generic 0005:0007:0002.001E: probe with driver hid-generic failed with error -22
[ 1861.180078][T24581] netlink: 'syz.8.5295': attribute type 72 has an invalid length.
[ 1861.188282][T24581] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5295'.
[ 1861.971826][T24592] vlan2: entered allmulticast mode
[ 1862.007067][T24592] veth1_vlan: entered allmulticast mode
[ 1862.689347][T24596] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5301'.
[ 1862.794941][T24605] netlink: 64 bytes leftover after parsing attributes in process `syz.6.5304'.
[ 1863.795368][T24618] xt_policy: output policy not valid in PREROUTING and INPUT
[ 1864.275022][T24620] netlink: 'syz.3.5308': attribute type 72 has an invalid length.
[ 1864.275039][T24620] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5308'.
[ 1864.380516][T24623] tmpfs: Cannot disable swap on remount
[ 1865.978909][T24640] FAULT_INJECTION: forcing a failure.
[ 1865.978909][T24640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1866.027580][T24640] CPU: 1 UID: 0 PID: 24640 Comm: syz.8.5312 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1866.027609][T24640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1866.027620][T24640] Call Trace:
[ 1866.027627][T24640]  <TASK>
[ 1866.027635][T24640]  dump_stack_lvl+0x241/0x360
[ 1866.027669][T24640]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1866.027695][T24640]  ? __pfx__printk+0x10/0x10
[ 1866.027740][T24640]  ? __pfx_lock_release+0x10/0x10
[ 1866.027766][T24640]  should_fail_ex+0x40a/0x550
[ 1866.027789][T24640]  _copy_from_user+0x2d/0xb0
[ 1866.027806][T24640]  map_lookup_elem+0x4b9/0x780
[ 1866.027832][T24640]  __sys_bpf+0x429/0x810
[ 1866.027852][T24640]  ? __pfx___sys_bpf+0x10/0x10
[ 1866.027883][T24640]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1866.027905][T24640]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1866.027925][T24640]  ? do_syscall_64+0x100/0x230
[ 1866.027952][T24640]  __x64_sys_bpf+0x7c/0x90
[ 1866.027970][T24640]  do_syscall_64+0xf3/0x230
[ 1866.027992][T24640]  ? clear_bhb_loop+0x35/0x90
[ 1866.028018][T24640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1866.028046][T24640] RIP: 0033:0x7ff045f8cde9
[ 1866.028063][T24640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1866.028078][T24640] RSP: 002b:00007ff043dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1866.028097][T24640] RAX: ffffffffffffffda RBX: 00007ff0461a6080 RCX: 00007ff045f8cde9
[ 1866.028110][T24640] RDX: 0000000000000020 RSI: 0000400000001740 RDI: 0000000000000001
[ 1866.028122][T24640] RBP: 00007ff043dd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1866.028133][T24640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1866.028143][T24640] R13: 0000000000000000 R14: 00007ff0461a6080 R15: 00007ffe79f459e8
[ 1866.028170][T24640]  </TASK>
[ 1866.061158][T24642] vlan2: entered allmulticast mode
[ 1866.756337][T24642] veth1_vlan: entered allmulticast mode
[ 1866.881507][T24648] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5316'.
[ 1867.957895][T24658] netlink: 'syz.9.5319': attribute type 72 has an invalid length.
[ 1867.965758][T24658] netlink: 60 bytes leftover after parsing attributes in process `syz.9.5319'.
[ 1868.077917][T24671] input: syz1 as /devices/virtual/input/input44
[ 1869.204063][T24679] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5322'.
[ 1870.320727][T24688] dccp_invalid_packet: P.Data Offset(4) too small
[ 1870.337126][T24690] netlink: 'syz.3.5329': attribute type 39 has an invalid length.
[ 1870.696818][T24695] vlan2: entered allmulticast mode
[ 1870.987787][T24701] netlink: 'syz.3.5333': attribute type 72 has an invalid length.
[ 1870.995660][T24701] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5333'.
[ 1878.486065][T24740] netlink: 32 bytes leftover after parsing attributes in process `syz.8.5343'.
[ 1878.585965][T24748] xt_l2tp: invalid flags combination: 4
[ 1879.463524][T24751] tmpfs: Cannot disable swap on remount
[ 1879.684492][ T5936] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1879.989198][ T5936] usb 2-1: Using ep0 maxpacket: 32
[ 1880.044789][ T5936] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1880.103594][ T5936] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1880.124152][ T5936] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1880.226760][ T5936] usb 2-1: Product: syz
[ 1880.409084][ T5936] usb 2-1: Manufacturer: syz
[ 1880.413738][ T5936] usb 2-1: SerialNumber: syz
[ 1880.427660][ T5936] usb 2-1: config 0 descriptor??
[ 1880.437826][T24770] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1881.737776][ T5936] gs_usb 2-1:0.0: Configuring for 1 interfaces
[ 1881.812808][T24780] FAULT_INJECTION: forcing a failure.
[ 1881.812808][T24780] name failslab, interval 1, probability 0, space 0, times 0
[ 1881.841477][ T5936] gs_usb 2-1:0.0: Couldn't get bit timing const for channel 0 (-EPROTO)
[ 1881.850063][ T5936] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71
[ 1881.881255][T24780] CPU: 1 UID: 0 PID: 24780 Comm: syz.9.5354 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1881.881283][T24780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1881.881294][T24780] Call Trace:
[ 1881.881301][T24780]  <TASK>
[ 1881.881309][T24780]  dump_stack_lvl+0x241/0x360
[ 1881.881341][T24780]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1881.881365][T24780]  ? __pfx__printk+0x10/0x10
[ 1881.881390][T24780]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[ 1881.881412][T24780]  ? __pfx___might_resched+0x10/0x10
[ 1881.881435][T24780]  should_fail_ex+0x40a/0x550
[ 1881.881460][T24780]  should_failslab+0xac/0x100
[ 1881.881482][T24780]  kmem_cache_alloc_node_noprof+0x77/0x380
[ 1881.881502][T24780]  ? __alloc_skb+0x1c3/0x440
[ 1881.881529][T24780]  __alloc_skb+0x1c3/0x440
[ 1881.881556][T24780]  ? __pfx___alloc_skb+0x10/0x10
[ 1881.881581][T24780]  ? netlink_autobind+0xd6/0x2f0
[ 1881.881597][T24780]  ? netlink_autobind+0x2b0/0x2f0
[ 1881.881619][T24780]  netlink_sendmsg+0x638/0xcb0
[ 1881.881646][T24780]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1881.881675][T24780]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1881.881690][T24780]  __sock_sendmsg+0x221/0x270
[ 1881.881714][T24780]  ____sys_sendmsg+0x52a/0x7e0
[ 1881.881739][T24780]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1881.881755][T24780]  ? __fget_files+0x2a/0x410
[ 1881.881778][T24780]  ? __fget_files+0x2a/0x410
[ 1881.881806][T24780]  __sys_sendmsg+0x269/0x350
[ 1881.881828][T24780]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1881.881857][T24780]  ? do_sys_openat2+0x17a/0x1d0
[ 1881.881903][T24780]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1881.881925][T24780]  ? do_syscall_64+0x100/0x230
[ 1881.881949][T24780]  ? do_syscall_64+0xb6/0x230
[ 1881.881972][T24780]  do_syscall_64+0xf3/0x230
[ 1881.881993][T24780]  ? clear_bhb_loop+0x35/0x90
[ 1881.882028][T24780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.882048][T24780] RIP: 0033:0x7ff8c178cde9
[ 1881.882064][T24780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1881.882078][T24780] RSP: 002b:00007ff8c2610038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1881.882097][T24780] RAX: ffffffffffffffda RBX: 00007ff8c19a5fa0 RCX: 00007ff8c178cde9
[ 1881.882110][T24780] RDX: 0000000000000000 RSI: 0000400000001080 RDI: 0000000000000005
[ 1881.882121][T24780] RBP: 00007ff8c2610090 R08: 0000000000000000 R09: 0000000000000000
[ 1881.882132][T24780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1881.882142][T24780] R13: 0000000000000000 R14: 00007ff8c19a5fa0 R15: 00007ffd22e9d218
[ 1881.882167][T24780]  </TASK>
[ 1882.137262][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1882.180044][ T5936] usb 2-1: USB disconnect, device number 60
[ 1882.507683][T24791] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5357'.
[ 1883.157636][T24782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1883.441985][ T5936] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1883.646527][ T5936] usb 2-1: Using ep0 maxpacket: 16
[ 1884.329922][ T5936] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1884.375209][ T5936] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a
[ 1884.394703][ T5936] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1884.415001][ T5936] usb 2-1: Product: syz
[ 1884.419343][ T5936] usb 2-1: Manufacturer: syz
[ 1884.423957][ T5936] usb 2-1: SerialNumber: syz
[ 1884.452201][ T5936] usb 2-1: config 0 descriptor??
[ 1884.526536][ T5936] pegasus_notetaker 2-1:0.0: Invalid number of endpoints
[ 1884.564881][ T5936] pegasus_notetaker 2-1:0.0: probe with driver pegasus_notetaker failed with error -22
[ 1886.768609][T14944] usb 2-1: USB disconnect, device number 61
[ 1887.906507][T24844] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1887.954135][T24839] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5372'.
[ 1888.531536][T24847] Bluetooth: MGMT ver 1.23
[ 1889.504274][T24851] netlink: 'syz.3.5375': attribute type 9 has an invalid length.
[ 1889.846337][    T9] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1890.876722][    T9] usb 4-1: device descriptor read/64, error -71
[ 1891.986318][    T9] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1892.837684][T24884] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1897.077504][T24919] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5385'.
[ 1898.560727][T24936] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5394'.
[ 1901.695410][T24959] netlink: 'syz.3.5401': attribute type 9 has an invalid length.
[ 1902.190074][T24963] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5402'.
[ 1902.903158][ T5933] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1903.298005][ T5933] usb 4-1: device descriptor read/64, error -71
[ 1903.445769][T24980] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5407'.
[ 1903.468061][T24983] IPVS: set_ctl: invalid protocol: 98 255.255.255.255:20004
[ 1903.488140][T24980] bridge0: port 3(netdevsim2) entered blocking state
[ 1903.494880][T24980] bridge0: port 3(netdevsim2) entered disabled state
[ 1903.502871][T24980] netdevsim netdevsim6 netdevsim2: entered allmulticast mode
[ 1903.510988][T24980] netdevsim netdevsim6 netdevsim2: entered promiscuous mode
[ 1903.518599][T24980] bridge0: port 3(netdevsim2) entered blocking state
[ 1903.525306][T24980] bridge0: port 3(netdevsim2) entered forwarding state
[ 1903.536313][ T5933] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1903.896321][ T5933] usb 4-1: device descriptor read/64, error -71
[ 1904.159431][ T5933] usb usb4-port1: attempt power cycle
[ 1904.476353][T24999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5411'.
[ 1904.608438][ T5933] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1904.735287][ T5933] usb 4-1: device descriptor read/8, error -71
[ 1905.580474][T25007] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5415'.
[ 1905.942000][   T29] audit: type=1326 audit(1739397098.979:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25006 comm="syz.9.5415" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8c178cde9 code=0x0
[ 1906.952352][T25021] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5417'.
[ 1907.736654][T25027] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5419'.
[ 1910.693816][T25054] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5427'.
[ 1912.554285][T25070] netlink: 'syz.8.5433': attribute type 72 has an invalid length.
[ 1912.562861][T25070] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5433'.
[ 1914.864356][T25089] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5432'.
[ 1914.975545][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1916.676453][T25107] xt_policy: output policy not valid in PREROUTING and INPUT
[ 1917.345129][T25110] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5444'.
[ 1921.903181][T25147] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5457'.
[ 1922.156434][T25153] xt_policy: output policy not valid in PREROUTING and INPUT
[ 1924.285433][T25166] xt_bpf: check failed: parse error
[ 1924.453254][T25173] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5465'.
[ 1924.670879][T25176] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5463'.
[ 1925.919919][T25188] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5470'.
[ 1926.548872][    T9] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1926.888491][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1926.903798][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1926.934074][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0221, bcdDevice= 0.00
[ 1926.993653][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1927.028293][    T9] usb 2-1: config 0 descriptor??
[ 1928.120781][    T9] usbhid 2-1:0.0: can't add hid device: -71
[ 1928.130033][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1928.148029][    T9] usb 2-1: USB disconnect, device number 62
[ 1928.311576][T25203] netlink: 'syz.9.5476': attribute type 12 has an invalid length.
[ 1928.336479][T25203] netlink: 'syz.9.5476': attribute type 29 has an invalid length.
[ 1928.344488][T25203] netlink: 148 bytes leftover after parsing attributes in process `syz.9.5476'.
[ 1928.366295][T25203] netlink: 'syz.9.5476': attribute type 2 has an invalid length.
[ 1928.384320][T25203] netlink: 43 bytes leftover after parsing attributes in process `syz.9.5476'.
[ 1932.718544][T25238] Bluetooth: hci4: command 0x0406 tx timeout
[ 1934.441798][T25264] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5489'.
[ 1936.353208][T25281] netlink: 'syz.8.5498': attribute type 9 has an invalid length.
[ 1936.619924][ T5936] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1937.126382][ T5936] usb 9-1: device descriptor read/64, error -71
[ 1937.210731][T25289] netlink: 64 bytes leftover after parsing attributes in process `syz.9.5501'.
[ 1937.753931][T25238] Bluetooth: hci0: command 0x0406 tx timeout
[ 1938.086466][ T5936] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1938.306358][ T5936] usb 9-1: device descriptor read/64, error -71
[ 1938.427183][ T5936] usb usb9-port1: attempt power cycle
[ 1939.526385][ T5936] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1939.557713][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1939.564870][ T5936] usb 9-1: device descriptor read/8, error -32
[ 1941.698030][T25345] netlink: 'syz.3.5515': attribute type 32 has an invalid length.
[ 1951.853711][T25440] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1952.107142][T25446] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5541'.
[ 1952.134880][T25446] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5541'.
[ 1952.673304][T25443] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1954.560629][T25474] netlink: 'syz.1.5547': attribute type 9 has an invalid length.
[ 1955.557156][ T5933] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1956.056272][ T5933] usb 2-1: device descriptor read/64, error -71
[ 1956.415897][ T5933] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1956.716675][ T5933] usb 2-1: device descriptor read/64, error -71
[ 1956.874300][ T5933] usb usb2-port1: attempt power cycle
[ 1957.572848][T25495] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5550'.
[ 1957.759980][ T5933] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1957.938309][ T5933] usb 2-1: device descriptor read/8, error -71
[ 1958.019711][T11677] Bluetooth: hci2: command 0x0406 tx timeout
[ 1959.161169][T25510] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5556'.
[ 1959.208289][T25510] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5556'.
[ 1963.173941][ T5933] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1963.905570][ T5933] usb 9-1: device descriptor read/64, error -71
[ 1964.965322][ T5933] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1965.156332][ T5933] usb 9-1: device descriptor read/64, error -71
[ 1965.281360][T25575] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1965.410388][ T5933] usb usb9-port1: attempt power cycle
[ 1965.987813][T25581] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5573'.
[ 1966.861900][T25590] netlink: 72 bytes leftover after parsing attributes in process `syz.8.5574'.
[ 1966.923498][T25592] netlink: 'syz.9.5575': attribute type 1 has an invalid length.
[ 1966.946435][T25592] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5575'.
[ 1969.586590][T25619] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1969.617987][T25618] xt_policy: output policy not valid in PREROUTING and INPUT
[ 1969.667736][T25616] Falling back ldisc for ttyS3.
[ 1969.893507][T25626] netlink: 'syz.1.5585': attribute type 13 has an invalid length.
[ 1969.901507][T25626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5585'.
[ 1970.464545][T25632] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5586'.
[ 1970.994924][T25636] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1971.026747][T25640] netlink: 72 bytes leftover after parsing attributes in process `syz.1.5589'.
[ 1974.653997][T25666] xt_policy: output policy not valid in PREROUTING and INPUT
[ 1976.036514][T25683] FAULT_INJECTION: forcing a failure.
[ 1976.036514][T25683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1976.049748][T25683] CPU: 0 UID: 0 PID: 25683 Comm: syz.6.5601 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 1976.049771][T25683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1976.049782][T25683] Call Trace:
[ 1976.049789][T25683]  <TASK>
[ 1976.049796][T25683]  dump_stack_lvl+0x241/0x360
[ 1976.049829][T25683]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1976.049853][T25683]  ? __pfx__printk+0x10/0x10
[ 1976.049878][T25683]  ? __pfx_lock_release+0x10/0x10
[ 1976.049907][T25683]  should_fail_ex+0x40a/0x550
[ 1976.049930][T25683]  _copy_from_user+0x2d/0xb0
[ 1976.049949][T25683]  do_tcp_setsockopt+0x29e/0x2540
[ 1976.049978][T25683]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[ 1976.050010][T25683]  ? __pfx_lock_acquire+0x10/0x10
[ 1976.050030][T25683]  ? tcp_setsockopt+0x3e/0xf0
[ 1976.050055][T25683]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1976.050076][T25683]  do_sock_setsockopt+0x3af/0x720
[ 1976.050106][T25683]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1976.050134][T25683]  ? __fget_files+0x395/0x410
[ 1976.050154][T25683]  ? __fget_files+0x2a/0x410
[ 1976.050182][T25683]  __x64_sys_setsockopt+0x1ee/0x280
[ 1976.050212][T25683]  do_syscall_64+0xf3/0x230
[ 1976.050233][T25683]  ? clear_bhb_loop+0x35/0x90
[ 1976.050258][T25683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1976.050279][T25683] RIP: 0033:0x7f10a678cde9
[ 1976.050295][T25683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1976.050308][T25683] RSP: 002b:00007f10a45d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1976.050327][T25683] RAX: ffffffffffffffda RBX: 00007f10a69a6160 RCX: 00007f10a678cde9
[ 1976.050340][T25683] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000003
[ 1976.050351][T25683] RBP: 00007f10a45d5090 R08: 00000000000000c7 R09: 0000000000000000
[ 1976.050362][T25683] R10: 00004000000001c0 R11: 0000000000000246 R12: 0000000000000001
[ 1976.050373][T25683] R13: 0000000000000000 R14: 00007f10a69a6160 R15: 00007ffe4eef23e8
[ 1976.050400][T25683]  </TASK>
[ 1976.456708][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.709496][T25684] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1978.270539][T25696] netlink: 72 bytes leftover after parsing attributes in process `syz.9.5603'.
[ 1982.168183][T25742] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5609'.
[ 1983.657216][T25755] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1983.664651][T25755] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1983.822667][T25755] bridge0: entered promiscuous mode
[ 1983.848940][T25755] bridge0: entered allmulticast mode
[ 1984.267535][T24042] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1984.537802][T24042] usb 4-1: Using ep0 maxpacket: 8
[ 1984.568313][T24042] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1984.624114][T24042] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1984.656782][T24042] usb 4-1: New USB device found, idVendor=0421, idProduct=008f, bcdDevice=ba.de
[ 1984.665953][T24042] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1984.747525][T24042] usb 4-1: config 0 descriptor??
[ 1985.089110][T24042] usb 4-1: USB disconnect, device number 36
[ 1987.273754][T25799] nfs: Unknown parameter 'ðÝàë'
[ 1987.808867][T25806] openvswitch: netlink: ufid size 95 bytes exceeds the range (1, 16)
[ 2007.832038][T25961] vlan3: entered promiscuous mode
[ 2007.848946][T25961] vlan3: entered allmulticast mode
[ 2007.854117][T25961] hsr_slave_1: entered allmulticast mode
[ 2008.081747][T25973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5676'.
[ 2008.107249][T25238] Bluetooth: hci3: SCO packet for unknown connection handle 200
[ 2008.286495][T24040] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 2008.836218][T24040] usb 10-1: Using ep0 maxpacket: 8
[ 2008.844998][T24040] usb 10-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76
[ 2008.868019][T25973] hsr_slave_1 (unregistering): left allmulticast mode
[ 2008.886481][T24040] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2008.964280][T24040] usb 10-1: Product: syz
[ 2008.996519][T24040] usb 10-1: Manufacturer: syz
[ 2009.019365][T24040] usb 10-1: SerialNumber: syz
[ 2009.038182][T25973] hsr_slave_1 (unregistering): left promiscuous mode
[ 2009.069637][T24040] usb 10-1: config 0 descriptor??
[ 2009.102057][T24040] gspca_main: ALi m5602-2.14.0 probing 0402:5602
[ 2009.308870][T24040] gspca_m5602: Failed to find a sensor
[ 2009.314518][T24040] ALi m5602 10-1:0.0: ALi m5602 webcam failed
[ 2009.386906][T24040] usb 10-1: USB disconnect, device number 2
[ 2013.522949][T25997] delete_channel: no stack
[ 2013.530645][T25997] delete_channel: no stack
[ 2014.381982][T24048] usb 2-1: new full-speed USB device number 67 using dummy_hcd
[ 2015.920247][T24048] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[ 2015.972573][T24048] usb 2-1: config 0 has no interface number 0
[ 2015.990554][T24048] usb 2-1: config 0 interface 2 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 10
[ 2016.032398][T24048] usb 2-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid maxpacket 188, setting to 64
[ 2016.871448][T24048] usb 2-1: string descriptor 0 read error: -71
[ 2016.880860][T24048] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[ 2016.893195][T24048] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 2016.903834][T24048] usb 2-1: config 0 descriptor??
[ 2016.936747][T24048] usb 2-1: can't set config #0, error -71
[ 2016.948728][T24048] usb 2-1: USB disconnect, device number 67
[ 2019.166978][ T5933] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 2019.357770][ T5933] usb 4-1: config 0 has an invalid interface association descriptor of length 7, skipping
[ 2019.378208][ T5933] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2019.410446][ T5933] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[ 2019.436338][ T5933] usb 4-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9
[ 2019.464101][ T5933] usb 4-1: Manufacturer: syz
[ 2019.469080][ T5933] usb 4-1: SerialNumber: syz
[ 2019.487137][ T5933] usb 4-1: config 0 descriptor??
[ 2019.497394][ T5933] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[ 2019.666439][ T5933] usb 4-1: No valid video chain found.
[ 2021.367580][ T5933] usb 4-1: USB disconnect, device number 37
[ 2021.735577][T26054] IPv6: Can't replace route, no match found
[ 2025.535171][T26075] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5705'.
[ 2027.770946][T26095] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5711'.
[ 2028.166797][T24048] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[ 2028.344832][T24048] usb 10-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[ 2028.374481][T24048] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2028.411820][T24048] usb 10-1: Product: syz
[ 2028.431025][T24048] usb 10-1: Manufacturer: syz
[ 2028.451361][T24048] usb 10-1: SerialNumber: syz
[ 2028.482198][T24048] usb 10-1: config 0 descriptor??
[ 2028.525511][T24048] comedi comedi0: This driver needs USB 2.0 to operate. Aborting...
[ 2028.550026][T24048] usbduxfast 10-1:0.0: driver 'usbduxfast' failed to auto-configure device.
[ 2029.594866][T24048] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 2030.468464][T24048] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2030.502160][T24048] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2030.550535][T24048] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 2030.586940][T24048] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2030.621785][T24048] usb 4-1: config 0 descriptor??
[ 2030.705043][T26133] netlink: 'syz.1.5722': attribute type 15 has an invalid length.
[ 2030.713465][T26133] netlink: 45 bytes leftover after parsing attributes in process `syz.1.5722'.
[ 2030.754720][ T5933] usb 10-1: USB disconnect, device number 3
[ 2030.770712][T26134] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5723'.
[ 2031.490396][T24048] hid-led 0003:27B8:01ED.001F: probe with driver hid-led failed with error -71
[ 2031.537322][T24048] usb 4-1: USB disconnect, device number 38
[ 2031.542595][T26139] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5725'.
[ 2031.627971][T26139] team_slave_0: entered promiscuous mode
[ 2031.634132][T26139] team_slave_1: entered promiscuous mode
[ 2031.642543][T26146] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5725'.
[ 2031.656612][T26139] macvtap1: entered promiscuous mode
[ 2031.664802][T26139] team0: entered promiscuous mode
[ 2031.676994][T26139] macvtap1: entered allmulticast mode
[ 2031.729788][T26139] team0: entered allmulticast mode
[ 2031.749878][T26139] team_slave_0: entered allmulticast mode
[ 2031.787202][T26139] team_slave_1: entered allmulticast mode
[ 2031.877387][T26139] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 2031.922751][T26146] team0: left allmulticast mode
[ 2031.927771][T26146] team_slave_0: left allmulticast mode
[ 2031.942259][T26146] team_slave_1: left allmulticast mode
[ 2031.954764][T26152] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5727'.
[ 2031.973936][T26146] team0: left promiscuous mode
[ 2032.010837][T26146] team_slave_0: left promiscuous mode
[ 2032.016640][T26146] team_slave_1: left promiscuous mode
[ 2032.285180][T26156] bridge0: port 3(netdevsim2) entered blocking state
[ 2032.292022][T26156] bridge0: port 3(netdevsim2) entered disabled state
[ 2032.298992][T26156] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[ 2032.307268][T26156] netdevsim netdevsim3 netdevsim2: entered promiscuous mode
[ 2139.086077][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2139.093087][    C0] rcu: 	1-...!: (0 ticks this GP) idle=ac74/1/0x4000000000000000 softirq=107044/107044 fqs=0
[ 2139.105283][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P24002/1:b..l P24506/1:b..l
[ 2139.114538][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=126185, q=118 ncpus=2)
[ 2139.122363][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 2139.122407][    C1] NMI backtrace for cpu 1
[ 2139.122422][    C1] CPU: 1 UID: 0 PID: 26131 Comm: syz.1.5722 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0
[ 2139.122440][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 2139.122451][    C1] RIP: 0010:__lock_acquire+0x6bc/0x2100
[ 2139.122477][    C1] Code: 04 ee 48 89 44 24 38 40 84 ed 4c 8b 6c 24 40 0f 84 7e 04 00 00 0f b6 1b 41 0f b6 04 16 84 c0 0f 85 64 12 00 00 41 f6 47 01 80 <0f> 85 63 04 00 00 4c 89 64 24 48 84 db 40 0f b6 c5 0f b6 cb 0f 44
[ 2139.122491][    C1] RSP: 0018:ffffc90000a188f0 EFLAGS: 00000046
[ 2139.122505][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff819ab527
[ 2139.122515][    C1] RDX: dffffc0000000000 RSI: ffff888030770af0 RDI: ffffffff942c6840
[ 2139.122527][    C1] RBP: 0000000000000002 R08: ffffffff942c6847 R09: 1ffffffff2858d08
[ 2139.122538][    C1] R10: dffffc0000000000 R11: fffffbfff2858d09 R12: ffff888030770ad4
[ 2139.122550][    C1] R13: ffff888030770000 R14: 1ffff110060ee167 R15: ffff888030770b38
[ 2139.122563][    C1] FS:  00007f838c9f66c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 2139.122577][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2139.122588][    C1] CR2: 0000000000000000 CR3: 0000000027860000 CR4: 00000000003526f0
[ 2139.122602][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2139.122611][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2139.122621][    C1] Call Trace:
[ 2139.122629][    C1]  <NMI>
[ 2139.122637][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 2139.122658][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 2139.122678][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2139.122701][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 2139.122718][    C1]  ? nmi_handle+0x14f/0x5a0
[ 2139.122739][    C1]  ? nmi_handle+0x2a/0x5a0
[ 2139.122760][    C1]  ? __lock_acquire+0x6bc/0x2100
[ 2139.122778][    C1]  ? default_do_nmi+0x63/0x160
[ 2139.122795][    C1]  ? exc_nmi+0x123/0x1f0
[ 2139.122810][    C1]  ? end_repeat_nmi+0xf/0x53
[ 2139.122833][    C1]  ? __lock_acquire+0x5b7/0x2100
[ 2139.122852][    C1]  ? __lock_acquire+0x6bc/0x2100
[ 2139.122878][    C1]  ? __lock_acquire+0x6bc/0x2100
[ 2139.122897][    C1]  ? __lock_acquire+0x6bc/0x2100
[ 2139.122916][    C1]  </NMI>
[ 2139.122922][    C1]  <IRQ>
[ 2139.122934][    C1]  lock_acquire+0x1ed/0x550
[ 2139.122952][    C1]  ? debug_object_activate+0x17f/0x580
[ 2139.122973][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 2139.122991][    C1]  ? __lock_acquire+0x1397/0x2100
[ 2139.123017][    C1]  _raw_spin_lock_irqsave+0xd5/0x120
[ 2139.123035][    C1]  ? debug_object_activate+0x17f/0x580
[ 2139.123052][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 2139.123073][    C1]  debug_object_activate+0x17f/0x580
[ 2139.123091][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2139.123107][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[ 2139.123123][    C1]  ? advance_sched+0xa02/0xca0
[ 2139.123142][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[ 2139.123159][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 2139.123178][    C1]  enqueue_hrtimer+0x30/0x3c0
[ 2139.123203][    C1]  __hrtimer_run_queues+0x6cb/0xd30
[ 2139.123235][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 2139.123257][    C1]  ? sched_clock+0x4a/0x70
[ 2139.123273][    C1]  ? read_tsc+0x9/0x20
[ 2139.123287][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[ 2139.123308][    C1]  hrtimer_interrupt+0x403/0xa40
[ 2139.123338][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[ 2139.123361][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 2139.123380][    C1]  </IRQ>
[ 2139.123386][    C1]  <TASK>
[ 2139.123392][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2139.123413][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[ 2139.123436][    C1] Code: c9 50 e8 49 0a 0c 00 48 83 c4 08 4c 89 f7 e8 fd 39 00 00 e9 de 04 00 00 4c 89 f7 e8 90 2d 62 0a e8 8b 75 38 00 fb 48 8b 5d c0 <48> 8d bb 08 16 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[ 2139.123448][    C1] RSP: 0018:ffffc9000334f588 EFLAGS: 00000282
[ 2139.123461][    C1] RAX: b71eb0e02fb8e400 RBX: ffff888030770000 RCX: ffffffff9a3cd903
[ 2139.123473][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aa680 RDI: ffffffff8c5fb900
[ 2139.123484][    C1] RBP: ffffc9000334f5d0 R08: ffffffff901a3677 R09: 1ffffffff20346ce
[ 2139.123495][    C1] R10: dffffc0000000000 R11: fffffbfff20346cf R12: 1ffff110170e7ebe
[ 2139.123507][    C1] R13: dffffc0000000000 R14: ffff8880b863e7c0 R15: ffff8880b873f5f0
[ 2139.123525][    C1]  ? finish_task_switch+0x1e5/0x870
[ 2139.123549][    C1]  __schedule+0x18c4/0x4c40
[ 2139.123576][    C1]  ? __pfx___schedule+0x10/0x10
[ 2139.123594][    C1]  ? __pfx_lock_release+0x10/0x10
[ 2139.123618][    C1]  ? schedule+0x90/0x320
[ 2139.123634][    C1]  schedule+0x14b/0x320
[ 2139.123652][    C1]  schedule_timeout+0xb0/0x290
[ 2139.123667][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 2139.123682][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2139.123705][    C1]  ? wait_for_completion+0x2fe/0x620
[ 2139.123724][    C1]  ? wait_for_completion+0x2fe/0x620
[ 2139.123741][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2139.123758][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 2139.123777][    C1]  ? wait_for_completion+0x2fe/0x620
[ 2139.123796][    C1]  wait_for_completion+0x355/0x620
[ 2139.123814][    C1]  ? __smp_call_single_queue+0x11a/0x3a0
[ 2139.123841][    C1]  ? __pfx_wait_for_completion+0x10/0x10
[ 2139.123863][    C1]  ? smp_call_function_single_async+0xb4/0x110
[ 2139.123891][    C1]  rdmsr_safe_on_cpu+0x16c/0x310
[ 2139.123916][    C1]  ? __pfx_rdmsr_safe_on_cpu+0x10/0x10
[ 2139.123939][    C1]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[ 2139.123962][    C1]  ? __pfx_lock_release+0x10/0x10
[ 2139.123985][    C1]  ? __might_fault+0xaa/0x120
[ 2139.124007][    C1]  ? __might_fault+0xc6/0x120
[ 2139.124032][    C1]  msr_read+0x15d/0x260
[ 2139.124055][    C1]  ? __pfx_msr_read+0x10/0x10
[ 2139.124076][    C1]  ? bpf_lsm_file_permission+0x9/0x10
[ 2139.124092][    C1]  ? rw_verify_area+0x243/0x630
[ 2139.124114][    C1]  ? __pfx_msr_read+0x10/0x10
[ 2139.124136][    C1]  vfs_read+0x1f8/0xb40
[ 2139.124162][    C1]  ? __pfx_vfs_read+0x10/0x10
[ 2139.124186][    C1]  ? __fget_files+0x2a/0x410
[ 2139.124205][    C1]  ? __fget_files+0x395/0x410
[ 2139.124223][    C1]  ? __fget_files+0x2a/0x410
[ 2139.124246][    C1]  ksys_read+0x18f/0x2b0
[ 2139.124260][    C1]  ? __pfx_ksys_read+0x10/0x10
[ 2139.124274][    C1]  ? do_syscall_64+0x100/0x230
[ 2139.124296][    C1]  ? do_syscall_64+0xb6/0x230
[ 2139.124317][    C1]  do_syscall_64+0xf3/0x230
[ 2139.124337][    C1]  ? clear_bhb_loop+0x35/0x90
[ 2139.124360][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2139.124381][    C1] RIP: 0033:0x7f838eb8cde9
[ 2139.124395][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2139.124408][    C1] RSP: 002b:00007f838c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2139.124422][    C1] RAX: ffffffffffffffda RBX: 00007f838eda5fa0 RCX: 00007f838eb8cde9
[ 2139.124434][    C1] RDX: 0000000000018ff8 RSI: 0000400000019680 RDI: 0000000000000005
[ 2139.124445][    C1] RBP: 00007f838ec0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 2139.124455][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2139.124464][    C1] R13: 0000000000000000 R14: 00007f838eda5fa0 R15: 00007fff313127a8
[ 2139.124481][    C1]  </TASK>
[ 2139.125402][    C0] task:kworker/u8:13   state:R  running task     stack:21136 pid:24506 tgid:24506 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 2139.835001][    C0] Workqueue: bat_events batadv_nc_worker
[ 2139.840657][    C0] Call Trace:
[ 2139.843940][    C0]  <TASK>
[ 2139.846881][    C0]  __schedule+0x18bc/0x4c40
[ 2139.851404][    C0]  ? validate_chain+0x11e/0x5920
[ 2139.856380][    C0]  ? __pfx___schedule+0x10/0x10
[ 2139.861249][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2139.867257][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[ 2139.872553][    C0]  preempt_schedule_irq+0xfb/0x1c0
[ 2139.877674][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 2139.883418][    C0]  irqentry_exit+0x5e/0x90
[ 2139.887849][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2139.893318][    C0] RIP: 0010:lock_acquire+0x264/0x550
[ 2139.898612][    C0] Code: 2b 00 74 08 4c 89 f7 e8 1a b6 88 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 2139.918223][    C0] RSP: 0018:ffffc900041078e0 EFLAGS: 00000206
[ 2139.924317][    C0] RAX: 0000000000000001 RBX: 1ffff92000820f28 RCX: ffff88801eba8ae8
[ 2139.932306][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c5fb900
[ 2139.940291][    C0] RBP: ffffc90004107a30 R08: ffffffff942c6847 R09: 1ffffffff2858d08
[ 2139.948288][    C0] R10: dffffc0000000000 R11: fffffbfff2858d09 R12: 1ffff92000820f24
[ 2139.956279][    C0] R13: dffffc0000000000 R14: ffffc90004107940 R15: 0000000000000246
[ 2139.964293][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 2139.969337][    C0]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 2139.975154][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 2139.980543][    C0]  ? __pfx_lock_release+0x10/0x10
[ 2139.985588][    C0]  ? batadv_nc_purge_paths+0x312/0x3b0
[ 2139.991072][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 2139.996452][    C0]  ? __pfx_batadv_nc_to_purge_nc_path_decoding+0x10/0x10
[ 2140.003486][    C0]  ? __pfx_batadv_nc_fwd_flush+0x10/0x10
[ 2140.009126][    C0]  batadv_nc_process_nc_paths+0xd6/0x3a0
[ 2140.014768][    C0]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 2140.020584][    C0]  ? batadv_nc_process_nc_paths+0xb5/0x3a0
[ 2140.026402][    C0]  batadv_nc_worker+0x42a/0x610
[ 2140.031267][    C0]  ? process_scheduled_works+0x976/0x1840
[ 2140.036995][    C0]  process_scheduled_works+0xa66/0x1840
[ 2140.042582][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2140.048579][    C0]  ? assign_work+0x364/0x3d0
[ 2140.053186][    C0]  worker_thread+0x870/0xd30
[ 2140.057803][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 2140.062839][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2140.067959][    C0]  kthread+0x7a9/0x920
[ 2140.072052][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.076655][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2140.081773][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.086375][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.090978][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.095577][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2140.100783][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 2140.105990][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.110594][    C0]  ret_from_fork+0x4b/0x80
[ 2140.115018][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.119623][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2140.124407][    C0]  </TASK>
[ 2140.127433][    C0] task:syz-executor    state:R  running task     stack:19888 pid:24002 tgid:24002 ppid:23983  task_flags:0x400140 flags:0x00004000
[ 2140.140927][    C0] Call Trace:
[ 2140.144208][    C0]  <TASK>
[ 2140.147148][    C0]  __schedule+0x18bc/0x4c40
[ 2140.151682][    C0]  ? __pfx___schedule+0x10/0x10
[ 2140.156544][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2140.162542][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[ 2140.167840][    C0]  preempt_schedule_irq+0xfb/0x1c0
[ 2140.172960][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 2140.178710][    C0]  irqentry_exit+0x5e/0x90
[ 2140.183135][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2140.188609][    C0] RIP: 0010:lock_acquire+0x264/0x550
[ 2140.193914][    C0] Code: 2b 00 74 08 4c 89 f7 e8 1a b6 88 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 2140.213524][    C0] RSP: 0018:ffffc90005137640 EFLAGS: 00000206
[ 2140.219598][    C0] RAX: 0000000000000001 RBX: 1ffff92000a26ed4 RCX: ffff88806b5c64e8
[ 2140.227577][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c5fb900
[ 2140.235554][    C0] RBP: ffffc90005137790 R08: ffffffff942c6847 R09: 1ffffffff2858d08
[ 2140.243547][    C0] R10: dffffc0000000000 R11: fffffbfff2858d09 R12: 1ffff92000a26ed0
[ 2140.251543][    C0] R13: dffffc0000000000 R14: ffffc900051376a0 R15: 0000000000000246
[ 2140.259572][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 2140.264627][    C0]  ? validate_chain+0x11e/0x5920
[ 2140.269587][    C0]  ? deref_stack_reg+0x17c/0x210
[ 2140.274544][    C0]  ? stack_trace_save+0x118/0x1d0
[ 2140.279580][    C0]  ? unwind_next_frame+0x18e6/0x22d0
[ 2140.284883][    C0]  ? deref_stack_reg+0x17c/0x210
[ 2140.289841][    C0]  ? preempt_count_add+0x93/0x190
[ 2140.294881][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2140.301055][    C0]  is_bpf_text_address+0x46/0x2a0
[ 2140.306093][    C0]  ? is_bpf_text_address+0x26/0x2a0
[ 2140.311301][    C0]  ? is_bpf_text_address+0x26/0x2a0
[ 2140.316510][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2140.322673][    C0]  kernel_text_address+0xa7/0xe0
[ 2140.327627][    C0]  __kernel_text_address+0xd/0x40
[ 2140.332668][    C0]  unwind_get_return_address+0x4d/0x90
[ 2140.338141][    C0]  arch_stack_walk+0xfd/0x150
[ 2140.342844][    C0]  stack_trace_save+0x118/0x1d0
[ 2140.347707][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 2140.353102][    C0]  ? __d_alloc+0x31/0x670
[ 2140.357447][    C0]  kasan_save_track+0x3f/0x80
[ 2140.362133][    C0]  ? kasan_save_track+0x3f/0x80
[ 2140.366987][    C0]  ? __kasan_slab_alloc+0x66/0x80
[ 2140.372017][    C0]  ? kmem_cache_alloc_lru_noprof+0x1dd/0x390
[ 2140.378009][    C0]  ? __d_alloc+0x31/0x670
[ 2140.382348][    C0]  ? d_alloc_pseudo+0x1f/0xb0
[ 2140.387036][    C0]  ? alloc_file_pseudo+0x141/0x320
[ 2140.392163][    C0]  ? sock_alloc_file+0xb7/0x2e0
[ 2140.397023][    C0]  ? __sys_socket+0x1dd/0x3c0
[ 2140.401713][    C0]  ? __x64_sys_socket+0x7a/0x90
[ 2140.406579][    C0]  ? do_syscall_64+0xf3/0x230
[ 2140.411270][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2140.417393][    C0]  __kasan_slab_alloc+0x66/0x80
[ 2140.422253][    C0]  ? d_alloc+0x111/0x190
[ 2140.426512][    C0]  kmem_cache_alloc_lru_noprof+0x1dd/0x390
[ 2140.432337][    C0]  __d_alloc+0x31/0x670
[ 2140.436512][    C0]  d_alloc_pseudo+0x1f/0xb0
[ 2140.441029][    C0]  alloc_file_pseudo+0x141/0x320
[ 2140.445985][    C0]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 2140.451456][    C0]  ? _raw_spin_unlock+0x28/0x50
[ 2140.456316][    C0]  ? alloc_fd+0x61a/0x690
[ 2140.460660][    C0]  sock_alloc_file+0xb7/0x2e0
[ 2140.465351][    C0]  __sys_socket+0x1dd/0x3c0
[ 2140.469867][    C0]  ? __pfx___sys_socket+0x10/0x10
[ 2140.474906][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2140.481271][    C0]  ? do_syscall_64+0x100/0x230
[ 2140.486057][    C0]  __x64_sys_socket+0x7a/0x90
[ 2140.490755][    C0]  do_syscall_64+0xf3/0x230
[ 2140.495270][    C0]  ? clear_bhb_loop+0x35/0x90
[ 2140.499965][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2140.505868][    C0] RIP: 0033:0x7fd62838ed07
[ 2140.510288][    C0] RSP: 002b:00007ffc421c1498 EFLAGS: 00000206 ORIG_RAX: 0000000000000029
[ 2140.518712][    C0] RAX: ffffffffffffffda RBX: 00007fd6285762e0 RCX: 00007fd62838ed07
[ 2140.526698][    C0] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[ 2140.534677][    C0] RBP: 00007ffc421c1bbc R08: 0000000000000000 R09: 00007ffc421c18c7
[ 2140.542652][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000067
[ 2140.550635][    C0] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007ffc421c1c10
[ 2140.558627][    C0]  </TASK>
[ 2140.561656][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g126185 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 2140.574069][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=129949
[ 2140.582044][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g126185 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 2140.593501][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 2140.603818][    C0] rcu: RCU grace-period kthread stack dump:
[ 2140.609708][    C0] task:rcu_preempt     state:I stack:25784 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[ 2140.621644][    C0] Call Trace:
[ 2140.624926][    C0]  <TASK>
[ 2140.627867][    C0]  __schedule+0x18bc/0x4c40
[ 2140.632406][    C0]  ? __pfx___schedule+0x10/0x10
[ 2140.637272][    C0]  ? __pfx_lock_release+0x10/0x10
[ 2140.642318][    C0]  ? __pfx___mod_timer+0x10/0x10
[ 2140.647263][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2140.653608][    C0]  ? schedule+0x90/0x320
[ 2140.657867][    C0]  schedule+0x14b/0x320
[ 2140.662034][    C0]  schedule_timeout+0x15a/0x290
[ 2140.666896][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 2140.672275][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 2140.677580][    C0]  ? prepare_to_swait_event+0x330/0x350
[ 2140.683137][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2140.688351][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[ 2140.693211][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 2140.698426][    C0]  ? rcu_gp_init+0x1256/0x1630
[ 2140.703205][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 2140.708156][    C0]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[ 2140.714061][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 2140.719355][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2140.725263][    C0]  ? finish_swait+0xd4/0x1e0
[ 2140.729862][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2140.735071][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 2140.739677][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2140.744886][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2140.750794][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 2140.755832][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2140.761044][    C0]  kthread+0x7a9/0x920
[ 2140.765122][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.769729][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2140.774940][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.779542][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.784146][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.788747][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2140.793952][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 2140.799159][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.803758][    C0]  ret_from_fork+0x4b/0x80
[ 2140.808182][    C0]  ? __pfx_kthread+0x10/0x10
[ 2140.812782][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2140.817568][    C0]  </TASK>